[Bug bootstrap/55792] [4.8 Regression] Bad memory access with profiledbootstrap and LTO

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

From: "rguenth at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug bootstrap/55792] [4.8 Regression] Bad memory access with profiledbootstrap and LTO
Date: Wed, 09 Jan 2013 09:32:00 -0000	[thread overview]
Message-ID: <bug-55792-4-0ASxe8vJPF@http.gcc.gnu.org/bugzilla/> (raw)
In-Reply-To: <bug-55792-4@http.gcc.gnu.org/bugzilla/>


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55792

--- Comment #18 from Richard Biener <rguenth at gcc dot gnu.org> 2013-01-09 09:31:45 UTC ---
(In reply to comment #17)
> gimple_location is duplicated by:
> 
> #1  0x0000000000751f32 in gimple_copy (stmt=0x7fffe8d75a00)
>     at /export/gnu/import/git/gcc/gcc/gimple.c:2205
> #2  0x00000000009c960d in gimple_duplicate_bb (bb=0x7fffe8d768f0)
>     at /export/gnu/import/git/gcc/gcc/tree-cfg.c:5397
> #3  0x00000000005b27a5 in duplicate_block (bb=0x7fffe8d768f0, 
>     e=0x7fffe8d793f0, after=0x7fffe8d76888)
>     at /export/gnu/import/git/gcc/gcc/cfghooks.c:1012
> #4  0x000000000099c511 in tail_duplicate ()
>     at /export/gnu/import/git/gcc/gcc/tracer.c:323
> #5  0x000000000099c765 in tracer ()
>     at /export/gnu/import/git/gcc/gcc/tracer.c:380
> #6  0x00000000008ae0e6 in execute_one_pass (pass=0x16d18a0 <pass_tracer>)
>     at /export/gnu/import/git/gcc/gcc/passes.c:2335
> #7  0x00000000008ae2da in execute_pass_list (pass=0x16d18a0 <pass_tracer>)
>     at /export/gnu/import/git/gcc/gcc/passes.c:2383
> #8  0x00000000008ae30b in execute_pass_list (
>     pass=0x16d07e0 <pass_all_optimizations>)
>     at /export/gnu/import/git/gcc/gcc/passes.c:2384
> #9  0x00000000005da366 in expand_function (node=0x7ffff17536f0)
>     at /export/gnu/import/git/gcc/gcc/cgraphunit.c:1641
> #10 0x00000000005da821 in expand_all_functions ()
>     at /export/gnu/import/git/gcc/gcc/cgraphunit.c:1745
> (gdb) p copy
> $176 = (gimple) 0x7fffe8e0a320
> (gdb) 

The BLOCK of the location is kept live by being referenced by the stmt
copy (what kind is the stmt?  the only stmt not well handled seems to
be CLOBBERs)

> Later, the original location is removed:
> 
> #0  remove_unused_locals ()
>     at /export/gnu/import/git/gcc/gcc/tree-ssa-live.c:793
> #1  0x00000000008ad5cb in execute_function_todo (data=0x8800)
>     at /export/gnu/import/git/gcc/gcc/passes.c:1952
> #2  0x00000000008ac965 in do_per_function (
>     callback=0x8ad4ae <execute_function_todo(void*)>, data=0x8800)
>     at /export/gnu/import/git/gcc/gcc/passes.c:1703
> #3  0x00000000008ad765 in execute_todo (flags=34816)
>     at /export/gnu/import/git/gcc/gcc/passes.c:2001
> #4  0x00000000008ae175 in execute_one_pass (
>     pass=0x16d3220 <pass_cleanup_cfg_post_optimizing>)
>     at /export/gnu/import/git/gcc/gcc/passes.c:2349
> #5  0x00000000008ae2da in execute_pass_list (
>     pass=0x16d3220 <pass_cleanup_cfg_post_optimizing>)
>     at /export/gnu/import/git/gcc/gcc/passes.c:2383
> #6  0x00000000005da366 in expand_function (node=0x7ffff17536f0)
>     at /export/gnu/import/git/gcc/gcc/cgraphunit.c:1641
> #7  0x00000000005da821 in expand_all_functions ()
>     at /export/gnu/import/git/gcc/gcc/cgraphunit.c:1745
> 
> and freed.

You probably mean BLOCK - it should be still live as referenced from
the stmt, or cleaned from the stmt if it was a debug stmt.

>  Then we copy the freed gimple_location:
> 
> #0  expand_gimple_stmt_1 (stmt=0x7fffe8e0a320)
>     at /export/gnu/import/git/gcc/gcc/cfgexpand.c:2202
> #1  0x00000000005a7786 in expand_gimple_stmt (stmt=0x7fffe8e0a320)
>     at /export/gnu/import/git/gcc/gcc/cfgexpand.c:2305
> #2  0x00000000005ad975 in expand_gimple_basic_block (bb=0x7fffe8d76888, 
>     disable_tail_calls=false)
>     at /export/gnu/import/git/gcc/gcc/cfgexpand.c:4084
> #3  0x00000000005af426 in gimple_expand_cfg ()
>     at /export/gnu/import/git/gcc/gcc/cfgexpand.c:4603
> #4  0x00000000008ae0e6 in execute_one_pass (pass=0x16ce300 <pass_expand>)
>     at /export/gnu/import/git/gcc/gcc/passes.c:2335
> #5  0x00000000008ae2da in execute_pass_list (pass=0x16ce300 <pass_expand>)
>     at /export/gnu/import/git/gcc/gcc/passes.c:2383
> #6  0x00000000005da366 in expand_function (node=0x7ffff17536f0)
>     at /export/gnu/import/git/gcc/gcc/cgraphunit.c:1641
> #7  0x00000000005da821 in expand_all_functions ()
>     at /export/gnu/import/git/gcc/gcc/cgraphunit.c:1745
> #8  0x00000000005db2ab in compile ()
>     at /export/gnu/import/git/gcc/gcc/cgraphunit.c:2043
> #9  0x000000000053c60a in lto_main ()
>     at /export/gnu/import/git/gcc/gcc/lto/lto.c:3390
> #10 0x0000000000999401 in compile_file ()
>     at /export/gnu/import/git/gcc/gcc/toplev.c:545

next prev parent reply	other threads:[~2013-01-09  9:32 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-12-22 18:05 [Bug bootstrap/55792] New: " hjl.tools at gmail dot com
2012-12-22 18:43 ` [Bug bootstrap/55792] " hjl.tools at gmail dot com
2012-12-22 20:13 ` hjl.tools at gmail dot com
2013-01-03 19:03 ` hjl.tools at gmail dot com
2013-01-04 23:58 ` hjl.tools at gmail dot com
2013-01-05 16:47 ` hjl.tools at gmail dot com
2013-01-05 17:21 ` hjl.tools at gmail dot com
2013-01-07 10:13 ` rguenth at gcc dot gnu.org
2013-01-07 15:41 ` hjl.tools at gmail dot com
2013-01-07 16:02 ` rguenth at gcc dot gnu.org
2013-01-07 16:03 ` [Bug bootstrap/55792] [4.8 Regression] " rguenth at gcc dot gnu.org
2013-01-07 17:55 ` dnovillo at gcc dot gnu.org
2013-01-07 22:14 ` hjl.tools at gmail dot com
2013-01-07 23:30 ` hjl.tools at gmail dot com
2013-01-08  1:20 ` hjl.tools at gmail dot com
2013-01-08 10:17 ` rguenth at gcc dot gnu.org
2013-01-08 17:13 ` hjl.tools at gmail dot com
2013-01-09  0:23 ` hjl.tools at gmail dot com
2013-01-09  9:32 ` rguenth at gcc dot gnu.org [this message]
2013-01-09 16:11 ` hjl.tools at gmail dot com
2013-01-09 17:13 ` hjl.tools at gmail dot com
2013-01-09 18:22 ` rguenth at gcc dot gnu.org
2013-01-09 18:38 ` hjl.tools at gmail dot com
2013-01-09 22:52 ` hjl.tools at gmail dot com
2013-01-10 11:30 ` rguenth at gcc dot gnu.org
2013-01-10 12:16 ` rguenth at gcc dot gnu.org
2013-01-10 13:43 ` rguenth at gcc dot gnu.org
2013-01-10 14:08 ` rguenth at gcc dot gnu.org
2013-01-10 14:12 ` rguenth at gcc dot gnu.org
2013-01-10 15:29 ` rguenth at gcc dot gnu.org
2013-01-10 15:35 ` rguenth at gcc dot gnu.org
2013-01-10 17:03 ` hjl.tools at gmail dot com
2013-01-10 19:36 ` hjl.tools at gmail dot com
2013-01-11 17:37 ` hubicka at ucw dot cz
2013-01-14 13:43 ` rguenth at gcc dot gnu.org
2013-01-14 13:50 ` rguenth at gcc dot gnu.org
2013-01-14 13:51 ` rguenth at gcc dot gnu.org
2013-01-15 14:32 ` rguenth at gcc dot gnu.org

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-55792-4-0ASxe8vJPF@http.gcc.gnu.org/bugzilla/ \
    --to=gcc-bugzilla@gcc.gnu.org \
    --cc=gcc-bugs@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).