public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug middle-end/23408] New: ICE on valid, if checking enabled
@ 2005-08-15 21:31 e9925248 at stud4 dot tuwien dot ac dot at
2005-08-15 21:38 ` [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory) pinskia at gcc dot gnu dot org
` (7 more replies)
0 siblings, 8 replies; 10+ messages in thread
From: e9925248 at stud4 dot tuwien dot ac dot at @ 2005-08-15 21:31 UTC (permalink / raw)
To: gcc-bugs
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 3486 bytes --]
If the following code is compiled by a GCC with checking enabled (configured
with --enable-checking=misc,tree,rtl,rtlflag,gc,gcac) and -O1, a ICE happen:
static __inline__ int f () { return g (); }
int g () { return f (); }
With checking disabled, the ICE does not happen.
gcc version:
GNU C version 4.1.0 20050815 (experimental) (i686-pc-linux-gnu)
Backtrace:Analyzing compilation unit {GC 733k -> 718k} {GC 719k -> 719k} {GC
719k -> 719k}Performing intraprocedural optimizations
{GC 721k -> 694k}
Program received signal SIGSEGV, Segmentation fault.
0x08aea1eb in cgraph_decide_inlining_incrementally (node=0xb7c62c98, early=1
'\001') at ../.././gcc/ipa-inline.c:1029
1029 if (e->callee->local.disregard_inline_limits
(gdb) bt
#0 0x08aea1eb in cgraph_decide_inlining_incrementally (node=0xb7c62c98, early=1
'\001') at ../.././gcc/ipa-inline.c:1029
#1 0x08aea64d in cgraph_early_inlining () at ../.././gcc/ipa-inline.c:1131
#2 0x08a59ff0 in execute_one_pass (pass=0x8e71bc0) at ../.././gcc/passes.c:797
#3 0x08a5a0ed in execute_ipa_pass_list (pass=0x8e71bc0) at ../.././gcc/passes.c:843
#4 0x08ae6807 in ipa_passes () at ../.././gcc/cgraphunit.c:1202
#5 0x08ae68c7 in cgraph_optimize () at ../.././gcc/cgraphunit.c:1236
#6 0x0806cdf1 in c_write_global_declarations () at ../.././gcc/c-decl.c:7618
#7 0x089fcc5c in compile_file () at ../.././gcc/toplev.c:984
#8 0x089fe491 in do_compile () at ../.././gcc/toplev.c:1914
#9 0x089fe4f3 in toplev_main (argc=3, argv=0xbff6eb44) at ../.././gcc/toplev.c:1946
#10 0x080ed5ca in main (argc=3, argv=0xbff6eb44) at ../.././gcc/main.c:35
(gdb) p e
$1 = (struct cgraph_edge *) 0xa5a5a5a5
(gdb) up
#1 0x08aea64d in cgraph_early_inlining () at ../.././gcc/ipa-inline.c:1131
1131 cgraph_decide_inlining_incrementally (node, true);
(gdb) p *node
$2 = {decl = 0xa5a5a5a5, callees = 0xa5a5a5a5, callers = 0xa5a5a5a5, next =
0xa5a5a5a5, previous = 0xa5a5a5a5, origin = 0xa5a5a5a5,
nested = 0xa5a5a5a5, next_nested = 0xa5a5a5a5, next_needed = 0xa5a5a5a5,
next_clone = 0xa5a5a5a5, prev_clone = 0xa5a5a5a5,
master_clone = 0xa5a5a5a5, aux = 0xa5a5a5a5, local = {self_insns =
-1515870811, local = 165 '¥', externally_visible = 165 '¥',
finalized = 165 '¥', inlinable = 165 '¥', disregard_inline_limits = 165 '¥',
redefined_extern_inline = 165 '¥',
for_functions_valid = 165 '¥', vtable_method = 165 '¥'}, global =
{inlined_to = 0xa5a5a5a5, insns = -1515870811,
estimated_growth = -1515870811, inlined = 165 '¥'}, rtl =
{preferred_incoming_stack_boundary = -1515870811},
count = -6510615555426900571, uid = -1515870811, needed = 165 '¥', reachable =
165 '¥', lowered = 165 '¥', analyzed = 165 '¥',
output = 165 '¥', externally_visible = 165 '¥', alias = 165 '¥'}
As far as I can tell, the garbage collector seems to free some used memory.
It is a regression, as GCC version 20050606 did not showed this error.
--
Summary: ICE on valid, if checking enabled
Product: gcc
Version: 4.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: middle-end
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: e9925248 at stud4 dot tuwien dot ac dot at
CC: gcc-bugs at gcc dot gnu dot org
GCC build triplet: i686-pc-linux-gnu
GCC host triplet: i686-pc-linux-gnu
GCC target triplet: i686-pc-linux-gnu (exists also on avr)
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23408
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory)
2005-08-15 21:31 [Bug middle-end/23408] New: ICE on valid, if checking enabled e9925248 at stud4 dot tuwien dot ac dot at
@ 2005-08-15 21:38 ` pinskia at gcc dot gnu dot org
2005-08-16 21:23 ` e9925248 at stud4 dot tuwien dot ac dot at
` (6 subsequent siblings)
7 siblings, 0 replies; 10+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2005-08-15 21:38 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2005-08-15 21:37 -------
Also reproduced with --enable-checking=yes (default) and --param ggc-min-expand=0 --param
ggc-min-heapsize=0 -O1. This means we are using already freed GC memory.
Honza could you look into this since it seems like it was caused by one of your functions. Smells like
we are missing a GTY somwhere.
--
What |Removed |Added
----------------------------------------------------------------------------
CC| |hubicka at gcc dot gnu dot
| |org
Status|UNCONFIRMED |NEW
Ever Confirmed| |1
GCC build triplet|i686-pc-linux-gnu |
GCC host triplet|i686-pc-linux-gnu |
GCC target triplet|i686-pc-linux-gnu (exists |
|also on avr) |
Keywords| |ice-on-valid-code
Last reconfirmed|0000-00-00 00:00:00 |2005-08-15 21:37:39
date| |
Summary|ICE on valid, if checking |[4.1 Regression] ICE in
|enabled |cgraph_decide_inlining_incre
| |mentally (using freed GC
| |memory)
Target Milestone|--- |4.1.0
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23408
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory)
2005-08-15 21:31 [Bug middle-end/23408] New: ICE on valid, if checking enabled e9925248 at stud4 dot tuwien dot ac dot at
2005-08-15 21:38 ` [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory) pinskia at gcc dot gnu dot org
@ 2005-08-16 21:23 ` e9925248 at stud4 dot tuwien dot ac dot at
2005-08-16 21:24 ` Andrew Pinski
2005-08-16 21:30 ` pinskia at physics dot uc dot edu
` (5 subsequent siblings)
7 siblings, 1 reply; 10+ messages in thread
From: e9925248 at stud4 dot tuwien dot ac dot at @ 2005-08-16 21:23 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From e9925248 at stud4 dot tuwien dot ac dot at 2005-08-16 21:20 -------
I think, I found the cause of this:
cgraph_early_inlining holds a list of cgraph nodes in the array order.
In this example, cgraph_decide_inlining_incrementally removes all references
known by the garbage collector to a node contained in this array, which has not
been processed. Then it calls the ggc_collect. With checking enabled, the freed
memory is overwritten so that the following access cause a segementation fault.
If the call to the garbage collector in cgraph_decide_inlining_incrementally is
removed, the file compiles:
Index: ipa-inline.c
===================================================================
RCS file: /cvs/gcc/gcc/gcc/ipa-inline.c,v
retrieving revision 2.15
diff -u -p -r2.15 ipa-inline.c
--- ipa-inline.c 28 Jul 2005 21:45:25 -0000 2.15
+++ ipa-inline.c 16 Aug 2005 21:18:18 -0000
@@ -1073,7 +1073,6 @@ cgraph_decide_inlining_incrementally (st
node->local.self_insns = node->global.insns;
current_function_decl = NULL;
pop_cfun ();
- ggc_collect ();
}
return inlined;
}
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23408
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory)
2005-08-16 21:23 ` e9925248 at stud4 dot tuwien dot ac dot at
@ 2005-08-16 21:24 ` Andrew Pinski
0 siblings, 0 replies; 10+ messages in thread
From: Andrew Pinski @ 2005-08-16 21:24 UTC (permalink / raw)
To: gcc-bugzilla; +Cc: gcc-bugs
>
>
> ------- Additional Comments From e9925248 at stud4 dot tuwien dot ac dot at 2005-08-16 21:20 -------
> I think, I found the cause of this:
> cgraph_early_inlining holds a list of cgraph nodes in the array order.
>
> In this example, cgraph_decide_inlining_incrementally removes all references
> known by the garbage collector to a node contained in this array, which has not
> been processed. Then it calls the ggc_collect. With checking enabled, the freed
> memory is overwritten so that the following access cause a segementation fault.
The other way to fix it, would be move the order array to GC memory so we call
still call ggc_collect.
-- Pinski
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory)
2005-08-15 21:31 [Bug middle-end/23408] New: ICE on valid, if checking enabled e9925248 at stud4 dot tuwien dot ac dot at
2005-08-15 21:38 ` [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory) pinskia at gcc dot gnu dot org
2005-08-16 21:23 ` e9925248 at stud4 dot tuwien dot ac dot at
@ 2005-08-16 21:30 ` pinskia at physics dot uc dot edu
2005-08-28 1:57 ` pinskia at gcc dot gnu dot org
` (4 subsequent siblings)
7 siblings, 0 replies; 10+ messages in thread
From: pinskia at physics dot uc dot edu @ 2005-08-16 21:30 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at physics dot uc dot edu 2005-08-16 21:23 -------
Subject: Re: [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory)
>
>
> ------- Additional Comments From e9925248 at stud4 dot tuwien dot ac dot at 2005-08-16 21:20 -------
> I think, I found the cause of this:
> cgraph_early_inlining holds a list of cgraph nodes in the array order.
>
> In this example, cgraph_decide_inlining_incrementally removes all references
> known by the garbage collector to a node contained in this array, which has not
> been processed. Then it calls the ggc_collect. With checking enabled, the freed
> memory is overwritten so that the following access cause a segementation fault.
The other way to fix it, would be move the order array to GC memory so we call
still call ggc_collect.
-- Pinski
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23408
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory)
2005-08-15 21:31 [Bug middle-end/23408] New: ICE on valid, if checking enabled e9925248 at stud4 dot tuwien dot ac dot at
` (2 preceding siblings ...)
2005-08-16 21:30 ` pinskia at physics dot uc dot edu
@ 2005-08-28 1:57 ` pinskia at gcc dot gnu dot org
2005-08-28 3:13 ` pinskia at gcc dot gnu dot org
` (3 subsequent siblings)
7 siblings, 0 replies; 10+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2005-08-28 1:57 UTC (permalink / raw)
To: gcc-bugs
--
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |critical
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23408
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory)
2005-08-15 21:31 [Bug middle-end/23408] New: ICE on valid, if checking enabled e9925248 at stud4 dot tuwien dot ac dot at
` (3 preceding siblings ...)
2005-08-28 1:57 ` pinskia at gcc dot gnu dot org
@ 2005-08-28 3:13 ` pinskia at gcc dot gnu dot org
2005-08-28 8:11 ` pinskia at gcc dot gnu dot org
` (2 subsequent siblings)
7 siblings, 0 replies; 10+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2005-08-28 3:13 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2005-08-28 03:05 -------
I am testing a patch for which I recommended in comment #3.
--
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|unassigned at gcc dot gnu |pinskia at gcc dot gnu dot
|dot org |org
Status|NEW |ASSIGNED
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23408
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory)
2005-08-15 21:31 [Bug middle-end/23408] New: ICE on valid, if checking enabled e9925248 at stud4 dot tuwien dot ac dot at
` (4 preceding siblings ...)
2005-08-28 3:13 ` pinskia at gcc dot gnu dot org
@ 2005-08-28 8:11 ` pinskia at gcc dot gnu dot org
2005-08-29 17:49 ` cvs-commit at gcc dot gnu dot org
2005-08-29 17:50 ` pinskia at gcc dot gnu dot org
7 siblings, 0 replies; 10+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2005-08-28 8:11 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2005-08-28 04:45 -------
And that did not work. Just going to get approval for your patch after a bootstrap/test.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23408
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory)
2005-08-15 21:31 [Bug middle-end/23408] New: ICE on valid, if checking enabled e9925248 at stud4 dot tuwien dot ac dot at
` (5 preceding siblings ...)
2005-08-28 8:11 ` pinskia at gcc dot gnu dot org
@ 2005-08-29 17:49 ` cvs-commit at gcc dot gnu dot org
2005-08-29 17:50 ` pinskia at gcc dot gnu dot org
7 siblings, 0 replies; 10+ messages in thread
From: cvs-commit at gcc dot gnu dot org @ 2005-08-29 17:49 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From cvs-commit at gcc dot gnu dot org 2005-08-29 17:49 -------
Subject: Bug 23408
CVSROOT: /cvs/gcc
Module name: gcc
Changes by: pinskia@gcc.gnu.org 2005-08-29 17:48:59
Modified files:
gcc : ChangeLog ipa-inline.c
gcc/testsuite : ChangeLog
Added files:
gcc/testsuite/gcc.dg: pr23408.c
Log message:
2005-08-18 Andrew Pinski <pinskia@physics.uc.edu>
PR middle-end/23408
* ipa-inline.c (cgraph_decide_inlining_incrementally): Remove the
call to ggc_collect.
2005-08-28 Andrew Pinski <pinskia@physics.uc.edu>
PR middle-end/23408
* gcc.dg/pr23408.c: New test.
Patches:
http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/ChangeLog.diff?cvsroot=gcc&r1=2.9849&r2=2.9850
http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/ipa-inline.c.diff?cvsroot=gcc&r1=2.15&r2=2.16
http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/ChangeLog.diff?cvsroot=gcc&r1=1.5977&r2=1.5978
http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/gcc.dg/pr23408.c.diff?cvsroot=gcc&r1=NONE&r2=1.1
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23408
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory)
2005-08-15 21:31 [Bug middle-end/23408] New: ICE on valid, if checking enabled e9925248 at stud4 dot tuwien dot ac dot at
` (6 preceding siblings ...)
2005-08-29 17:49 ` cvs-commit at gcc dot gnu dot org
@ 2005-08-29 17:50 ` pinskia at gcc dot gnu dot org
7 siblings, 0 replies; 10+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2005-08-29 17:50 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2005-08-29 17:49 -------
Fixed.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |FIXED
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23408
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2005-08-29 17:49 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-08-15 21:31 [Bug middle-end/23408] New: ICE on valid, if checking enabled e9925248 at stud4 dot tuwien dot ac dot at
2005-08-15 21:38 ` [Bug middle-end/23408] [4.1 Regression] ICE in cgraph_decide_inlining_incrementally (using freed GC memory) pinskia at gcc dot gnu dot org
2005-08-16 21:23 ` e9925248 at stud4 dot tuwien dot ac dot at
2005-08-16 21:24 ` Andrew Pinski
2005-08-16 21:30 ` pinskia at physics dot uc dot edu
2005-08-28 1:57 ` pinskia at gcc dot gnu dot org
2005-08-28 3:13 ` pinskia at gcc dot gnu dot org
2005-08-28 8:11 ` pinskia at gcc dot gnu dot org
2005-08-29 17:49 ` cvs-commit at gcc dot gnu dot org
2005-08-29 17:50 ` pinskia at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).