53682 – [4.7/4.8 Regression] ICE in cselib_lookup (SEGV) on i586-linux-gnu

Bug 53682 - [4.7/4.8 Regression] ICE in cselib_lookup (SEGV) on i586-linux-gnu

Summary: [4.7/4.8 Regression] ICE in cselib_lookup (SEGV) on i586-linux-gnu

Status:	RESOLVED FIXED

Alias:	None

Product:	gcc
Classification:	Unclassified
Component:	target (show other bugs)
Version:	4.7.1

Importance:	P3 normal
Target Milestone:	4.7.2
Assignee:	Alexandre Oliva

URL:
Keywords:	ice-on-valid-code

Depends on:
Blocks:

Reported:	2012-06-15 10:44 UTC by Matthias Klose
Modified:	2012-06-26 20:24 UTC (History)
CC List:	3 users (show)

See Also:
Host:
Target:	i586-linux-gnu
Build:
Known to work:	4.6.3
Known to fail:	4.7.1, 4.8.0
Last reconfirmed:	2012-06-15 00:00:00

Attachments
test case (1.53 KB, text/x-csrc) 2012-06-15 10:44 UTC, Matthias Klose	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthias Klose 2012-06-15 10:44:50 UTC

Created attachment 27625 [details]
test case

works with 4.6 branch, fails with 4.7.1 on i586-linux-gnu, works on x86_64-linux-gnu.

omitting one of the -fPIC, -fvisibility=hidden, -funroll-loops options avoids the ice.

$ gcc -c -g -O2 -fPIC -fvisibility=hidden -funroll-loops  mini_q_math.c 
mini_q_math.c: In function 'ByteToDir':
mini_q_math.c:124:1: internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.


Program received signal SIGSEGV, Segmentation fault.
0x081e657b in cselib_lookup(rtx_def*, machine_mode, int, machine_mode) ()
(gdb) bt
#0  0x081e657b in cselib_lookup(rtx_def*, machine_mode, int, machine_mode) ()
#1  0x081e7034 in ?? ()
#2  0x08590da2 in ?? ()
#3  0x085a8680 in ?? ()
#4  0x08189983 in find_base_term(rtx_def*) ()
#5  0x08189a28 in find_base_term(rtx_def*) ()
#6  0x08189b69 in find_base_term(rtx_def*) ()
#7  0x0818b3e8 in ?? ()
#8  0x081e7820 in ?? ()
#9  0x081e88f7 in ?? ()
#10 0x081e9183 in cselib_process_insn(rtx_def*) ()
#11 0x0856c723 in ?? ()
#12 0x0857323c in variable_tracking_main() ()
#13 0x0836e2bc in execute_one_pass(opt_pass*) ()
#14 0x0836e615 in execute_pass_list(opt_pass*) ()
#15 0x0836e628 in execute_pass_list(opt_pass*) ()
#16 0x0836e628 in execute_pass_list(opt_pass*) ()
#17 0x0844d434 in tree_rest_of_compilation(tree_node*) ()
#18 0x081dd654 in ?? ()
#19 0x081deeb5 in cgraph_optimize() ()
#20 0x081df3ef in cgraph_finalize_compilation_unit() ()
#21 0x081185fc in c_write_global_declarations() ()
#22 0x0840661a in toplev_main(int, char**) ()
#23 0x0810712b in main ()

Comment 1 Jakub Jelinek 2012-06-15 11:41:37 UTC

Probably started with http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=182760

Comment 2 Jakub Jelinek 2012-06-15 12:00:45 UTC

Possible the second two calls of promote_debug_loc should be replaced by a loop over the locs, looking for the right l->loc that -g0 would have created in that case.  Anyway, it needs to be debugged how exactly -g0 vs. -g behaves in these cases.

Comment 3 Alexandre Oliva 2012-06-18 10:31:09 UTC

Mine.  AFAICT the problem is that promote_debug_loc crashes when the loc list for a VALUE is temporarily cleared within alias.c to avoid infinite recursion.  Getting it to return if passed a NULL pointer seems to be the correct fix.  AFAICT we won't run into this except within var-tracking.

Comment 4 Alexandre Oliva 2012-06-18 10:32:01 UTC

Mine.  AFAICT the problem is that promote_debug_loc crashes when the loc list for a VALUE is temporarily cleared within alias.c to avoid infinite recursion.  Getting it to return if passed a NULL pointer seems to be the correct fix.  AFAICT we won't run into this except within var-tracking.

Comment 5 Alexandre Oliva 2012-06-22 01:29:33 UTC

Author: aoliva
Date: Fri Jun 22 01:29:28 2012
New Revision: 188866

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=188866
Log:
PR debug/53682
* cselib.c (promote_debug_loc): Don't crash on NULL argument.

Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/cselib.c

Comment 6 Alexandre Oliva 2012-06-22 16:17:01 UTC

Fixed

Comment 7 Mikael Pettersson 2012-06-24 13:02:36 UTC

I think this was closed as fixed too soon, as the regression is still present in 4.7-20120623.  Backporting the 4.8 patch eliminates the ICE in 4.7 too.

Comment 8 Alexandre Oliva 2012-06-25 03:54:48 UTC

Yeah, sorry, closing it was a mistake.  Testing it on the 4.7 branch now.

Comment 9 Alexandre Oliva 2012-06-26 20:22:05 UTC

Author: aoliva
Date: Tue Jun 26 20:21:58 2012
New Revision: 188997

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=188997
Log:
PR debug/53682
* cselib.c (promote_debug_loc): Don't crash on NULL argument.

Modified:
    branches/gcc-4_7-branch/gcc/ChangeLog
    branches/gcc-4_7-branch/gcc/cselib.c

Comment 10 Alexandre Oliva 2012-06-26 20:24:54 UTC

Fixed in the 4.7 branch too.