Bug 8358

Summary: Ada accesses freed memory
Product: gcc Reporter: Andreas Jaeger <aj>
Component: adaAssignee: Not yet assigned to anyone <unassigned>
Status: RESOLVED FIXED    
Severity: normal CC: fw, gcc-bugs, graham.stott, grahams
Priority: P3    
Version: 3.3   
Target Milestone: ---   
Host: Target:
Build: Known to work:
Known to fail: Last reconfirmed:

Description Andreas Jaeger 2002-10-25 11:26:00 UTC 
For more details see also the thread starting at:
http://gcc.gnu.org/ml/gcc-bugs/2002-10/msg00764.html

and especially these follow-ups:
http://gcc.gnu.org/ml/gcc-bugs/2002-10/msg00828.html
http://gcc.gnu.org/ml/gcc-bugs/2002-10/msg00859.html

The problem is this error:
$ ../../xgcc -B../../ -c -g -O2   -g -O2   -W -Wall -gnatpg -I. -I/cvs/gcc/gcc/ada s-intman.adb -v -save-temps
Reading specs from ../../specs
Configured with: /cvs/gcc/configure --prefix=/opt/gcc/3.3-devel --disable-nls --enable-threads=posix --enable-clocale=gnu --enable-__cxa_atexit --enable-shared --enable-languages=c,c++,f77,java,objc,ada,treelang --enable-checking=misc,tree,rtl,gc,rtlflag,gcac --with-system-zlib
Thread model: posix
gcc version 3.3 20021016 (experimental)
 ../../gnat1 -I. -I/cvs/gcc/gcc/ada -quiet -dumpbase s-intman.adb -g -g -gnatpg -O2 -O2 -W -Wall s-intman.adb -o s-intman.s
+===========================GNAT BUG DETECTED==============================+
| 3.3 20021016 (experimental) (i686-pc-linux-gnu) Storage_Error stack overflow (or erroneous memory access)|
| Error detected at s-intman.adb:113:20                                    |
| Please submit bug report by email to gcc-bugs@gcc.gnu.org.               |
| Use a subject line meaningful to you and us to track the bug.            |
| Include the entire contents of this bug box in the report.               |
| Include the exact gcc or gnatmake command that you entered.              |
| Also include sources listed below in gnatchop format                     |
| (concatenated together with no headers between files).                   |
| (use plain ASCII or MIME attachment).                                    |
| See gnatinfo.txt for full info on procedure for submitting bugs.         |
+==========================================================================+

Please include these source files with error report


compilation abandoned
build_unit_elab (gnat_unit=1076058484, body_p=1, gnu_elab_list=0xa5a5a5a5) at /cvs/gcc/gcc/ada/trans.c:5324
5324        if (TREE_PURPOSE (gnu_elab_list) == NULL_TREE)
(gdb) bt
#0  build_unit_elab (gnat_unit=1076058484, body_p=1, gnu_elab_list=0xa5a5a5a5) at /cvs/gcc/gcc/ada/trans.c:5324
#1  0x4001d2d0 in ?? ()
#2  0x08078ecf in tree_transform (gnat_node=1355) at /cvs/gcc/gcc/ada/sinfo.h:813
#3  0x08071ee6 in gnat_to_code (gnat_node=1076025312) at /cvs/gcc/gcc/ada/trans.c:232
internal error - unimplemented function unk_lang_create_fundamental_type called.
(gdb) p gnu_elab_list
$1 = (union tree_node *) 0xa5a5a5a5

Release:
GCC 3.3 CVS 20021016

Environment:
i686-linux-gnu with glibc 2.2.5

How-To-Repeat:
compile with --enable-checking=gcac and see it fail
when building the gnat-tools (make -C gcc gnatlib_and_tools).
Comment 1 graham.stott 2002-10-25 19:59:05 UTC 
From: Graham Stott <graham.stott@btinternet.com>
To: aj@suse.de
Cc: gcc-gnats@gcc.gnu.org,  gcc-patches@gcc.gnu.org
Subject: Re: ada/8358: Ada accesses freed memory
Date: Fri, 25 Oct 2002 19:59:05 +0100

 Andreas,
 
 Here's a patch which I have bootstraped i686-linux-gnu-pc with
 all checking enabled.
 
 This patch introduces a new GC root which is used to prevent
 the pending eleaborations from being GC collected while they
 are being enumerated by build_unit_elab.
 
 Ok for mainline?
 
 Graham
 
 ada/ChangeLog
 
         * trans.c (gnu_pending_elaboration_lists): New GC root.
         (build_unit_elab): Use..
 
 --------------------------------------------------------------------------
 Index: trans.c
 ===================================================================
 RCS file: /cvs/gcc/gcc/gcc/ada/trans.c,v
 retrieving revision 1.21
 diff -c -p -r1.21 trans.c
 *** trans.c     23 Oct 2002 07:33:34 -0000      1.21
 --- trans.c     25 Oct 2002 18:52:50 -0000
 *************** tree gnu_block_stack;
 *** 88,93 ****
 --- 88,97 ----
       handler.  Not used in the zero-cost case.  */
    static GTY(()) tree gnu_except_ptr_stack;
 
 + /* List of TREE_LIST nodes containing pending elaborations lists.
 +    used to prevent the elaborations being reclaimed by GC.  */
 + static GTY(()) tree gnu_pending_elaboration_lists;
 +
    /* Map GNAT tree codes to GCC tree codes for simple expressions.  */
    static enum tree_code gnu_codes[Number_Node_Kinds];
 
 *************** build_unit_elab (gnat_unit, body_p, gnu_
 *** 5298,5303 ****
 --- 5302,5311 ----
      if (gnu_elab_list == 0)
        return 1;
 
 +   /* Prevent the elaboration list from being reclaimed by the GC.  */
 +   gnu_pending_elaboration_lists = chainon (gnu_pending_elaboration_lists,
 +                                          gnu_elab_list);
 +
      /* Set our file and line number to that of the object and set up the
         elaboration routine.  */
      gnu_decl = create_subprog_decl (create_concat_name (gnat_unit,
 *************** build_unit_elab (gnat_unit, body_p, gnu_
 *** 5357,5362 ****
 --- 5365,5373 ----
      poplevel (kept_level_p (), 1, 0);
      gnu_block_stack = TREE_CHAIN (gnu_block_stack);
      end_subprog_body ();
 +
 +   /* We are finished with the elaboration list it can now be discarded.  */
 +   gnu_pending_elaboration_lists = TREE_CHAIN (gnu_pending_elaboration_lists);
 
      /* If there were no insns, we don't need an elab routine.  It would
         be nice to not output this one, but there's no good way to do that.  */
 ------------------------------------------------------------------------------
Comment 2 grahams 2002-11-05 00:49:45 UTC 
From: grahams@gcc.gnu.org
To: gcc-gnats@gcc.gnu.org
Cc:  
Subject: ada/8358
Date: 5 Nov 2002 00:49:45 -0000

 CVSROOT:	/cvs/gcc
 Module name:	gcc
 Changes by:	grahams@gcc.gnu.org	2002-11-04 16:49:45
 
 Modified files:
 	gcc/ada        : ChangeLog trans.c 
 
 Log message:
 	PR ada/8358
 	* trans.c (gnu_pending_elaboration_lists): New GC root.
 	(build_unit_elab): Use..
 
 Patches:
 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/ada/ChangeLog.diff?cvsroot=gcc&r1=1.265&r2=1.266
 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/ada/trans.c.diff?cvsroot=gcc&r1=1.21&r2=1.22
Comment 3 Florian Weimer 2002-11-11 09:42:28 UTC 
State-Changed-From-To: open->closed
State-Changed-Why: Fix installed on mainline; I think this is sufficient for closing this bug even though it still might lurk in the GCC 3.2 tree.
    
    Thanks!