public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug gcov-profile/114601] New: ICE: SIGSEGV in hash_table_mod1 (hash-table.h:344) with -fcondition-coverage -finstrument-functions-once
@ 2024-04-05 11:53 zsojka at seznam dot cz
2024-04-07 5:09 ` [Bug gcov-profile/114601] " zsojka at seznam dot cz
2024-04-09 11:49 ` cvs-commit at gcc dot gnu.org
0 siblings, 2 replies; 3+ messages in thread
From: zsojka at seznam dot cz @ 2024-04-05 11:53 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114601
Bug ID: 114601
Summary: ICE: SIGSEGV in hash_table_mod1 (hash-table.h:344)
with -fcondition-coverage -finstrument-functions-once
Product: gcc
Version: 14.0
Status: UNCONFIRMED
Keywords: ice-on-valid-code
Severity: normal
Priority: P3
Component: gcov-profile
Assignee: unassigned at gcc dot gnu.org
Reporter: zsojka at seznam dot cz
Target Milestone: ---
Host: x86_64-pc-linux-gnu
Target: x86_64-pc-linux-gnu
This happens also after the PR114599 fix.
Compiler output:
$ cat testcase.c
void foo() {}
$ x86_64-pc-linux-gnu-gcc -fcondition-coverage -finstrument-functions-once
testcase.c -wrapper valgrind,-q
==25248== Invalid read of size 4
==25248== at 0x15FBA4A: hash_table_mod1 (hash-table.h:344)
==25248== by 0x15FBA4A: hash_table<hash_map<gcond*, unsigned int,
simple_hashmap_traits<default_hash_traits<gcond*>, unsigned int> >::hash_entry,
false, xcallocator>::find_with_hash(gcond* const&, unsigned int)
(hash-table.h:985)
==25248== by 0x15F9C4B: get (hash-map.h:191)
==25248== by 0x15F9C4B: condition_uid (tree-profile.cc:370)
==25248== by 0x15F9C4B: find_conditions(function*) (tree-profile.cc:877)
==25248== by 0x140DBD3: branch_prob(bool) (profile.cc:1549)
==25248== by 0x15F92A4: tree_profiling (tree-profile.cc:1917)
==25248== by 0x15F92A4: (anonymous
namespace)::pass_ipa_tree_profile::execute(function*) (tree-profile.cc:2046)
==25248== by 0x13D0F7A: execute_one_pass(opt_pass*) (passes.cc:2647)
==25248== by 0x13D2346: execute_ipa_pass_list(opt_pass*) (passes.cc:3096)
==25248== by 0xFCFEC7: ipa_passes (cgraphunit.cc:2214)
==25248== by 0xFCFEC7: symbol_table::compile() [clone .part.0]
(cgraphunit.cc:2337)
==25248== by 0xFD2747: compile (cgraphunit.cc:2315)
==25248== by 0xFD2747: symbol_table::finalize_compilation_unit()
(cgraphunit.cc:2589)
==25248== by 0x15135E1: compile_file() (toplev.cc:476)
==25248== by 0xDE841B: do_compile (toplev.cc:2154)
==25248== by 0xDE841B: toplev::main(int, char**) (toplev.cc:2310)
==25248== by 0xDE9BFA: main (main.cc:39)
==25248== Address 0x30 is not stack'd, malloc'd or (recently) free'd
==25248==
during IPA pass: profile
testcase.c: In function 'foo':
testcase.c:1:1: internal compiler error: Segmentation fault
1 | void foo() {}
| ^~~~
0x15130ff crash_signal
/repo/gcc-trunk/gcc/toplev.cc:319
0x15fba4a hash_table_mod1(unsigned int, unsigned int)
/repo/gcc-trunk/gcc/hash-table.h:344
0x15fba4a hash_table<hash_map<gcond*, unsigned int,
simple_hashmap_traits<default_hash_traits<gcond*>, unsigned int> >::hash_entry,
false, xcallocator>::find_with_hash(gcond* const&, unsigned int)
/repo/gcc-trunk/gcc/hash-table.h:985
0x15f9c4b hash_map<gcond*, unsigned int,
simple_hashmap_traits<default_hash_traits<gcond*>, unsigned int> >::get(gcond*
const&)
/repo/gcc-trunk/gcc/hash-map.h:191
0x15f9c4b condition_uid
/repo/gcc-trunk/gcc/tree-profile.cc:370
0x15f9c4b find_conditions(function*)
/repo/gcc-trunk/gcc/tree-profile.cc:877
0x140dbd3 branch_prob(bool)
/repo/gcc-trunk/gcc/profile.cc:1549
0x15f92a4 tree_profiling
/repo/gcc-trunk/gcc/tree-profile.cc:1917
0x15f92a4 execute
/repo/gcc-trunk/gcc/tree-profile.cc:2046
Please submit a full bug report, with preprocessed source (by using
-freport-bug).
Please include the complete backtrace with any bug report.
See <https://gcc.gnu.org/bugs/> for instructions.
$ x86_64-pc-linux-gnu-gcc -v
Using built-in specs.
COLLECT_GCC=/repo/gcc-trunk/binary-latest-amd64/bin/x86_64-pc-linux-gnu-gcc
COLLECT_LTO_WRAPPER=/repo/gcc-trunk/binary-trunk-r14-9803-20240405111321-g9ab8fdfeef5-checking-yes-rtl-df-extra-nobootstrap-amd64/bin/../libexec/gcc/x86_64-pc-linux-gnu/14.0.1/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /repo/gcc-trunk//configure --enable-languages=c,c++
--enable-valgrind-annotations --disable-nls --enable-checking=yes,rtl,df,extra
--disable-bootstrap --with-cloog --with-ppl --with-isl
--build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu
--target=x86_64-pc-linux-gnu --with-ld=/usr/bin/x86_64-pc-linux-gnu-ld
--with-as=/usr/bin/x86_64-pc-linux-gnu-as --enable-libsanitizer
--disable-libstdcxx-pch
--prefix=/repo/gcc-trunk//binary-trunk-r14-9803-20240405111321-g9ab8fdfeef5-checking-yes-rtl-df-extra-nobootstrap-amd64
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 14.0.1 20240405 (experimental) (GCC)
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug gcov-profile/114601] ICE: SIGSEGV in hash_table_mod1 (hash-table.h:344) with -fcondition-coverage -finstrument-functions-once
2024-04-05 11:53 [Bug gcov-profile/114601] New: ICE: SIGSEGV in hash_table_mod1 (hash-table.h:344) with -fcondition-coverage -finstrument-functions-once zsojka at seznam dot cz
@ 2024-04-07 5:09 ` zsojka at seznam dot cz
2024-04-09 11:49 ` cvs-commit at gcc dot gnu.org
1 sibling, 0 replies; 3+ messages in thread
From: zsojka at seznam dot cz @ 2024-04-07 5:09 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114601
--- Comment #1 from Zdenek Sojka <zsojka at seznam dot cz> ---
This is still failing as of r14-9822 (after the second PR114599#c7 fix).
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug gcov-profile/114601] ICE: SIGSEGV in hash_table_mod1 (hash-table.h:344) with -fcondition-coverage -finstrument-functions-once
2024-04-05 11:53 [Bug gcov-profile/114601] New: ICE: SIGSEGV in hash_table_mod1 (hash-table.h:344) with -fcondition-coverage -finstrument-functions-once zsojka at seznam dot cz
2024-04-07 5:09 ` [Bug gcov-profile/114601] " zsojka at seznam dot cz
@ 2024-04-09 11:49 ` cvs-commit at gcc dot gnu.org
1 sibling, 0 replies; 3+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2024-04-09 11:49 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114601
--- Comment #2 from GCC Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by J?rgen Kvalsvik <jkv@gcc.gnu.org>:
https://gcc.gnu.org/g:dd78e6a3cbd8f7c678d90ca0d05787faeb2e9c9a
commit r14-9870-gdd78e6a3cbd8f7c678d90ca0d05787faeb2e9c9a
Author: Jørgen Kvalsvik <j@lambda.is>
Date: Tue Apr 9 13:39:03 2024 +0200
Guard function->cond_uids access [PR114601]
PR114601 shows that it is possible to reach the condition_uid lookup
without having also created the fn->cond_uids, through
compiler-generated conditionals. Consider all lookups on non-existing
maps misses, which they are from the perspective of the source code, to
avoid the NULL access.
PR gcov-profile/114601
gcc/ChangeLog:
* tree-profile.cc (condition_uid): Guard fn->cond_uids access.
gcc/testsuite/ChangeLog:
* gcc.misc-tests/gcov-pr114601.c: New test.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-04-09 11:49 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-04-05 11:53 [Bug gcov-profile/114601] New: ICE: SIGSEGV in hash_table_mod1 (hash-table.h:344) with -fcondition-coverage -finstrument-functions-once zsojka at seznam dot cz
2024-04-07 5:09 ` [Bug gcov-profile/114601] " zsojka at seznam dot cz
2024-04-09 11:49 ` cvs-commit at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).