public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug other/57970] New: segfault in sched-deps.c
@ 2013-07-24 14:28 colanderman at gmail dot com
2013-11-10 20:23 ` [Bug rtl-optimization/57970] " pinskia at gcc dot gnu.org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: colanderman at gmail dot com @ 2013-07-24 14:28 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=57970
Bug ID: 57970
Summary: segfault in sched-deps.c
Product: gcc
Version: 4.7.3
Status: UNCONFIRMED
Severity: major
Priority: P3
Component: other
Assignee: unassigned at gcc dot gnu.org
Reporter: colanderman at gmail dot com
Created attachment 30546
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=30546&action=edit
Patch
Symptom: Segfault in sched-deps.c when compiling a large auto-generated C file:
==3363== Invalid read of size 8
==3363== at 0x95A41D: sched_analyze_1 (sched-deps.c:2479)
==3363== by 0x95D182: sched_analyze_insn (sched-deps.c:2859)
==3363== by 0x95E636: deps_analyze_insn (sched-deps.c:3505)
==3363== by 0x95E7F1: sched_analyze (sched-deps.c:3653)
==3363== by 0x6EC4F8: sched_rgn_compute_dependencies (sched-rgn.c:2702)
==3363== by 0x6EF582: schedule_insns (sched-rgn.c:2915)
==3363== by 0x89E237: tilegx_reorg (tilegx.c:4710)
==3363== by 0x6E0699: rest_of_handle_machine_reorg (reorg.c:4183)
==3363== by 0x69F5BF: execute_one_pass (passes.c:2084)
==3363== by 0x69FA30: execute_pass_list (passes.c:2139)
==3363== by 0x69FA44: execute_pass_list (passes.c:2140)
==3363== by 0x69FA44: execute_pass_list (passes.c:2140)
==3363== Address 0x8 is not stack'd, malloc'd or (recently) free'd
Cause: deps->pending_read_insns and deps->pending_read_mems are getting out of
sync. (Hence the NULL pointer access at sched-deps.c:2479.)
Fix: The conditions "!deps->readonly" under which deps->pending_read_mems is
freed in flush_pending_lists() should be changed to "!deps->readonly &&
!DEBUG_INSN_P (insn)" to match the condition "deps->readonly || DEBUG_INSN_P
(insn)" under which deps->pending_read_insns is not freed in
add_dependence_list_and_free().
Patch attached. Unfortunately I cannot provide a test case, as I have only
been able to reproduce the crash with a very large (auto-generated) proprietary
C file.
The bug seems to exist in the source code of at least 4.6.3 as well, though I
have not been able to trigger it therein.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug rtl-optimization/57970] segfault in sched-deps.c
2013-07-24 14:28 [Bug other/57970] New: segfault in sched-deps.c colanderman at gmail dot com
@ 2013-11-10 20:23 ` pinskia at gcc dot gnu.org
2013-11-10 21:23 ` colanderman at gmail dot com
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2013-11-10 20:23 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=57970
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|other |rtl-optimization
Severity|major |normal
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Patches should go to gcc-patches@ .
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug rtl-optimization/57970] segfault in sched-deps.c
2013-07-24 14:28 [Bug other/57970] New: segfault in sched-deps.c colanderman at gmail dot com
2013-11-10 20:23 ` [Bug rtl-optimization/57970] " pinskia at gcc dot gnu.org
@ 2013-11-10 21:23 ` colanderman at gmail dot com
2013-11-10 21:27 ` pinskia at gcc dot gnu.org
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: colanderman at gmail dot com @ 2013-11-10 21:23 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=57970
--- Comment #2 from Chris King <colanderman at gmail dot com> ---
If you don't want proposed patches attached to bug reports, then I suggest you
remove the text "proposed patch" which is next to the "Add an attachment" link.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug rtl-optimization/57970] segfault in sched-deps.c
2013-07-24 14:28 [Bug other/57970] New: segfault in sched-deps.c colanderman at gmail dot com
2013-11-10 20:23 ` [Bug rtl-optimization/57970] " pinskia at gcc dot gnu.org
2013-11-10 21:23 ` colanderman at gmail dot com
@ 2013-11-10 21:27 ` pinskia at gcc dot gnu.org
2013-11-10 21:35 ` colanderman at gmail dot com
2013-11-10 23:38 ` colanderman at gmail dot com
4 siblings, 0 replies; 6+ messages in thread
From: pinskia at gcc dot gnu.org @ 2013-11-10 21:27 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=57970
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |WAITING
Last reconfirmed| |2013-11-10
Ever confirmed|0 |1
--- Comment #3 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Well we need a testcase. You can use
http://gcc.gnu.org/wiki/A_guide_to_testcase_reduction to reduce the testcase to
the smallest one that fails still.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug rtl-optimization/57970] segfault in sched-deps.c
2013-07-24 14:28 [Bug other/57970] New: segfault in sched-deps.c colanderman at gmail dot com
` (2 preceding siblings ...)
2013-11-10 21:27 ` pinskia at gcc dot gnu.org
@ 2013-11-10 21:35 ` colanderman at gmail dot com
2013-11-10 23:38 ` colanderman at gmail dot com
4 siblings, 0 replies; 6+ messages in thread
From: colanderman at gmail dot com @ 2013-11-10 21:35 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=57970
--- Comment #4 from Chris King <colanderman at gmail dot com> ---
Sorry, not interested: like I said above, it's very difficult to trigger, and
the only code I've been able to trigger it with is proprietary.
You can either read sched-deps.c and understand the code path which fails
(which I outlined) and how the patch fixes it, or close the bug and ignore the
patch. I keep my own branch, so I don't really care.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug rtl-optimization/57970] segfault in sched-deps.c
2013-07-24 14:28 [Bug other/57970] New: segfault in sched-deps.c colanderman at gmail dot com
` (3 preceding siblings ...)
2013-11-10 21:35 ` colanderman at gmail dot com
@ 2013-11-10 23:38 ` colanderman at gmail dot com
4 siblings, 0 replies; 6+ messages in thread
From: colanderman at gmail dot com @ 2013-11-10 23:38 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=57970
--- Comment #5 from Chris King <colanderman at gmail dot com> ---
Would a unit test case be acceptable? That should be an easy way to evince
this bug and I'd be glad to write one.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2013-11-10 23:38 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-07-24 14:28 [Bug other/57970] New: segfault in sched-deps.c colanderman at gmail dot com
2013-11-10 20:23 ` [Bug rtl-optimization/57970] " pinskia at gcc dot gnu.org
2013-11-10 21:23 ` colanderman at gmail dot com
2013-11-10 21:27 ` pinskia at gcc dot gnu.org
2013-11-10 21:35 ` colanderman at gmail dot com
2013-11-10 23:38 ` colanderman at gmail dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).