I get a segfault with 4.2.0 20060408 on x86_64. It does not happen on i386. (sid)3185:tbm@em64t: ~/delta/bin] cat mini.c typedef struct { void *p; } hvl_t; test_vltypes_compound_vlen_vlen (void) { typedef struct { int i; float f; hvl_t v; } s1; s1 wdata[128]; unsigned i, j, k; hvl_t *t1, *t2; for (i = 0; i < 128; i++) { wdata[i].i = i * 10; wdata[i].f = (float) ((i * 20) / 3.0); wdata[i].v.p = malloc ((i + 16) * sizeof (hvl_t)); for (t1 = (wdata[i].v).p, j = 0; j < (i + 16); j++, t1++) { for (k = 0; k < j + 8; k++) ((unsigned int *) t1->p)[k] = i * 100 + j * 10 + k; } } } test_vltypes (void) { } (sid)3186:tbm@em64t: ~/delta/bin] /usr/lib/gcc-snapshot/bin/gcc -O1 -c mini.c mini.c: In function 'test_vltypes_compound_vlen_vlen': mini.c:16: warning: incompatible implicit declaration of built-in function 'malloc' (sid)3187:tbm@em64t: ~/delta/bin] /usr/lib/gcc-snapshot/bin/gcc -O2 mini.c mini.c: In function 'test_vltypes_compound_vlen_vlen': mini.c:16: warning: incompatible implicit declaration of built-in function 'malloc' mini.c:3: internal compiler error: Segmentation fault Please submit a full bug report, with preprocessed source if appropriate. See <URL:http://gcc.gnu.org/bugs.html> for instructions. zsh: exit 1 /usr/lib/gcc-snapshot/bin/gcc -O2 mini.c (sid)3188:tbm@em64t: ~/delta/bin]
((unsigned int *) t1->p) is most likely giving it troubles.
It is an ICE while doing scev.
Confirmed, here is a slightly reduced testcase: typedef struct {unsigned *p; } hvl_t; test_vltypes_compound_vlen_vlen (void) { typedef struct { int i; float f; hvl_t v; } s1; s1 wdata[128]; unsigned i, j, k; hvl_t *t1, *t2; for (i = 0; i < 128; i++) { wdata[i].i = i * 10; wdata[i].f = (float) ((i * 20) / 3.0); wdata[i].v.p = malloc ((i + 16) * sizeof (hvl_t)); for (t1 = (wdata[i].v).p, j = 0; j < (i + 16); j++, t1++) { for (k = 0; k < j + 8; k++) t1->p[k] = i * 100 + j * 10 + k; } } }
The ICE is due to looking at the type of a freed SSA_NAME during IV-OPTs.
This is more or less dup of PR23434 (the fix for it is not quite correct). I am testing a patch.
Patch: http://gcc.gnu.org/ml/gcc-patches/2006-04/msg01078.html
Subject: Bug 27144 Author: rakdver Date: Mon May 1 19:42:01 2006 New Revision: 113425 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=113425 Log: PR tree-optimization/27144 * tree-ssa-loop-niter.c (derive_constant_upper_bound): New function. (record_estimate): Only record constant upper bound. (infer_loop_bounds_from_undefined): Call compute_estimated_nb_iterations just once. (proved_non_wrapping_p): Renamed to ... (n_of_executions_at_most): ... this. Expect bound to be a constant. (convert_step_widening, scev_probably_wraps_p): Call n_of_executions_at_most instead of proved_non_wrapping_p. (substitute_in_loop_info): Do not replace values in bounds. * cfgloop.h (struct nb_iter_bound): Remove "additional" field. Update comments. * gcc.dg/tree-ssa/loop-16.c: New test. Added: trunk/gcc/testsuite/gcc.dg/tree-ssa/loop-16.c Modified: trunk/gcc/ChangeLog trunk/gcc/cfgloop.h trunk/gcc/testsuite/ChangeLog trunk/gcc/tree-ssa-loop-niter.c
Hmm, I'm seeing a new ICE that could be related to your patch: function rombint() implicit none real :: rombint integer :: i, j real :: g(6), g0, g1 10 i=i+1 if (i.gt.20) go to 40 do 30 j=1,6 g1=g0+g(j) g0=g1 30 continue go to 10 40 rombint=g0 end function rombint ~/tmp>gfortran -c -O bug.f90 bug.f90: In function 'rombint': bug.f90:1: internal compiler error: in n_of_executions_at_least, at tree-ssa-loop-niter.c:1772
Seems also to cause a bootstrap failure on x86_64 for Ada: /abuild/rguenther/obj/./prev-gcc/xgcc -B/abuild/rguenther/obj/./prev-gcc/ -B/usr/local/x86_64-unknown-linux-gnu/bin/ -c -g -O2 -gnatpg -gnata -I- -I. -Iada -I../../trunk/gcc/ada ../../trunk/gcc/ada/fname-uf.adb -o ada/fname-uf.o +===========================GNAT BUG DETECTED==============================+ | 4.2.0 20060502 (experimental) (x86_64-unknown-linux-gnu) GCC error: | | in n_of_executions_at_least, at tree-ssa-loop-niter.c:1772 | | Error detected at fname-uf.adb:611:12 | | Please submit a bug report; see http://gcc.gnu.org/bugs.html. | | Use a subject line meaningful to you and us to track the bug. | | Include the entire contents of this bug box in the report. | | Include the exact gcc or gnatmake command that you entered. | | Also include sources listed below in gnatchop format | | (concatenated together with no headers between files). | +==========================================================================+ #1 0x0000000000cecba3 in n_of_executions_at_least (stmt=0x0, niter_bound=0x189ba50, niter=0x2ba3eb059510) at ../../trunk/gcc/tree-ssa-loop-niter.c:1770 1770 gcc_assert (TYPE_UNSIGNED (bound_type) (gdb) list 1765 tree bound = niter_bound->bound; 1766 tree bound_type = TREE_TYPE (bound); 1767 tree nit_type = TREE_TYPE (niter); 1768 enum tree_code cmp; 1769 1770 gcc_assert (TYPE_UNSIGNED (bound_type) 1771 && TYPE_UNSIGNED (nit_type) 1772 && is_gimple_min_invariant (bound)); 1773 if (TYPE_PRECISION (nit_type) > TYPE_PRECISION (bound_type)) 1774 bound = fold_convert (nit_type, bound); (gdb) call debug_tree(nit_type) <integer_type 0x2ba3ea7f4b00 SIGNED_64 sizes-gimplified asm_written public visited DI size <integer_cst 0x2ba3ea7e8d80 type <integer_type 0x2ba3ea7f40b0 bit_size_type> constant invariant 64> unit size <integer_cst 0x2ba3ea7e8db0 type <integer_type 0x2ba3ea7f4000 long int> constant invariant 8> align 64 symtab -360134464 alias set -1 precision 64 min <integer_cst 0x2ba3ea7ff210 -9223372036854775808> max <integer_cst 0x2ba3ea7ff2d0 9223372036854775807> pointer_to_this <pointer_type 0x2ba3ea881f20>> (gdb) call debug_tree(bound) <integer_cst 0x2ba3ead24840 type <integer_type 0x2ba3ea881a50 unsigned int> constant invariant 2147483645>
Also lots of fortran testcases fail with the same ICE.
The problem is that unsigned_type_for returns a size_type for pointers, and that happens to be signed for fortran. I am not sure whether this is not a bug in fortran frontend -- I think some places in gcc assume that size_t is unsigned (and standard specifies this). I am not sure how this could pass through my testing; this must break a lot.
Fixed.