fix segfault in verify_flow_info() with -dx option

fix segfault in verify_flow_info() with -dx option

[Prathamesh Kulkarni]

[-- Attachment #1: Type: text/plain, Size: 915 bytes --]

Hi,
Passing -dx causes segmentation fault:
Test case: void f(void) {}

./test.c: In function 'f':
../test.c:3:1: internal compiler error: Segmentation fault
 }
 ^
0xab6baf crash_signal
        /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/toplev.c:366
0x694b14 verify_flow_info()
        /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/cfghooks.c:109
0x9f7e64 execute_function_todo
        /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/passes.c:1997
0x9f86eb execute_todo
        /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/passes.c:2042

Started with r210068.
It looks like -dx causes cfun->cfg to be NULL, and hence the segfault
in verify_flow_info().
The attached patch tries to fix it by adding a check to cfun->cfg before calling
verify_flow_info() from execute_function_todo().
Bootstrapped and tested on x86_64-unknown-linux-gnu.
OK for trunk ?

Thank you,
Prathamesh

[-- Attachment #2: patch.diff --]
[-- Type: text/plain, Size: 492 bytes --]

diff --git a/gcc/passes.c b/gcc/passes.c
index 4966334..8362554 100644
--- a/gcc/passes.c
+++ b/gcc/passes.c
@@ -1965,7 +1965,8 @@ execute_function_todo (function *fn, void *data)
 	  /* IPA passes leave basic-blocks unsplit, so make sure to
 	     not trip on that.  */
 	  if ((cfun->curr_properties & PROP_cfg)
-	      && !from_ipa_pass)
+	      && !from_ipa_pass
+	      && cfun->cfg)
 	    verify_flow_info ();
 	  if (current_loops
 	      && loops_state_satisfies_p (LOOP_CLOSED_SSA))

[-- Attachment #3: ChangeLog.txt --]
[-- Type: text/plain, Size: 159 bytes --]

2015-07-05  Prathamesh Kulkarni  <prathamesh.kulkarni@linaro.org>

	* passes.c (execute_function_todo): Check for cfun->cfg before calling verify_flow_info().

Re: fix segfault in verify_flow_info() with -dx option

[Richard Biener]

On Sun, Jul 5, 2015 at 2:07 PM, Prathamesh Kulkarni
<prathamesh.kulkarni@linaro.org> wrote:
> Hi,
> Passing -dx causes segmentation fault:
> Test case: void f(void) {}
>
> ./test.c: In function 'f':
> ../test.c:3:1: internal compiler error: Segmentation fault
>  }
>  ^
> 0xab6baf crash_signal
>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/toplev.c:366
> 0x694b14 verify_flow_info()
>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/cfghooks.c:109
> 0x9f7e64 execute_function_todo
>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/passes.c:1997
> 0x9f86eb execute_todo
>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/passes.c:2042
>
> Started with r210068.
> It looks like -dx causes cfun->cfg to be NULL, and hence the segfault
> in verify_flow_info().
> The attached patch tries to fix it by adding a check to cfun->cfg before calling
> verify_flow_info() from execute_function_todo().
> Bootstrapped and tested on x86_64-unknown-linux-gnu.
> OK for trunk ?

No.  We've checked cfun->curr_properties & PROP_cfg already.  So whatever
is keeping that set but frees the CFG is the offender (and should
clear the flag).

Richard.

> Thank you,
> Prathamesh

Re: fix segfault in verify_flow_info() with -dx option

[Jeff Law]

On 07/05/2015 06:07 AM, Prathamesh Kulkarni wrote:
> Hi,
> Passing -dx causes segmentation fault:
> Test case: void f(void) {}
>
> ./test.c: In function 'f':
> ../test.c:3:1: internal compiler error: Segmentation fault
>   }
>   ^
> 0xab6baf crash_signal
>          /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/toplev.c:366
> 0x694b14 verify_flow_info()
>          /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/cfghooks.c:109
> 0x9f7e64 execute_function_todo
>          /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/passes.c:1997
> 0x9f86eb execute_todo
>          /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/passes.c:2042
>
> Started with r210068.
> It looks like -dx causes cfun->cfg to be NULL, and hence the segfault
> in verify_flow_info().
> The attached patch tries to fix it by adding a check to cfun->cfg before calling
> verify_flow_info() from execute_function_todo().
> Bootstrapped and tested on x86_64-unknown-linux-gnu.
> OK for trunk ?
This needs a testcase for the testsuite.

My gut tells me a comment is needed in here to document why 
verify_flow_info is different than the other checkers which require a 
CFG (because verify_flow_info also applies to the RTL CFG which won't be 
built when -dx is in effect).

Jeff

Re: fix segfault in verify_flow_info() with -dx option

[Prathamesh Kulkarni]

[-- Attachment #1: Type: text/plain, Size: 2200 bytes --]

On 6 July 2015 at 12:00, Richard Biener <richard.guenther@gmail.com> wrote:
> On Sun, Jul 5, 2015 at 2:07 PM, Prathamesh Kulkarni
> <prathamesh.kulkarni@linaro.org> wrote:
>> Hi,
>> Passing -dx causes segmentation fault:
>> Test case: void f(void) {}
>>
>> ./test.c: In function 'f':
>> ../test.c:3:1: internal compiler error: Segmentation fault
>>  }
>>  ^
>> 0xab6baf crash_signal
>>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/toplev.c:366
>> 0x694b14 verify_flow_info()
>>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/cfghooks.c:109
>> 0x9f7e64 execute_function_todo
>>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/passes.c:1997
>> 0x9f86eb execute_todo
>>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/passes.c:2042
>>
>> Started with r210068.
>> It looks like -dx causes cfun->cfg to be NULL, and hence the segfault
>> in verify_flow_info().
>> The attached patch tries to fix it by adding a check to cfun->cfg before calling
>> verify_flow_info() from execute_function_todo().
>> Bootstrapped and tested on x86_64-unknown-linux-gnu.
>> OK for trunk ?
>
> No.  We've checked cfun->curr_properties & PROP_cfg already.  So whatever
> is keeping that set but frees the CFG is the offender (and should
> clear the flag).
I think I have somewhat understood what's happening.
-dx turns on flag rtl_dump_and_exit.
pass_rest_of_compilation is gated on !rtl_dump_and_exit.
Since rtl_dump_and_exit == 1 when -dx is passed,
pass_rest_of_compilation and all the
rtl passes inserted within pass_rest_of_compilation don't execute.
One of these passes is pass_free_cfg which destorys PROP_cfg, but with
-dx passed,
this pass doesn't get executed and PROP_cfg remains set.
Then pass_clean_state::execute() calls free_after_compilation(), which
sets cfun->cfg = NULL.
And hence after pass_clean_state finishes in execute_function_todo, we
end up with cfun->cfg == NULL and CFG_prop set,
which calls verify_flow_info() and we hit the segfault.

The following untested patch tries to fix this by clearing CFG_prop in
free_after_compilation.
Shall that be correct approach ?

Thanks,
Prathamesh
>
> Richard.
>
>> Thank you,
>> Prathamesh

[-- Attachment #2: foo.diff --]
[-- Type: text/plain, Size: 565 bytes --]

diff --git a/gcc/function.c b/gcc/function.c
index 8134c4e..d540dc3 100644
--- a/gcc/function.c
+++ b/gcc/function.c
@@ -216,6 +216,7 @@ free_after_compilation (struct function *f)
   f->eh = NULL;
   f->machine = NULL;
   f->cfg = NULL;
+  f->curr_properties &= ~PROP_cfg;
 
   regno_reg_rtx = NULL;
 }
diff --git a/gcc/testsuite/gcc.dg/dx-test.c b/gcc/testsuite/gcc.dg/dx-test.c
new file mode 100644
index 0000000..579ccfb
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/dx-test.c
@@ -0,0 +1,5 @@
+/* { dg-do compile } */
+/* { dg-options "-dx" } */
+
+void f(void)
+{}

Re: fix segfault in verify_flow_info() with -dx option

[Richard Biener]

On Tue, Jul 7, 2015 at 2:42 AM, Prathamesh Kulkarni
<prathamesh.kulkarni@linaro.org> wrote:
> On 6 July 2015 at 12:00, Richard Biener <richard.guenther@gmail.com> wrote:
>> On Sun, Jul 5, 2015 at 2:07 PM, Prathamesh Kulkarni
>> <prathamesh.kulkarni@linaro.org> wrote:
>>> Hi,
>>> Passing -dx causes segmentation fault:
>>> Test case: void f(void) {}
>>>
>>> ./test.c: In function 'f':
>>> ../test.c:3:1: internal compiler error: Segmentation fault
>>>  }
>>>  ^
>>> 0xab6baf crash_signal
>>>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/toplev.c:366
>>> 0x694b14 verify_flow_info()
>>>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/cfghooks.c:109
>>> 0x9f7e64 execute_function_todo
>>>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/passes.c:1997
>>> 0x9f86eb execute_todo
>>>         /home/prathamesh.kulkarni/gnu-toolchain/src/gcc.git/gcc/passes.c:2042
>>>
>>> Started with r210068.
>>> It looks like -dx causes cfun->cfg to be NULL, and hence the segfault
>>> in verify_flow_info().
>>> The attached patch tries to fix it by adding a check to cfun->cfg before calling
>>> verify_flow_info() from execute_function_todo().
>>> Bootstrapped and tested on x86_64-unknown-linux-gnu.
>>> OK for trunk ?
>>
>> No.  We've checked cfun->curr_properties & PROP_cfg already.  So whatever
>> is keeping that set but frees the CFG is the offender (and should
>> clear the flag).
> I think I have somewhat understood what's happening.
> -dx turns on flag rtl_dump_and_exit.
> pass_rest_of_compilation is gated on !rtl_dump_and_exit.
> Since rtl_dump_and_exit == 1 when -dx is passed,
> pass_rest_of_compilation and all the
> rtl passes inserted within pass_rest_of_compilation don't execute.
> One of these passes is pass_free_cfg which destorys PROP_cfg, but with
> -dx passed,
> this pass doesn't get executed and PROP_cfg remains set.
> Then pass_clean_state::execute() calls free_after_compilation(), which
> sets cfun->cfg = NULL.
> And hence after pass_clean_state finishes in execute_function_todo, we
> end up with cfun->cfg == NULL and CFG_prop set,
> which calls verify_flow_info() and we hit the segfault.
>
> The following untested patch tries to fix this by clearing CFG_prop in
> free_after_compilation.
> Shall that be correct approach ?

Yes, that looks good to me.

Richard.

> Thanks,
> Prathamesh
>>
>> Richard.
>>
>>> Thank you,
>>> Prathamesh