public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug tree-optimization/56396] New: [4.8 Regression] memory corruption in cc1
@ 2013-02-19 14:37 doko at gcc dot gnu.org
  2013-02-19 19:02 ` [Bug tree-optimization/56396] " jakub at gcc dot gnu.org
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: doko at gcc dot gnu.org @ 2013-02-19 14:37 UTC (permalink / raw)
  To: gcc-bugs


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56396

             Bug #: 56396
           Summary: [4.8 Regression] memory corruption in cc1
    Classification: Unclassified
           Product: gcc
           Version: 4.7.3
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: tree-optimization
        AssignedTo: unassigned@gcc.gnu.org
        ReportedBy: doko@gcc.gnu.org


Created attachment 29495
  --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=29495
preprocessed source

seen on a x86_64 system with glibc-2.17. seen with trunk 20130217, works with
the 4.7 branch. Lowering to -O1 or -O0 avoids the issue.

$ gcc -fPIC -g -O2 -c subscribe.i

subscribe.c: In function 'reply_421':
subscribe.c:286:5: internal compiler error: Aborted
 int reply_421(struct sip_msg* msg)
     ^
Please submit a full bug report,
with preprocessed source if appropriate.
See <file:///usr/share/doc/gcc-4.8/README.Bugs> for instructions.
*** Error in `/usr/lib/gcc/x86_64-linux-gnu/4.8/cc1': double free or corruption
(!prev): 0x000000000331e4c0 ***
*** Error in `/usr/lib/gcc/x86_64-linux-gnu/4.8/cc1': malloc(): memory
corruption: 0x000000000331f210 ***


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug tree-optimization/56396] [4.8 Regression] memory corruption in cc1
  2013-02-19 14:37 [Bug tree-optimization/56396] New: [4.8 Regression] memory corruption in cc1 doko at gcc dot gnu.org
@ 2013-02-19 19:02 ` jakub at gcc dot gnu.org
  2013-02-19 19:09 ` jakub at gcc dot gnu.org
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: jakub at gcc dot gnu.org @ 2013-02-19 19:02 UTC (permalink / raw)
  To: gcc-bugs


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56396

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |ASSIGNED
   Last reconfirmed|                            |2013-02-19
                 CC|                            |jakub at gcc dot gnu.org
            Version|4.7.3                       |4.8.0
         AssignedTo|unassigned at gcc dot       |jakub at gcc dot gnu.org
                   |gnu.org                     |
   Target Milestone|---                         |4.8.0
     Ever Confirmed|0                           |1

--- Comment #1 from Jakub Jelinek <jakub at gcc dot gnu.org> 2013-02-19 19:02:17 UTC ---
Reduced testcase:
/* PR tree-optimization/56396 */
/* { dg-do compile } */
/* { dg-options "-O2 -fpic -g" } */

struct S { char *s; int z; };
struct T { int t; } *c, u;
void bar (int, const char *);

inline void *
foo (void *x, char *y, int z)
{
  struct S s;
  char b[256];
  s.s = b;
  s.z = __builtin___sprintf_chk (s.s, 1, __builtin_object_size (s.s, 2),
"Require");
  if (s.z < 0)
    bar (u.t | c->t, "rls");
  if (foo (x, s.s, s.z))
    {
    }
  return (void *) 0;
}


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug tree-optimization/56396] [4.8 Regression] memory corruption in cc1
  2013-02-19 14:37 [Bug tree-optimization/56396] New: [4.8 Regression] memory corruption in cc1 doko at gcc dot gnu.org
  2013-02-19 19:02 ` [Bug tree-optimization/56396] " jakub at gcc dot gnu.org
@ 2013-02-19 19:09 ` jakub at gcc dot gnu.org
  2013-02-20 11:40 ` rguenth at gcc dot gnu.org
  2013-02-20 12:01 ` rguenth at gcc dot gnu.org
  3 siblings, 0 replies; 5+ messages in thread
From: jakub at gcc dot gnu.org @ 2013-02-19 19:09 UTC (permalink / raw)
  To: gcc-bugs


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56396

--- Comment #2 from Jakub Jelinek <jakub at gcc dot gnu.org> 2013-02-19 19:09:34 UTC ---
Created attachment 29500
  --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=29500
gcc48-pr56396.patch

Untested fix.


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug tree-optimization/56396] [4.8 Regression] memory corruption in cc1
  2013-02-19 14:37 [Bug tree-optimization/56396] New: [4.8 Regression] memory corruption in cc1 doko at gcc dot gnu.org
  2013-02-19 19:02 ` [Bug tree-optimization/56396] " jakub at gcc dot gnu.org
  2013-02-19 19:09 ` jakub at gcc dot gnu.org
@ 2013-02-20 11:40 ` rguenth at gcc dot gnu.org
  2013-02-20 12:01 ` rguenth at gcc dot gnu.org
  3 siblings, 0 replies; 5+ messages in thread
From: rguenth at gcc dot gnu.org @ 2013-02-20 11:40 UTC (permalink / raw)
  To: gcc-bugs


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56396

--- Comment #3 from Richard Biener <rguenth at gcc dot gnu.org> 2013-02-20 11:39:47 UTC ---
Author: rguenth
Date: Wed Feb 20 11:39:39 2013
New Revision: 196170

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=196170
Log:
2013-02-20  Richard Biener  <rguenther@suse.de>
    Jakub Jelinek  <jakub@redhat.com>

    PR tree-optimization/56396
    * tree-ssa-ccp.c (n_const_val): New static variable.
    (get_value): Return NULL for SSA names we don't have a lattice
    entry for.
    (ccp_initialize): Initialize n_const_val.
    * tree-ssa-copy.c (n_copy_of): New static variable.
    (init_copy_prop): Initialize n_copy_of.
    (get_value): Return NULL_TREE for SSA names we don't have a
    lattice entry for.

    * gcc.dg/pr56396.c: New testcase.

Added:
    trunk/gcc/testsuite/gcc.dg/pr56396.c
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/testsuite/ChangeLog
    trunk/gcc/tree-ssa-ccp.c
    trunk/gcc/tree-ssa-copy.c


^ permalink raw reply	[flat|nested] 5+ messages in thread
* [Bug tree-optimization/56396] [4.8 Regression] memory corruption in cc1
  2013-02-19 14:37 [Bug tree-optimization/56396] New: [4.8 Regression] memory corruption in cc1 doko at gcc dot gnu.org
                   ` (2 preceding siblings ...)
  2013-02-20 11:40 ` rguenth at gcc dot gnu.org
@ 2013-02-20 12:01 ` rguenth at gcc dot gnu.org
  3 siblings, 0 replies; 5+ messages in thread
From: rguenth at gcc dot gnu.org @ 2013-02-20 12:01 UTC (permalink / raw)
  To: gcc-bugs


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56396

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|                            |FIXED

--- Comment #4 from Richard Biener <rguenth at gcc dot gnu.org> 2013-02-20 12:00:32 UTC ---
Fixed.


^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2013-02-20 12:01 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-02-19 14:37 [Bug tree-optimization/56396] New: [4.8 Regression] memory corruption in cc1 doko at gcc dot gnu.org
2013-02-19 19:02 ` [Bug tree-optimization/56396] " jakub at gcc dot gnu.org
2013-02-19 19:09 ` jakub at gcc dot gnu.org
2013-02-20 11:40 ` rguenth at gcc dot gnu.org
2013-02-20 12:01 ` rguenth at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).