Bug 37314 - [4.2 Regression] seg violation
Summary: [4.2 Regression] seg violation
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: c++ (show other bugs)
Version: 4.1.3
: P2 normal
Target Milestone: 4.3.4
Assignee: Not yet assigned to anyone
URL: http://gcc.gnu.org/ml/gcc-patches/200...
Keywords: ice-on-invalid-code, ice-on-valid-code, patch, rejects-valid
Depends on:
Blocks:
 
Reported: 2008-09-01 15:39 UTC by w.doeringer
Modified: 2009-03-31 15:48 UTC (History)
5 users (show)

See Also:
Host:
Target:
Build:
Known to work: 4.0.4 4.1.1 4.3.4 4.4.0
Known to fail: 4.1.2 4.2.0 4.2.4 4.3.3 4.2.5
Last reconfirmed: 2008-11-30 23:06:48

Attachments
the ii file (97.69 KB, text/plain)
2008-09-01 15:41 UTC, w.doeringer 		Details
unincluded testcase (5.68 KB, application/octet-stream)
2008-09-01 15:49 UTC, Richard Biener 		Details
test.cpp (245 bytes, text/plain)
2008-09-01 16:39 UTC, w.doeringer 		Details
very small testcase (380 bytes, text/plain)
2008-09-03 19:30 UTC, w.doeringer 		Details
compiler error on valid code (647 bytes, text/plain)
2008-09-04 16:48 UTC, w.doeringer 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description w.doeringer 2008-09-01 15:39:31 UTC 
seg violation of compiler - previous versions compiled ok!
Comment 1 w.doeringer 2008-09-01 15:41:40 UTC 
Created attachment 16180 [details]
the ii file

the file you requested in your instructions on how to submit a bug report
Comment 2 Richard Biener 2008-09-01 15:49:04 UTC 
Created attachment 16181 [details]
unincluded testcase
Comment 3 Paolo Carlini 2008-09-01 15:50:41 UTC 
Note, 4_1-branch is closed. I would suggest first trying a newer compiler on your code, e.g., 4.3.2.
Comment 4 Richard Biener 2008-09-01 15:53:53 UTC 
Confirmed.

Program received signal SIGSEGV, Segmentation fault.
0x0000000000cd5495 in strip_array_types (type=0x0)
    at /space/rguenther/src/svn/trunk/gcc/tree.c:5755
5755      while (TREE_CODE (type) == ARRAY_TYPE)
(gdb) up
#1  0x00000000005ad26d in cp_type_quals (type=0x0)
    at /space/rguenther/src/svn/trunk/gcc/cp/typeck.c:7108
7108      type = strip_array_types (CONST_CAST_TREE(type));
(gdb) 
#2  0x0000000000585fb8 in original_type (t=0x0)
    at /space/rguenther/src/svn/trunk/gcc/cp/typeck.c:236
236       int quals = cp_type_quals (t);
(gdb) 
#3  0x0000000000589136 in merge_types (t1=0x7fd7237a0900, t2=0x0)
    at /space/rguenther/src/svn/trunk/gcc/cp/typeck.c:602
602       if (original_type (t1) == original_type (t2))
(gdb) 
#4  0x00000000005895ee in merge_types (t1=0x7fd7237a0a80, t2=0x7fd723765a80)
    at /space/rguenther/src/svn/trunk/gcc/cp/typeck.c:628
628             tree target = merge_types (TREE_TYPE (t1), TREE_TYPE (t2));
(gdb) call debug_tree (t1)
 <reference_type 0x7fd7237a0a80
    type <template_type_parm 0x7fd7237a0900 T VOID
        align 8 symtab 0 alias set -1 canonical type 0x7fd7249b0f00
       index 0 level 1 orig_level 1
        reference_to_this <reference_type 0x7fd7237a0a80> chain <type_decl 0x7fd7237a09c0 T>>
    unsigned DI
    size <integer_cst 0x7fd7252fcb10 type <integer_type 0x7fd7253100c0 bit_size_type> constant 64>
    unit size <integer_cst 0x7fd7252fcb40 type <integer_type 0x7fd725310000 long unsigned int> constant 8>
    align 64 symtab 0 alias set -1 canonical type 0x7fd723fdf240>
(gdb) call debug_tree (t2)
 <typename_type 0x7fd723765a80 reference type_0 type_6 VOID
    align 8 symtab 0 alias set -1 structural equality context <record_type 0x7fd72375d9c0 Cdeque>
    chain <type_decl 0x7fd723765b40 reference>>


#0  0x0000000000cd5495 in strip_array_types (type=0x0)
    at /space/rguenther/src/svn/trunk/gcc/tree.c:5755
#1  0x00000000005ad26d in cp_type_quals (type=0x0)
    at /space/rguenther/src/svn/trunk/gcc/cp/typeck.c:7108
#2  0x0000000000585fb8 in original_type (t=0x0)
    at /space/rguenther/src/svn/trunk/gcc/cp/typeck.c:236
#3  0x0000000000589136 in merge_types (t1=0x7fd7237a0900, t2=0x0)
    at /space/rguenther/src/svn/trunk/gcc/cp/typeck.c:602
#4  0x00000000005895ee in merge_types (t1=0x7fd7237a0a80, t2=0x7fd723765a80)
    at /space/rguenther/src/svn/trunk/gcc/cp/typeck.c:628
#5  0x0000000000589d73 in merge_types (t1=0x7fd7237a0b40, t2=0x7fd72376c300)
    at /space/rguenther/src/svn/trunk/gcc/cp/typeck.c:675
#6  0x000000000058a454 in merge_types (t1=0x7fd7237a0b40, t2=0x7fd72376c300)
    at /space/rguenther/src/svn/trunk/gcc/cp/typeck.c:723
#7  0x000000000042f5ca in duplicate_decls (newdecl=0x7fd72377b400, 
    olddecl=0x7fd72376a500, newdecl_is_friend=0 '\0')
    at /space/rguenther/src/svn/trunk/gcc/cp/decl.c:1703
#8  0x000000000044cb25 in grokfndecl (ctype=0x7fd7237650c0, 
    type=0x7fd7237a0cc0, declarator=0x7fd72530e780, parms=0x7fd72379e360, 
    orig_declarator=0x7fd72530e780, virtualp=0, flags=NO_SPECIAL, quals=0, 
    raises=0x0, check=1, friendp=0, publicp=1, inlinep=0, sfk=sfk_none, 
    funcdef_flag=1 '\001', template_count=1, in_namespace=0x0, 
    attrlist=0x7fff2d43db28)
    at /space/rguenther/src/svn/trunk/gcc/cp/decl.c:6802
#9  0x00000000004568e2 in grokdeclarator (declarator=0x1746bf0, 
    declspecs=0x7fff2d43dd00, decl_context=NORMAL, initialized=1, 
    attrlist=0x7fff2d43db28)
    at /space/rguenther/src/svn/trunk/gcc/cp/decl.c:9255
#10 0x000000000046900f in start_function (declspecs=0x7fff2d43dd00, 
    declarator=0x1746c70, attrs=0x0)
    at /space/rguenther/src/svn/trunk/gcc/cp/decl.c:11698
#11 0x00000000005717a4 in cp_parser_function_definition_from_specifiers_and_declarator (parser=0x7fd724a137d0, decl_specifiers=0x7fff2d43dd00, attributes=0x0, 
    declarator=0x1746c70)
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:17336
#12 0x0000000000568b31 in cp_parser_init_declarator (parser=0x7fd724a137d0, 
    decl_specifiers=0x7fff2d43dd00, checks=0x0, 
    function_definition_allowed_p=1 '\001', member_p=0 '\0', 
    declares_class_or_enum=0, function_definition_p=0x7fff2d43dcff "\001")
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:12584
#13 0x00000000005721f8 in cp_parser_single_declaration (parser=0x7fd724a137d0, 
    checks=0x0, member_p=0 '\0', explicit_specialization_p=0 '\0', 
    friend_p=0x7fff2d43ddb7 "")
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:17682
#14 0x0000000000571b94 in cp_parser_template_declaration_after_export (
    parser=0x7fd724a137d0, member_p=0 '\0')
---Type <return> to continue, or q <return> to quit---
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:17535
#15 0x000000000056434a in cp_parser_template_declaration (
    parser=0x7fd724a137d0, member_p=0 '\0')
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:9488
#16 0x00000000005624fd in cp_parser_declaration (parser=0x7fd724a137d0)
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:7884
#17 0x0000000000562298 in cp_parser_declaration_seq_opt (parser=0x7fd724a137d0)
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:7815
#18 0x0000000000567fd9 in cp_parser_namespace_body (parser=0x7fd724a137d0)
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:12028
#19 0x0000000000567f9f in cp_parser_namespace_definition (
    parser=0x7fd724a137d0)
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:12007
#20 0x00000000005625c5 in cp_parser_declaration (parser=0x7fd724a137d0)
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:7912
#21 0x0000000000562298 in cp_parser_declaration_seq_opt (parser=0x7fd724a137d0)
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:7815
#22 0x000000000055ada9 in cp_parser_translation_unit (parser=0x7fd724a137d0)
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:3031
#23 0x000000000057bdfd in c_parse_file ()
    at /space/rguenther/src/svn/trunk/gcc/cp/parser.c:21886
Comment 5 Richard Biener 2008-09-01 15:56:05 UTC 
Reducing.
Comment 6 Paolo Carlini 2008-09-01 16:01:13 UTC 
Thanks Richard.
Comment 7 Richard Biener 2008-09-01 16:02:16 UTC 
Reduced testcase:

template <typename T>
class Cdeque {
    typedef T *pointer;
    class iterator {
        typedef typename Cdeque<T>::pointer pointer;
        pointer operator->();
    };
};
template <typename T> T* Cdeque<T>::iterator::operator->() { }
Comment 8 Richard Biener 2008-09-01 16:03:36 UTC 
Which I guess is invalid because the definition of Cdeque is not complete
at the time we bind iterator::pointer to Cdeque<T>::pointer.
Comment 9 Richard Biener 2008-09-01 16:05:24 UTC 
Though EDG accepts it (but of course nothing is instantiated here).
Comment 10 w.doeringer 2008-09-01 16:14:33 UTC 
Subject: Re:  [4.2/4.3/4.4 Regression] seg violation

Hi,
thanks for taking the time to look at my problem.
I did try with version 4.2 and fared no better.
Versions up to 4.0.x compile ok.
Let me know if I can be of further assistance as I am quite stuck at the 
moment.
Best regards, wdoeringer

On Mon, 1 Sep 2008, rguenth at gcc dot gnu dot org wrote:

>
>
> ------- Comment #9 from rguenth at gcc dot gnu dot org  2008-09-01 16:05 -------
> Though EDG accepts it (but of course nothing is instantiated here).
>
>
>
Comment 11 w.doeringer 2008-09-01 16:39:07 UTC 
Subject: Re:  [4.2/4.3/4.4 Regression] seg violation

Hi,
I have added some substance to the reduced testcase, so that now actual 
code is generated. You find it in the attached file.
It compiles well under g++ 4.0.1 (Apple Inc. Build 5456)
but crashes under
4.2.1 (Ubuntu 4.2.1-5ubuntu4) and under 4.1.3
Best regards, wd.doeringer

On Mon, 1 Sep 2008, rguenth at gcc dot gnu dot org wrote:

>
>
> ------- Comment #9 from rguenth at gcc dot gnu dot org  2008-09-01 16:05 -------
> Though EDG accepts it (but of course nothing is instantiated here).
>
>
>
Comment 12 w.doeringer 2008-09-01 16:39:07 UTC 
Created attachment 16182 [details]
test.cpp
Comment 13 w.doeringer 2008-09-03 19:30:53 UTC 
Created attachment 16214 [details]
very small testcase

this is a ten-line testcase clearly pointing to a problem with type-resolution
regards w.doeringer@fh-worms.de
Comment 14 w.doeringer 2008-09-04 16:48:22 UTC 
Created attachment 16223 [details]
compiler error on valid code

might point to the problem causing the seg fault
Comment 15 Richard Biener 2008-09-20 14:41:51 UTC 
The question remains if this is invalid or valid code.
Comment 16 Jason Merrill 2008-12-01 16:29:50 UTC 
(In reply to comment #8)
> Which I guess is invalid because the definition of Cdeque is not complete
> at the time we bind iterator::pointer to Cdeque<T>::pointer.

This is not an issue because Cdeque<T>::pointer is a member of the current instantiation (per 14.6.2.1).
Comment 17 Paolo Bonzini 2009-02-03 12:51:23 UTC 
The failure happens because structural_comptypes calls resolve_typename_type, while merge_types does not.  Maybe it should as in this patch?

Index: ../../peak-gcc-src/gcc/cp/typeck.c
===================================================================
--- ../../peak-gcc-src/gcc/cp/typeck.c	(revision 143676)
+++ ../../peak-gcc-src/gcc/cp/typeck.c	(working copy)
@@ -606,6 +606,11 @@ merge_types (tree t1, tree t2)
   if (TYPE_PTRMEMFUNC_P (t2))
     t2 = TYPE_PTRMEMFUNC_FN_TYPE (t2);
 
+  if (TREE_CODE (t1) == TYPENAME_TYPE)
+    t1 = resolve_typename_type (t2, /*only_current_p=*/true);
+  if (TREE_CODE (t2) == TYPENAME_TYPE)
+    t2 = resolve_typename_type (t2, /*only_current_p=*/true);
+
   code1 = TREE_CODE (t1);
   code2 = TREE_CODE (t2);
Comment 18 Paolo Carlini 2009-02-03 13:16:23 UTC 
(In reply to comment #17)
> +  if (TREE_CODE (t1) == TYPENAME_TYPE)
> +    t1 = resolve_typename_type (t2, /*only_current_p=*/true);

But I suppose you want consistently t1 here ;)
Comment 19 Paolo Bonzini 2009-02-03 13:40:48 UTC 
Test.cpp is a rejects-valid.
Comment 20 Paolo Bonzini 2009-02-03 15:56:19 UTC 
Subject: Bug 37314

Author: bonzini
Date: Tue Feb  3 15:56:05 2009
New Revision: 143896

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=143896
Log:
gcc/cp:
2009-02-03  Paolo Bonzini  <bonzini@gnu.org>

	PR c++/36897
	* pt.c (convert_nontype_argument_function): Expect expr to be an
	ADDR_EXPR.

	PR c++/37314
	* typeck.c (merge_types): Call resolve_typename_type if only
	one type is a typename.

gcc/testsuite:
2009-02-03  Paolo Bonzini  <bonzini@gnu.org>

	PR c++/36897
	* g++.dg/template/func2.C: New test.

	PR c++/37314
	* g++.dg/template/typename15.C: New.
	* g++.dg/template/typename16.C: New.


Added:
    branches/gcc-4_3-branch/gcc/testsuite/g++.dg/template/func2.C
    branches/gcc-4_3-branch/gcc/testsuite/g++.dg/template/typename15.C
    branches/gcc-4_3-branch/gcc/testsuite/g++.dg/template/typename16.C
Modified:
    branches/gcc-4_3-branch/gcc/cp/ChangeLog
    branches/gcc-4_3-branch/gcc/cp/pt.c
    branches/gcc-4_3-branch/gcc/cp/typeck.c
    branches/gcc-4_3-branch/gcc/testsuite/ChangeLog
Comment 21 Paolo Bonzini 2009-02-03 16:21:21 UTC 
fixed on 4.3/4.4, still needs backporting to 4.2
Comment 22 Paolo Carlini 2009-02-03 16:22:50 UTC 
Likewise... ;)
Comment 23 Paolo Bonzini 2009-02-03 16:26:52 UTC 
Subject: Bug 37314

Author: bonzini
Date: Tue Feb  3 16:26:28 2009
New Revision: 143898

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=143898
Log:
gcc/cp:
2009-02-03  Paolo Bonzini  <bonzini@gnu.org>

	PR c++/36897
	* pt.c (convert_nontype_argument_function): Expect expr to be an
	ADDR_EXPR.

	PR c++/37314
	* typeck.c (merge_types): Call resolve_typename_type if only
	one type is a typename.

gcc/testsuite:
2009-02-03  Paolo Bonzini  <bonzini@gnu.org>

	PR c++/36897
	* g++.dg/template/func2.C: New test.

	PR c++/37314
	* g++.dg/template/typename15.C: New.
	* g++.dg/template/typename16.C: New.


Added:
    trunk/gcc/testsuite/g++.dg/template/func2.C
      - copied unchanged from r143896, branches/gcc-4_3-branch/gcc/testsuite/g++.dg/template/func2.C
    trunk/gcc/testsuite/g++.dg/template/typename15.C
      - copied unchanged from r143896, branches/gcc-4_3-branch/gcc/testsuite/g++.dg/template/typename15.C
    trunk/gcc/testsuite/g++.dg/template/typename16.C
      - copied unchanged from r143896, branches/gcc-4_3-branch/gcc/testsuite/g++.dg/template/typename16.C
Modified:
    trunk/gcc/cp/ChangeLog
    trunk/gcc/cp/pt.c
    trunk/gcc/cp/typeck.c
    trunk/gcc/testsuite/ChangeLog
Comment 24 Joseph S. Myers 2009-03-31 15:48:03 UTC 
Closing 4.2 branch, fixed for 4.3.4 and 4.4.