Bug 44964 - [4.6 Regression] ICE: SIGSEGV in gimple_default_def (tree-dfa.c:539) with -fkeep-inline-functions
Summary: [4.6 Regression] ICE: SIGSEGV in gimple_default_def (tree-dfa.c:539) with -fk...
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: tree-optimization (show other bugs)
Version: 4.6.0
: P1 normal
Target Milestone: 4.6.0
Assignee: Richard Biener
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-07-16 13:36 UTC by Zdenek Sojka
Modified: 2010-11-10 16:05 UTC (History)
2 users (show)

See Also:
Host: x86_64-pc-linux-gnu
Target: x86_64-pc-linux-gnu
Build:
Known to work:
Known to fail:
Last reconfirmed: 2010-11-03 15:31:35

Attachments
reduced testcase (from ffmpeg sources) (119 bytes, text/plain)
2010-07-16 13:37 UTC, Zdenek Sojka 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Zdenek Sojka 2010-07-16 13:36:40 UTC 
Command line:
$ gcc -fkeep-inline-functions -O[123s] testcase.c

Valgrind output:
$ valgrind -q --trace-children=yes /mnt/svn/gcc-trunk/binary-162056-lto-fortran-checking-yes-rtl-df/bin/gcc -fkeep-inline-functions -O1 testcase.c
==20756== Invalid read of size 8
==20756==    at 0x8CD66D: gimple_default_def (tree-dfa.c:539)
==20756==    by 0xADB938: setup_one_parameter (tree-inline.c:2527)
==20756==    by 0xAE140D: optimize_inline_calls (tree-inline.c:2690)
==20756==    by 0xAB9129: cgraph_early_inlining (ipa-inline.c:1783)
==20756==    by 0x7B813D: execute_one_pass (passes.c:1565)
==20756==    by 0x7B83D4: execute_pass_list (passes.c:1620)
==20756==    by 0x7B763B: do_per_function_toporder (passes.c:1158)
==20756==    by 0x7B87F5: execute_ipa_pass_list (passes.c:1920)
==20756==    by 0xAB0350: cgraph_optimize (cgraphunit.c:1851)
==20756==    by 0xAB05AA: cgraph_finalize_compilation_unit (cgraphunit.c:1171)
==20756==    by 0x4DF2D2: c_write_global_declarations (c-decl.c:9698)
==20756==    by 0x8A41E5: toplev_main (toplev.c:997)
==20756==  Address 0x40 is not stack'd, malloc'd or (recently) free'd
==20756== 
testcase.c: In function 'bar':
testcase.c:11:7: internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.

Tested revisions:
r162056 - crash
r159696 - crash
r158969 - crash
r158095 - OK
4.5 r160526 - OK
Comment 1 Zdenek Sojka 2010-07-16 13:37:42 UTC 
Created attachment 21222 [details]
reduced testcase (from ffmpeg sources)

Command line:
$ gcc -fkeep-inline-functions -O1 pr44964.c
Comment 2 H.J. Lu 2010-07-16 15:31:35 UTC 
It is caused by revision 158477:

http://gcc.gnu.org/ml/gcc-cvs/2010-04/msg00583.html
Comment 3 Richard Biener 2010-07-23 12:50:38 UTC 
Program received signal SIGSEGV, Segmentation fault.
0x0000000000a293b1 in gimple_default_def (fn=0x7ffff7ee1480, 
    var=0x7ffff7edb880) at /space/rguenther/src/svn/trunk/gcc/tree-dfa.c:538
538       return (tree) htab_find_with_hash (DEFAULT_DEFS (fn), &in, DECL_UID (var));
(gdb) p fn->gimple_df 
$2 = (struct gimple_df *) 0x0

obviously that function (baz) is not in SSA form.  Still we want to inline
it.  Huh.  node->analyzed is true for it.  Huhuh.
Comment 4 Richard Biener 2010-11-03 15:57:21 UTC 
Reconfirmed.
Comment 5 Richard Biener 2010-11-10 13:53:11 UTC 
Looking at it.
Comment 6 Richard Biener 2010-11-10 14:06:04 UTC 
It is caused by breaking edges to callees for always-inline functions when
topologically sorting the cgraph.  And cgraph_flatten misses a check
for matching SSA form like other inliners have.

I have a patch.
Comment 7 Richard Biener 2010-11-10 16:05:08 UTC 
Author: rguenth
Date: Wed Nov 10 16:05:03 2010
New Revision: 166543

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=166543
Log:
2010-11-10  Richard Guenther  <rguenther@suse.de>

	PR tree-optimization/44964
	* ipa-inline.c (cgraph_flatten): Check that SSA form matches.

	* gcc.dg/pr44964.c: New testcase.

Added:
    trunk/gcc/testsuite/gcc.dg/pr44964.c
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/ipa-inline.c
    trunk/gcc/testsuite/ChangeLog
Comment 8 Richard Biener 2010-11-10 16:05:32 UTC 
Fixed.