https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97696
Bug ID: 97696 Summary: ICE since ASAN_MARK does not handle poly_int sized varibales Product: gcc Version: 11.0 Status: UNCONFIRMED Keywords: ice-checking Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: matmal01 at gcc dot gnu.org CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org Target Milestone: --- Target: aarch64 asan_expand_mark_ifn asserts that the length to check is a SHWI. (i.e. it uses `gcc_assert (tree_fits_shwi_p (len))` ). It attempts to ensure this by avoiding VLA's in `gimplify_decl_expr`. poly_int sized decls were added, and they were not treated as VLA's since commit 22b62991 (SVN r275870). Since then, poly_int sized variables can have ASAN_MARK called on them, which means the `len` parameter of ASAN_MARK can be a poly_int causing an ICE in asan_expand_mark_ifn (n.b. in order to emit an ASAN_CHECK on a poly_int sized variable so that the ASAN_MARK is not removed in the sanopt pass we need to pass the poly_int sized variable to a builtin memory function). An example (modified from gcc/testsuite/c-c++-common/asan/pr80308.c): (v3) work-lin:gcc [Tue 12:25:10] % cat ~/asan-ice.c #include <arm_sve.h> __attribute__((noinline, noclone)) int foo (char *a) { int i, j = 0; asm volatile ("" : "+r" (a) : : "memory"); for (i = 0; i < 12; i++) j += a[i]; return j; } int main () { int i, j = 0; for (i = 0; i < 4; i++) { char a[12]; __SVInt8_t freq; __builtin_bcmp (&freq, a, 10); __builtin_memset (a, 0, sizeof (a)); j += foo (a); } return j; } (v3) work-lin:gcc [Tue 12:31:53] % /installdir/aarch64-none-linux-gnu/bin/aarch64-none-linux-gnu-gcc -march=armv8.6-a+sve -fsanitize=address -fsanitize-address-use-after-scope ~/asan-ice.c -S -o /dev/null during GIMPLE pass: sanopt /home/matmal01/asan-ice.c: In function ‘main’: /home/matmal01/asan-ice.c:14:1: internal compiler error: in asan_expand_mark_ifn, at asan.c:3235 14 | main () | ^~~~ 0xdde454 asan_expand_mark_ifn(gimple_stmt_iterator*) /builddir/src/gcc/gcc/asan.c:3235 0xdf6b7a execute /builddir/src/gcc/gcc/sanopt.c:1341 Please submit a full bug report, with preprocessed source if appropriate. Please include the complete backtrace with any bug report. See <https://gcc.gnu.org/bugs/> for instructions.