public inbox for gcc-prs@sourceware.org
help / color / mirror / Atom feed
* c/3952: comptypes() segfaults
@ 2001-08-06 19:56 robertlipe
0 siblings, 0 replies; 3+ messages in thread
From: robertlipe @ 2001-08-06 19:56 UTC (permalink / raw)
To: gcc-gnats; +Cc: robertlipe
>Number: 3952
>Category: c
>Synopsis: comptypes() segfaults
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: unassigned
>State: open
>Class: ice-on-legal-code
>Submitter-Id: net
>Arrival-Date: Mon Aug 06 19:56:09 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Robert Lipe
>Release: 3.0.1 20010806 (prerelease)
>Organization:
>Environment:
System: Linux rjlinux 2.4.2-2 #1 Sun Apr 8 20:41:30 EDT 2001 i686 unknown
Architecture: i686
host: i686-pc-linux-gnu
build: i686-pc-linux-gnu
target: i686-pc-linux-gnu
configured with: /play/egcs/configure --enable-languages=c --prefix=/usr/local/gcc3
>Description:
The following (admittedly horrifying) code will ICE gcc for IA32 as of today
and a slightly-before-3.0 version for IA64 Linux in the same way.
Program received signal SIGSEGV, Segmentation fault.
0x0805873c in comptypes (type1=0x401b9a28, type2=0x401b98f0)
at /play/egcs/gcc/c-typeck.c:519
519 if (d1 == 0 || d2 == 0 || d1 == d2
Here's the source:
typedef struct { volatile int counter; } atomic_t;
typedef struct _udi_osdep_atomic_int_opaque {
unsigned long PADDINGTOP[0];
atomic_t val;
unsigned long PADDINGBOT[0];
} udi_osdep_atomic_int_opaque_t;
typedef struct _udi_osdep_event_opaque
{
unsigned long PADDINGTOP[0];
volatile int signaled;
volatile int destroyed;
volatile int waiting;
volatile int waiter_busy;
volatile int waiter_waiting;
unsigned long PADDINGBOT[0];
} udi_osdep_event_opaque_t;
extern struct _udi_osdep_atomic_int_opaque _udi_osdep_atomic_int_opaque; struct
_udi_osdep_atomic_int_opaque _udi_osdep_atomic_int_opaque ; struct
_udi_osdep_atomic_int_opaque__opaque { unsigned long TOP_PAD[0]; char opaque[
sizeof(struct _udi_osdep_atomic_int_opaque) ]; unsigned long END_PAD[0]; };
extern struct _udi_osdep_atomic_int_opaque__opaque
_udi_osdep_atomic_int_opaque__opaque_var; struct
_udi_osdep_atomic_int_opaque__opaque _udi_osdep_atomic_int_opaque__opaque_var
;extern short _udi_osdep_atomic_int_opaque__is_invalid; short
_udi_osdep_atomic_int_opaque__is_invalid = sizeof(_udi_osdep_atomic_int_opaque)
- sizeof(_udi_osdep_atomic_int_opaque__opaque_var); extern char
_udi_osdep_atomic_int_opaque__IS_INVALID[((sizeof(_udi_osdep_atomic_int_opaque))
> (sizeof(_udi_osdep_atomic_int_opaque__opaque_var)) ?
((sizeof(_udi_osdep_atomic_int_opaque)) -
(sizeof(_udi_osdep_atomic_int_opaque__opaque_var))) :
((sizeof(_udi_osdep_atomic_int_opaque__opaque_var)) -
(sizeof(_udi_osdep_atomic_int_opaque))))]; char
_udi_osdep_atomic_int_opaque__IS_INVALID[((sizeof(_udi_osdep_atomic_int_opaque))
> (sizeof(_udi_osdep_atomic_int_opaque__opaque_var)) ?
((sizeof(_udi_osdep_atomic_int_opaque)) -
(sizeof(_udi_osdep_atomic_int_opaque__opaque_var))) :
((sizeof(_udi_osdep_atomic_int_opaque__opaque_var)) -
(sizeof(_udi_osdep_atomic_int_opaque))))];
>How-To-Repeat:
Simply cut/paste the above and attempt to compile.
$ /usr/local/gcc3/bin/gcc a.c
a.c:38: Internal error: Segmentation fault
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: c/3952: comptypes() segfaults
@ 2001-09-16 14:37 sirl
0 siblings, 0 replies; 3+ messages in thread
From: sirl @ 2001-09-16 14:37 UTC (permalink / raw)
To: gcc-bugs, gcc-prs, nobody, robertlipe
Synopsis: comptypes() segfaults
State-Changed-From-To: analyzed->closed
State-Changed-By: sirl
State-Changed-When: Sun Sep 16 14:37:33 2001
State-Changed-Why:
Fixed in current CVS.
2001-09-15 Richard Henderson <rth@redhat.com>
* c-typeck.c (comptypes): Handle zero-length arrays properly.
http://gcc.gnu.org/cgi-bin/gnatsweb.pl?cmd=view&pr=3952&database=gcc
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: c/3952: comptypes() segfaults
@ 2001-08-21 14:50 sirl
0 siblings, 0 replies; 3+ messages in thread
From: sirl @ 2001-08-21 14:50 UTC (permalink / raw)
To: gcc-bugs, gcc-prs, nobody, robertlipe
Synopsis: comptypes() segfaults
State-Changed-From-To: open->analyzed
State-Changed-By: sirl
State-Changed-When: Tue Aug 21 14:49:58 2001
State-Changed-Why:
I just saw a similar crash with gcc-3.0.1 (release) and it seems that this is just a missing null-pointer check. AFAICS TYPE_MAX_VALUE can legally be zero.
I think the fix is sth similar to this:
/* Sizes must match unless one is missing or variable. */
if (d1 == 0 || d2 == 0 || d1 == d2
|| ! TYPE_MAX_VALUE (d1) || ! TYPE_MAX_VALUE (d2)
|| TREE_CODE (TYPE_MIN_VALUE (d1)) != INTEGER_CST
|| TREE_CODE (TYPE_MIN_VALUE (d2)) != INTEGER_CST
|| TREE_CODE (TYPE_MAX_VALUE (d1)) != INTEGER_CST
|| TREE_CODE (TYPE_MAX_VALUE (d2)) != INTEGER_CST)
break;
I'm running a bootstrap .on powerpc-linux-gnu now. Robert, can you check if the fix above works for you too?
http://gcc.gnu.org/cgi-bin/gnatsweb.pl?cmd=view&pr=3952&database=gcc
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2001-09-16 14:37 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2001-08-06 19:56 c/3952: comptypes() segfaults robertlipe
2001-08-21 14:50 sirl
2001-09-16 14:37 sirl
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).