public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/52881] New: ICE due to null pointer deref
@ 2012-04-05 19:59 regehr at cs dot utah.edu
2012-04-05 20:43 ` [Bug middle-end/52881] [4.8 Regression] ICE due to null pointer deref in cfgloop.c pinskia at gcc dot gnu.org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: regehr at cs dot utah.edu @ 2012-04-05 19:59 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52881
Bug #: 52881
Summary: ICE due to null pointer deref
Classification: Unclassified
Product: gcc
Version: 4.8.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
AssignedTo: unassigned@gcc.gnu.org
ReportedBy: regehr@cs.utah.edu
CC: chenyang@cs.utah.edu
[regehr@dyson r3]$ current-gcc -O2 small.c
small.c: In function 'fn3':
small.c:27:1: internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.
[regehr@dyson r3]$ valgrind -q --trace-children=yes current-gcc -O2 small.c
==30315== Invalid read of size 8
==30315== at 0xDEAB99: search_line_sse2(unsigned char const*, unsigned char
const*) (lex.c:393)
==30315== by 0xDEAD61: _cpp_clean_line (lex.c:739)
==30315== by 0xDEB787: _cpp_get_fresh_line (lex.c:2000)
==30315== by 0xDECF40: _cpp_lex_direct (lex.c:2065)
==30315== by 0xDEDCCB: _cpp_lex_token (lex.c:1939)
==30315== by 0xDF1E8F: cpp_get_token_1(cpp_reader*, unsigned int*)
(macro.c:2245)
==30315== by 0x57F3A2: c_lex_with_flags(tree_node**, unsigned int*, unsigned
char*, int) (c-lex.c:302)
==30315== by 0x52D9B4: c_lex_one_token(c_parser*, c_token*) (c-parser.c:221)
==30315== by 0x53406D: c_parser_compound_statement_nostart(c_parser*)
(c-parser.c:401)
==30315== by 0x540F28: c_parser_compound_statement(c_parser*)
(c-parser.c:4071)
==30315== by 0x531B77: c_parser_declaration_or_fndef(c_parser*, bool, bool,
bool, bool, bool, tree_node**) (c-parser.c:1758)
==30315== by 0x54118D: c_parser_external_declaration(c_parser*)
(c-parser.c:1363)
==30315== Address 0x56e90d8 is 424 bytes inside a block of size 429 alloc'd
==30315== at 0x4C275A2: realloc (vg_replace_malloc.c:525)
==30315== by 0xE16C9C: xrealloc (xmalloc.c:179)
==30315== by 0xDDF8A3: _cpp_convert_input (charset.c:1734)
==30315== by 0xDE82AA: read_file(cpp_reader*, _cpp_file*) (files.c:652)
==30315== by 0xDE8CAA: _cpp_stack_file (files.c:723)
==30315== by 0xDEA605: cpp_read_main_file(cpp_reader*, char const*)
(init.c:593)
==30315== by 0x58491B: c_common_post_options(char const**) (c-opts.c:1056)
==30315== by 0x8C5CD8: toplev_main(int, char**) (toplev.c:1281)
==30315== by 0x52D2C4C: (below main) (libc-start.c:226)
==30315==
==30315== Invalid read of size 8
==30315== at 0xDEAB83: search_line_sse2(unsigned char const*, unsigned char
const*) (lex.c:381)
==30315== by 0xDEAD61: _cpp_clean_line (lex.c:739)
==30315== by 0xDEB787: _cpp_get_fresh_line (lex.c:2000)
==30315== by 0xDECF40: _cpp_lex_direct (lex.c:2065)
==30315== by 0xDEDCCB: _cpp_lex_token (lex.c:1939)
==30315== by 0xDF1E8F: cpp_get_token_1(cpp_reader*, unsigned int*)
(macro.c:2245)
==30315== by 0x57F3A2: c_lex_with_flags(tree_node**, unsigned int*, unsigned
char*, int) (c-lex.c:302)
==30315== by 0x52D9B4: c_lex_one_token(c_parser*, c_token*) (c-parser.c:221)
==30315== by 0x53406D: c_parser_compound_statement_nostart(c_parser*)
(c-parser.c:401)
==30315== by 0x540F28: c_parser_compound_statement(c_parser*)
(c-parser.c:4071)
==30315== by 0x531B77: c_parser_declaration_or_fndef(c_parser*, bool, bool,
bool, bool, bool, tree_node**) (c-parser.c:1758)
==30315== by 0x54118D: c_parser_external_declaration(c_parser*)
(c-parser.c:1363)
==30315== Address 0x56e90d8 is 424 bytes inside a block of size 429 alloc'd
==30315== at 0x4C275A2: realloc (vg_replace_malloc.c:525)
==30315== by 0xE16C9C: xrealloc (xmalloc.c:179)
==30315== by 0xDDF8A3: _cpp_convert_input (charset.c:1734)
==30315== by 0xDE82AA: read_file(cpp_reader*, _cpp_file*) (files.c:652)
==30315== by 0xDE8CAA: _cpp_stack_file (files.c:723)
==30315== by 0xDEA605: cpp_read_main_file(cpp_reader*, char const*)
(init.c:593)
==30315== by 0x58491B: c_common_post_options(char const**) (c-opts.c:1056)
==30315== by 0x8C5CD8: toplev_main(int, char**) (toplev.c:1281)
==30315== by 0x52D2C4C: (below main) (libc-start.c:226)
==30315==
==30315== Invalid read of size 4
==30315== at 0x5EA374: dfs_enumerate_from(basic_block_def*, int, bool
(*)(basic_block_def const*, void const*), basic_block_def**, int, void const*)
(cfganal.c:1210)
==30315== by 0x5FD803: get_loop_body(loop const*) (cfgloop.c:829)
==30315== by 0x5FF17F: verify_loop_structure() (cfgloop.c:1351)
==30315== by 0x7D4A95: loop_optimizer_init(unsigned int) (loop-init.c:64)
==30315== by 0x7D4BEE: rtl_loop_init() (loop-init.c:210)
==30315== by 0x820F04: execute_one_pass(opt_pass*) (passes.c:2079)
==30315== by 0x8212C4: execute_pass_list(opt_pass*) (passes.c:2134)
==30315== by 0x8212D6: execute_pass_list(opt_pass*) (passes.c:2135)
==30315== by 0x8212D6: execute_pass_list(opt_pass*) (passes.c:2135)
==30315== by 0x933C9D: tree_rest_of_compilation(tree_node*)
(tree-optimize.c:422)
==30315== by 0x615A09: cgraph_expand_function(cgraph_node*)
(cgraphunit.c:1784)
==30315== by 0x6178CB: cgraph_optimize() (cgraphunit.c:1851)
==30315== Address 0x50 is not stack'd, malloc'd or (recently) free'd
==30315==
small.c: In function 'fn3':
small.c:27:1: internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.
[regehr@dyson r3]$ cat small.c
int a, b, c, d, e, f, h, i, j, k, l, m, n, o;
static int g;
int
fn1 () {
for (;; ++f)
if (e)
break;
return 0;
}
unsigned char fn2 ();
void
fn3 () {
lbl_220:
if (j) {
lbl_221:
l = (g || b) <= fn1 ();
for (;;) {
g = 0;
fn2 ();
if (k)
goto lbl_220;
break;
}
if (l)
goto lbl_221;
}
}
unsigned char
fn2 () {
o = d ? 0 : c;
h = m | a % o != n;
return i;
}
[regehr@dyson r3]$ current-gcc -v
Using built-in specs.
COLLECT_GCC=current-gcc
COLLECT_LTO_WRAPPER=/uusoc/exports/scratch/regehr/z/compiler-install/gcc-r186167-install/bin/../libexec/gcc/x86_64-unknown-linux-gnu/4.8.0/lto-wrapper
Target: x86_64-unknown-linux-gnu
Configured with: ../configure --with-libelf=/usr/local --enable-lto
--prefix=/home/regehr/z/compiler-install/gcc-r186167-install
--program-prefix=r186167- --enable-languages=c,c++
Thread model: posix
gcc version 4.8.0 20120405 (experimental) (GCC)
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/52881] [4.8 Regression] ICE due to null pointer deref in cfgloop.c
2012-04-05 19:59 [Bug c/52881] New: ICE due to null pointer deref regehr at cs dot utah.edu
@ 2012-04-05 20:43 ` pinskia at gcc dot gnu.org
2012-04-09 16:21 ` regehr at cs dot utah.edu
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2012-04-05 20:43 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52881
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |ice-on-valid-code
Component|c |middle-end
Target Milestone|--- |4.8.0
Summary|ICE due to null pointer |[4.8 Regression] ICE due to
|deref |null pointer deref in
| |cfgloop.c
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/52881] [4.8 Regression] ICE due to null pointer deref in cfgloop.c
2012-04-05 19:59 [Bug c/52881] New: ICE due to null pointer deref regehr at cs dot utah.edu
2012-04-05 20:43 ` [Bug middle-end/52881] [4.8 Regression] ICE due to null pointer deref in cfgloop.c pinskia at gcc dot gnu.org
@ 2012-04-09 16:21 ` regehr at cs dot utah.edu
2012-04-10 11:34 ` rguenth at gcc dot gnu.org
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: regehr at cs dot utah.edu @ 2012-04-09 16:21 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52881
--- Comment #1 from John Regehr <regehr at cs dot utah.edu> 2012-04-09 16:18:46 UTC ---
*** Bug 52913 has been marked as a duplicate of this bug. ***
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/52881] [4.8 Regression] ICE due to null pointer deref in cfgloop.c
2012-04-05 19:59 [Bug c/52881] New: ICE due to null pointer deref regehr at cs dot utah.edu
2012-04-05 20:43 ` [Bug middle-end/52881] [4.8 Regression] ICE due to null pointer deref in cfgloop.c pinskia at gcc dot gnu.org
2012-04-09 16:21 ` regehr at cs dot utah.edu
@ 2012-04-10 11:34 ` rguenth at gcc dot gnu.org
2012-04-11 8:14 ` rguenth at gcc dot gnu.org
2012-04-11 8:18 ` rguenth at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: rguenth at gcc dot gnu.org @ 2012-04-10 11:34 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52881
Richard Guenther <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed| |2012-04-10
AssignedTo|unassigned at gcc dot |rguenth at gcc dot gnu.org
|gnu.org |
Ever Confirmed|0 |1
--- Comment #2 from Richard Guenther <rguenth at gcc dot gnu.org> 2012-04-10 11:33:49 UTC ---
Confirmed, mine.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/52881] [4.8 Regression] ICE due to null pointer deref in cfgloop.c
2012-04-05 19:59 [Bug c/52881] New: ICE due to null pointer deref regehr at cs dot utah.edu
` (2 preceding siblings ...)
2012-04-10 11:34 ` rguenth at gcc dot gnu.org
@ 2012-04-11 8:14 ` rguenth at gcc dot gnu.org
2012-04-11 8:18 ` rguenth at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: rguenth at gcc dot gnu.org @ 2012-04-11 8:14 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52881
--- Comment #3 from Richard Guenther <rguenth at gcc dot gnu.org> 2012-04-11 08:13:45 UTC ---
Author: rguenth
Date: Wed Apr 11 08:13:37 2012
New Revision: 186304
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=186304
Log:
2012-04-11 Richard Guenther <rguenther@suse.de>
PR rtl-optimization/52881
* ifcvt.c (find_if_case_2): Avoid speculating loop latches.
* gcc.dg/torture/pr52881.c: New testcase.
* gcc.dg/torture/pr52913.c: Likewise.
Added:
trunk/gcc/testsuite/gcc.dg/torture/pr52881.c
trunk/gcc/testsuite/gcc.dg/torture/pr52913.c
Modified:
trunk/gcc/ChangeLog
trunk/gcc/ifcvt.c
trunk/gcc/testsuite/ChangeLog
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/52881] [4.8 Regression] ICE due to null pointer deref in cfgloop.c
2012-04-05 19:59 [Bug c/52881] New: ICE due to null pointer deref regehr at cs dot utah.edu
` (3 preceding siblings ...)
2012-04-11 8:14 ` rguenth at gcc dot gnu.org
@ 2012-04-11 8:18 ` rguenth at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: rguenth at gcc dot gnu.org @ 2012-04-11 8:18 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52881
Richard Guenther <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |FIXED
--- Comment #4 from Richard Guenther <rguenth at gcc dot gnu.org> 2012-04-11 08:16:28 UTC ---
Fixed.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2012-04-11 8:18 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-04-05 19:59 [Bug c/52881] New: ICE due to null pointer deref regehr at cs dot utah.edu
2012-04-05 20:43 ` [Bug middle-end/52881] [4.8 Regression] ICE due to null pointer deref in cfgloop.c pinskia at gcc dot gnu.org
2012-04-09 16:21 ` regehr at cs dot utah.edu
2012-04-10 11:34 ` rguenth at gcc dot gnu.org
2012-04-11 8:14 ` rguenth at gcc dot gnu.org
2012-04-11 8:18 ` rguenth at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).