Jakub, thanks for fixing PR37419 so quickly. I can confirm that the testcase from this bug now works. However, there's a second testcase I have that still shows a similar problem with current trunk (revision 140257): (sid)1151:tbm@em64t: ..4.3-2008-09-11-r140257/gcc] ./cc1 -quiet -O3 ~/gst-plugins-base0.10-imgconvert.i *** glibc detected *** ./cc1: free(): invalid next size (fast): 0x0000000002025420 *** ======= Backtrace: ========= /lib/libc.so.6[0x7f315eda1968] /lib/libc.so.6(cfree+0x76)[0x7f315eda3a76] ./cc1[0x80c083] ./cc1[0x80c507] ./cc1[0x829762] ./cc1[0x6404d9] ./cc1[0x640715] ./cc1[0x64072d] ./cc1[0x64072d] ./cc1[0x736f0c] ./cc1[0x8b0710] ./cc1[0x8b2444] ./cc1[0x416743] ./cc1[0x6e7f09] /lib/libc.so.6(__libc_start_main+0xe6)[0x7f315ed4c1a6] ./cc1(mpfr_cosh+0xc1)[0x4044d9] ======= Memory map: ======== 00400000-00d94000 r-xp 00000000 08:07 164732 /home/tbm/tmp/gcc/4.3-2008-09-11-r140257/gcc/cc1 00f94000-0101e000 rw-p 00994000 08:07 164732 /home/tbm/tmp/gcc/4.3-2008-09-11-r140257/gcc/cc1 0101e000-010b2000 rw-p 0101e000 00:00 0 01f4b000-02361000 rw-p 01f4b000 00:00 0 [heap] 7f3158000000-7f3158021000 rw-p 7f3158000000 00:00 0 7f3158021000-7f315c000000 ---p 7f3158021000 00:00 0 7f315c09f000-7f315c0b5000 r-xp 00000000 08:07 5522074 /lib/libgcc_s.so.1 7f315c0b5000-7f315c2b5000 ---p 00016000 08:07 5522074 /lib/libgcc_s.so.1 7f315c2b5000-7f315c2b6000 rw-p 00016000 08:07 5522074 /lib/libgcc_s.so.1 7f315c2b6000-7f315c2bb000 rw-p 7f315c2b6000 00:00 0 7f315c2bd000-7f315c2c4000 rw-p 7f315c2bd000 00:00 0 7f315c2d2000-7f315c2d7000 rw-p 7f315c2d2000 00:00 0 7f315c2d9000-7f315c2da000 rw-p 7f315c2d9000 00:00 0 7f315c2db000-7f315c2e6000 rw-p 7f315c2db000 00:00 0 7f315c2e8000-7f315c2eb000 rw-p 7f315c2e8000 00:00 0 7f315c2ee000-7f315c2ef000 rw-p 7f315c2ee000 00:00 0 7f315c3b6000-7f315c3ba000 rw-p 7f315c3b6000 00:00 0 7f315c3bc000-7f315c3bd000 rw-p 7f315c3bc000 00:00 0 7f315c3bf000-7f315c3c0000 rw-p 7f315c3bf000 00:00 0 7f315c3c1000-7f315c3c2000 rw-p 7f315c3c1000 00:00 0 7f315c3c5000-7f315c3c7000 rw-p 7f315c3c5000 00:00 0 7f315c3c8000-7f315c3ca000 rw-p 7f315c3c8000 00:00 0 7f315c3cb000-7f315c3cd000 rw-p 7f315c3cb000 00:00 0 7f315c3ce000-7f315c3d5000 rw-p 7f315c3ce000 00:00 0 7f315c3d6000-7f315c3e2000 rw-p 7f315c3d6000 00:00 0 7f315c3e3000-7f315c3e4000 rw-p 7f315c3e3000 00:00 0 7f315c3e5000-7f315c3e6000 rw-p 7f315c3e5000 00:00 0 7f315c3e7000-7f315c3e9000 rw-p 7f315c3e7000 00:00 0 7f315c3ea000-7f315c3ec000 rw-p 7f315c3ea000 00:00 0 7f315c3ed000-7f315c3ef000 rw-p 7f315c3ed000 00:00 0 7f315c3f0000-7f315c3f1000 rw-p 7f315c3f0000 00:00 0 7f315c3f2000-7f315c3fa000 rw-p 7f315c3f2000 00:00 0 7f315c3fc000-7f315c400000 rw-p 7f315c3fc000 00:00 0 7f315c401000-7f315c406000 rw-p 7f315c401000 00:00 0 7f315c407000-7f315c40b000 rw-p 7f315c407000 00:00 0 7f315c40d000-7f315c40e000 rw-p 7f315c40d000 00:00 0 7f315c410000-7f315c415000 rw-p 7f315c410000 00:00 0 7f315c418000-7f315c419000 rw-p 7f315c418000 00:00 0 7f315c41a000-7f315c422000 rw-p 7f315c41a000 00:00 0 7f315c423000-7f315c425000 rw-p 7f315c423000 00:00 0 7f315c427000-7f315c428000 rw-p 7f315c427000 00:00 0 7f315c429000-7f315c42a000 rw-p 7f315c429000 00:00 0 7f315c42b000-7f315c438000 rw-p 7f315c42b000 00:00 0 7f315c439000-7f315c43a000 rw-p 7f315c439000 00:00 0 7f315c43b000-7f315c43c000 rw-p 7f315c43b000 00:00 0 7f315c43d000-7f315c43e000 rw-p 7f315c43d000 00:00 0 7f315c43f000-7f315c441000 rw-p 7f315c43f000 00:00 0 7f315c442000-7f315c444000 rw-p 7f315c442000 00:00 0 7f315c448000-7f315c44a000 rw-p 7f315c448000 00:00 0 7f315c44b000-7f315c44c000 rw-p 7f315c44b000 00:00 0 7f315c44d000-7f315c455000 rw-p 7f315c44d000 00:00 0 7f315c457000-7f315c46c000 rw-p 7f315c457000 00:00 0 7f315c46d000-7f315c477000 rw-p 7f315c46d000 00:00 0 7f315c478000-7f315c47c000 rw-p 7f315c478000 00:00 0 7f315c47e000-7f315c47f000 rw-p 7f315c47e000 00:00 0 7f315c485000-7f315c486000 rw-p 7f315c485000 00:00 0 7f315c487000-7f315c489000 rw-p 7f315c487000 00:00 0 7f315c48b000-7f315c48f000 rw-p 7f315c48b000 00:00 0 7f315c494000-7f315c495000 rw-p 7f315c494000 00:00 0 7f315c497000-7f315c49b000 rw-p 7f315c497000 00:00 0 7f315c49d000-7f315c4a4000 rw-p 7f315c49d000 00:00 0 7f315c4a6000-7f315c4ab000 rw-p 7f315c4a6000 00:00 0 7f315c4ac000-7f315c4ae000 rw-p 7f315c4ac000 00:00 0 7f315c4af000-7f315c4b3000 rw-p 7f315c4af000 00:00 0 7f315c4b4000-7f315c4b7000 rw-p 7f315c4b4000 00:00 0 7f315c4b8000-7f315c4b9000 rw-p 7f315c4b8000 00:00 0 7f315c4ba000-7f315c4be000 rw-p 7f315c4ba000 00:00 0 7f315c4bf000-7f315c4c2000 rw-p 7f315c4bf000 00:00 0 7f315c4c5000-7f315c4c6000 rw-p 7f315c4c5000 00:00 0 7f315c4c8000-7f315c4cb000 rw-p 7f315c4c8000 00:00 0 7f315c4cc000-7f315c4cf000 rw-p 7f315c4cc000 00:00 0 7f315c4d0000-7f315c4d3000 rw-p 7f315c4d0000 00:00 0 7f315c4d4000-7f315c4d5000 rw-p 7f315c4d4000 00:00 0 7f315c4d6000-7f315c4d8000 rw-p 7f315c4d6000 00:00 0 7f315c4d9000-7f315c4f0000 rw-p 7f315c4d9000 00:00 0 7f315c4f3000-7f315c4f5000 rw-p 7f315c4f3000 00:00 0 7f315c4f8000-7f315c4f9000 rw-p 7f315c4f8000 00:00 0 7f315c4fa000-7f315c4fb000 rw-p 7f315c4fa000 00:00 0 7f315c4fd000-7f315c502000 rw-p 7f315c4fd000 00:00 0 7f315c503000-7f315c508000 rw-p 7f315c503000 00:00 0 7f315c509000-7f315c50e000 rw-p 7f315c509000 00:00 0 7f315c50f000-7f315c514000 rw-p 7f315c50f000 00:00 0 7f315c516000-7f315c517000 rw-p 7f315c516000 00:00 0 7f315c518000-7f315c519000 rw-p 7f315c518000 00:00 0 7f315c51c000-7f315c51d000 rw-p 7f315c51c000 00:00 0 7f315c524000-7f315c525000 rw-p 7f315c524000 00:00 0 7f315c528000-7f315c529000 rw-p 7f315c528000 00:00 0 7f315c52b000-7f315c530000 rw-p 7f315c52b000 00:00 0 7f315c531000-7f315c534000 rw-p 7f315c531000 00:00 0 7f315c535000-7f315c536000 rw-p 7f315c535000 00:00 0 7f315c539000-7f315c53a000 rw-p 7f315c539000 00:00 0 7f315c53c000-7f315c53d000 rw-p 7f315c53c000 00:00 0 7f315c53f000-7f315c542000 rw-p 7f315c53f000 00:00 0 7f315c543000-7f315c546000 rw-p 7f315c543000 00:00 0 7f315c547000-7f315c548000 rw-p 7f315c547000 00:00 0 7f315c54a000-7f315c54e000 rw-p 7f315c54a000 00:00 0 7f315c551000-7f315c552000 rw-p 7f315c551000 00:00 0 7f315c555000-7f315c55b000 rw-p 7f315c555000 00:00 0 7f315c55c000-7f315c560000 rw-p 7f315c55c000 00:00 0 7f315c561000-7f315c568000 rw-p 7f315c561000 00:00 0 7f315c56a000-7f315c56b000 rw-p 7f315c56a000 00:00 0 7f315c56c000-7f315c572000 rw-p 7f315c56c000 00:00 0 7f315c574000-7f315c579000 rw-p 7f315c574000 00:00 0 7f315c57a000-7f315c57f000 rw-p 7f315c57a000 00:00 0 7f315c581000-7f315c583000 rw-p 7f315c581000 00:00 0 7f315c585000-7f315c589000 rw-p 7f315c585000 00:00 0 7f315c58a000-7f315c58c000 rw-p 7f315c58a000 00:00 0 7f315c58d000-7f315c590000 rw-p 7f315c58d000 00:00 0 7f315c591000-7f315c595000 rw-p 7f315c591000 00:00 0 7f315c596000-7f315c599000 rw-p 7f315c596000 00:00 0 7f315c59a000-7f315c59d000 rw-p 7f315c59a000 00:00 0 7f315c59e000-7f315c5a0000 rw-p 7f315c59e000 00:00 0 7f315c5a1000-7f315c5a4000 rw-p 7f315c5a1000 00:00 0 7f315c5a5000-7f315c5a6000 rw-p 7f315c5a5000 00:00 0 7f315c5a7000-7f315c5a9000 rw-p 7f315c5a7000 00:00 0 7f315c5ad000-7f315c5ae000 rw-p 7f315c5ad000 00:00 0 7f315c5b0000-7f315c5b1000 rw-p 7f315c5b0000 00:00 0 7f315c5b3000-7f315c5b4000 rw-p 7f315c5b3000 00:00 0 7f315c5b5000-7f315c5b6000 rw-p 7f315c5b5000 00:00 0 7f315c5b7000-7f315c5b9000 rw-p 7f315c5b7000 00:00 0 7f315c5ba000-7f315c5bb000 rw-p 7f315c5ba000 00:00 0 7f315c5bc000-7f315c5bd000 rw-p 7f315c5bc000 00:00 0 7f315c5c0000-7f315c5c2000 rw-p 7f315c5c0000 00:00 0 7f315c5c3000-7f315c5c7000 rw-p 7f315c5c3000 00:00 0 7f315c5cb000-7f315c5cc000 rw-p 7f315c5cb000 00:00 0 7f315c5cd000-7f315c5ce000 rw-p 7f315c5cd000 00:00 0 7f315c5d0000-7f315c5d4000 rw-p 7f315c5d0000 00:00 0 7f315c5d6000-7f315c5d8000 rw-p 7f315c5d6000 00:00 0 7f315c5da000-7f315c5de000 rw-p 7f315cIn file included from imgconvert.c:1682: imgconvert_template.h: In function 'bgr24_to_nv12': imgconvert_template.h:494: internal compiler error: Aborted Please submit a full bug report, with preprocessed source if appropriate.
Created attachment 16290 [details] Preprocessed source
vect_analyze_slp_instance/vect_supported_load_permutation_p/vect_supported_slp_permutation_p are buggy. 0x0000000000a51e93 in vect_supported_slp_permutation_p (instance=0x7fffe4bfafd8) at ../../gcc/tree-vect-analyze.c:3157 3157 tmp_loads[index] = load; (gdb) p *instance $23 = {root = 0x7fffe4d95fd0, group_size = 2, unrolling_factor = 8, cost = {outside_of_loop = 0, inside_of_loop = 33}, load_permutation = 0x7fffe512cfb8, loads = 0x7fffe512efb8} (gdb) p *instance->load_permutation $24 = {base = {num = 12, alloc = 16, vec = {5}}} (gdb) x/12w instance->load_permutation->base.vec 0x7fffe512cfc0: 0x00000005 0x00000005 0x00000002 0x00000002 0x7fffe512cfd0: 0x00000004 0x00000004 0x00000001 0x00000001 0x7fffe512cfe0: 0x00000003 0x00000003 0x00000000 0x00000000 (gdb) p index $25 = 5 So it is writing well past the end of tmp_loads (which has group_size == 2 entries).
It has absolutely nothing to do with mpfr (neither did the other memory corruption), no idea where you got it from.
Testing: Index: tree-vect-analyze.c =================================================================== --- tree-vect-analyze.c (revision 140274) +++ tree-vect-analyze.c (working copy) @@ -3200,6 +3200,10 @@ vect_supported_load_permutation_p (slp_i /* FORNOW: the only supported permutation is 0..01..1.. of length equal to GROUP_SIZE and where each sequence of same drs is of GROUP_SIZE length as well. */ + if (VEC_length (int, load_permutation) + != (unsigned int) (group_size * group_size)) + return false; + supported = true; for (j = 0; j < group_size; j++) {
Subject: Bug 37474 Author: irar Date: Thu Sep 11 12:08:01 2008 New Revision: 140276 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=140276 Log: PR tree-optimization/37474 * tree-vect-analyze.c (vect_supported_load_permutation_p): Check the length of load permutation. Added: trunk/gcc/testsuite/gcc.dg/vect/pr37474.c Modified: trunk/gcc/ChangeLog trunk/gcc/testsuite/ChangeLog trunk/gcc/tree-vect-analyze.c
Fixed.