31617 – [4.3 Regression] Segfault in integer_zerop, called via ipa-type-escape.c

Bug 31617 - [4.3 Regression] Segfault in integer_zerop, called via ipa-type-escape.c

Summary: [4.3 Regression] Segfault in integer_zerop, called via ipa-type-escape.c

Status:	RESOLVED FIXED

Alias:	None

Product:	gcc
Classification:	Unclassified
Component:	middle-end (show other bugs)
Version:	4.3.0

Importance:	P3 normal
Target Milestone:	4.3.0
Assignee:	Not yet assigned to anyone

URL:
Keywords:

Depends on:
Blocks:

Reported:	2007-04-18 07:26 UTC by Martin Michlmayr
Modified:	2007-04-27 22:41 UTC (History)
CC List:	4 users (show)

See Also:
Host:
Target:
Build:
Known to work:	4.2.0
Known to fail:	4.3.0
Last reconfirmed:	2007-04-18 21:57:07

Attachments
testcase (655 bytes, text/plain) 2007-04-18 07:27 UTC, Martin Michlmayr	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Martin Michlmayr 2007-04-18 07:26:44 UTC

I get the following segfault with gcc 4.3 20070326 and 20070417.  It works
with gcc 4.2:

Analyzing compilation unit
Performing interprocedural optimizations
 <visibility> <early_local_cleanups> <inline> <static-var> <pure-const> <type-escape-var>
Program received signal SIGSEGV, Segmentation fault.
integer_zerop (expr=0x0) at /home/tbm/scratch/gcc/gcc/tree.c:1295
1295      STRIP_NOPS (expr);
(gdb) where
#0  integer_zerop (expr=0x0) at /home/tbm/scratch/gcc/gcc/tree.c:1295
#1  0x0000000000923316 in okay_pointer_operation (code=IDENTIFIER_NODE, op0=0x2b94c001cd20,
    op1=0x2b94bfcbeba0) at /home/tbm/scratch/gcc/gcc/ipa-type-escape.c:1471
#2  0x00000000009252fb in scan_for_refs (tp=<value optimized out>, walk_subtrees=0x7fffeb506cfc,
    data=<value optimized out>) at /home/tbm/scratch/gcc/gcc/ipa-type-escape.c:1544
#3  0x00000000008ca35b in walk_tree (tp=0x2b94bfffbd70, func=0x924f20 <scan_for_refs>,
    data=0x2b94bfeade00, pset=0xee27e0) at /home/tbm/scratch/gcc/gcc/tree.c:7978
#4  0x0000000000921bb8 in type_escape_execute () at /home/tbm/scratch/gcc/gcc/ipa-type-escape.c:1707
#5  0x000000000070b5d1 in execute_one_pass (pass=0xdff8c0) at /home/tbm/scratch/gcc/gcc/passes.c:1058
#6  0x000000000070b7e5 in execute_ipa_pass_list (pass=0xdff8c0)
    at /home/tbm/scratch/gcc/gcc/passes.c:1126

Comment 1 Martin Michlmayr 2007-04-18 07:27:43 UTC

Created attachment 13388 [details]
testcase

Comment 2 Martin Michlmayr 2007-04-18 07:30:48 UTC

I should mention that you need -O2 to see this.  I've confirmed the segfault
on x86_64 and ia64.

Comment 3 Martin Michlmayr 2007-04-18 07:37:17 UTC

Works with 4.3 20070303

Comment 4 Martin Michlmayr 2007-04-18 07:39:51 UTC

Olga Golovanevsky  <olga@il.ibm.com> made some changes to that part of the
compiler during this period.  Added to CC.

Comment 5 Andrew Pinski 2007-04-18 21:38:38 UTC

13207         return integer_zerop (int_const_binop (TRUNC_MOD_EXPR,
13208                                                top, bottom, 0));

(gdb) p debug_generic_expr (top)
4
$1 = void
(gdb) p debug_generic_expr (bottom)
0

Comment 6 Andrew Pinski 2007-04-18 21:57:07 UTC

1469                tree size_of_op0_points_to = TYPE_SIZE_UNIT (TREE_TYPE (op0type));

and size_of_op0_points_to is a zero constant.

Reduced testcase:
struct polynomial {
	~polynomial ();
};
void spline_rep1()
{
  new polynomial[0];
}

Comment 7 Steve Ellcey 2007-04-26 22:02:20 UTC

Subject: Bug 31617

Author: sje
Date: Thu Apr 26 22:02:05 2007
New Revision: 124197

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=124197
Log:
	PR middle-end/31617
	* g++.dg/other/str_empty.C: Add expected warning.

Modified:
    trunk/gcc/testsuite/ChangeLog
    trunk/gcc/testsuite/g++.dg/other/str_empty.C

Comment 8 Olga Golovanevsky 2007-04-27 22:31:12 UTC

The fix was submitted

http://gcc.gnu.org/ml/gcc-patches/2007-04/msg01578.html

and committed to mainline 4.3.

Comment 9 olga 2007-04-27 22:41:32 UTC

FIXED.