Bug 40759 - [4.5 Regression] segfault in useless_type_conversion_p
Summary: [4.5 Regression] segfault in useless_type_conversion_p
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: tree-optimization (show other bugs)
Version: 4.5.0
: P1 normal
Target Milestone: 4.5.0
Assignee: Jan Hubicka
URL:
Keywords: ice-on-valid-code
Depends on:
Blocks:
 
Reported: 2009-07-15 04:13 UTC by John Regehr
Modified: 2009-09-07 10:22 UTC (History)
3 users (show)

See Also:
Host: i686-pc-linux-gnu
Target: i686-pc-linux-gnu
Build: i686-pc-linux-gnu
Known to work:
Known to fail:
Last reconfirmed: 2009-07-15 08:19:01


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Regehr 2009-07-15 04:13:35 UTC
regehr@john-home:~/volatile/tmp173$ current-gcc -c -Wall -O2 small.c
small.c: In function ‘func_150’:
small.c:65:1: internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.

regehr@john-home:~/volatile/tmp173$ current-gcc -v

Using built-in specs.
Target: i686-pc-linux-gnu
Configured with: ../configure --prefix=/home/regehr/z/tmp/gcc-r149650-install --program-prefix=r149650- --enable-languages=c,c++
Thread model: posix
gcc version 4.5.0 20090714 (experimental) (GCC) 

regehr@john-home:~/volatile/tmp173$ cat small.c

struct S0 {
  signed char f0;
  signed char f4;
};

struct S0 g_19 = {
  7L, 0L
};

struct S0 g_39 = {
  0L, 0x49L
};

struct S0 g_90 = {
  1L, 0
};

signed char g_125;
signed char g_198;
signed char g_218;

signed char func_17 (int p_18, struct S0 p_20, signed char p_22, signed char p_24)
{
  return p_20.f0;
}

signed char func_61 (int p_63, signed char p_64, signed char p_65)
{
  return 0;
}

struct S0 func_176 (int p_178, int p_179)
{
  return g_90;
}

struct S0 func_160 (int p_161, int p_163)
{
  struct S0 l_240 = {
    9L, 0L
  };
  if (func_17 (1, func_176 (g_218, 1), 1, 1))
    {
      struct S0 l_253 = {
	0xE0, 0xB4L
      };
      return l_253;
    }
  return l_240;
}

struct S0 func_150 (int p_151, signed char p_153, signed char p_154, signed char p_155)
{
  signed char l_156 = 0;
  signed char l_266 = 0;
  if (func_17
      (func_61
       (g_125, l_156,
	func_61 (1, func_17 (1, func_160 (l_266, g_90.f4), p_153, 1), 1)),
       func_176 (g_39.f0, 1), 1, 1))
    {
      g_198 = 1;
    }
  return g_19;
}
Comment 1 Uroš Bizjak 2009-07-15 08:19:01 UTC
Confirmed on i686 (x86_64 with -m32):

Program received signal SIGSEGV, Segmentation fault.
useless_type_conversion_p (outer_type=0x2ac18624b240, inner_type=0x0)
    at ../../gcc-svn/trunk/gcc/tree-ssa.c:1003
1003      if (POINTER_TYPE_P (inner_type)

#0  useless_type_conversion_p (outer_type=0x2b34ca46c240, inner_type=0x0)
    at ../../gcc-svn/trunk/gcc/tree-ssa.c:1003
#1  0x000000000078f62c in verify_gimple_phi (stmt=0x2b34ca571900)
    at ../../gcc-svn/trunk/gcc/tree-cfg.c:4095
#2  0x000000000079816e in verify_stmts ()
    at ../../gcc-svn/trunk/gcc/tree-cfg.c:4444
#3  0x000000000088214d in verify_ssa (
    check_modified_stmt=<value optimized out>)
    at ../../gcc-svn/trunk/gcc/tree-ssa.c:545
#4  0x00000000006e57a4 in execute_function_todo (data=<value optimized out>)
    at ../../gcc-svn/trunk/gcc/passes.c:1007

Comment 2 Richard Biener 2009-07-15 09:53:11 UTC
Program received signal SIGSEGV, Segmentation fault.
0x086e621a in useless_type_conversion_p (outer_type=0xb7cd43f0, inner_type=0x0)
    at /home/richard/src/trunk/gcc/tree-ssa.c:1003
1003	  if (POINTER_TYPE_P (inner_type)
(gdb) up
#1  0x085823cc in verify_gimple_phi (stmt=0xb7d7b380)
    at /home/richard/src/trunk/gcc/tree-cfg.c:4095
4095	      if (!useless_type_conversion_p (type, TREE_TYPE (arg)))
(gdb) call debug_gimple_stmt (stmt)
.MEM_20 = PHI <.MEM_33(2), .MEM_24(3)>

(gdb) call debug_tree (arg)
 <ssa_name 0xb7d7eac4 nothrow var <var_decl 0xb7d7c5a0 .MEM>def_stmt 

    version 33 in-free-list>


somebody released that SSA name.  My bet #1 is honzas CD-DCE changes:

#7  0x0848bf5c in execute_one_pass (pass=0x8d09a40)
    at /home/richard/src/trunk/gcc/passes.c:1311
1311	  execute_todo (todo_after | pass->todo_flags_finish);
(gdb) p *pass
$1 = {type = GIMPLE_PASS, name = 0x8bb581c "cddce", 
  gate = 0x8646077 <gate_dce>, execute = 0x8646059 <tree_ssa_cd_dce>, 
  sub = 0x0, next = 0x8d0a5a0, static_pass_number = 39, 
  tv_id = TV_TREE_CD_DCE, properties_required = 40, properties_provided = 0, 
  properties_destroyed = 0, todo_flags_start = 524288, todo_flags_finish = 13}


Honza, you likely forget to propagate bare symbols to uses before renaming
somewhere?
Comment 3 Jan Hubicka 2009-07-15 11:29:11 UTC
Subject: Re:  [4.5 Regression] segfault in useless_type_conversion_p

I hope that patch for PR40676 should cure those problems.  I am just on
the way to Prague, but I will try to look into it tomorrow.

Honza
Comment 4 Jan Hubicka 2009-07-23 16:15:43 UTC
Subject: Re:  [4.5 Regression] segfault in useless_type_conversion_p

Hi,
the problem here is in removing virtual PHI.  We replace uses of the
virtual PHI results by the corresponding VAR_DECL and send symbol for
renaming.  However the replacement is done only for live statements and
we send for renaming only if any live statements are found.

The problem here is that virutal PHI defines vop used by dead statement.
The dead statement however define vop used by live statement.  At the
time we are removing the dead statement, live statement gets former PHI
result, now dead in its vuse.

The following patch solves it by simply updating all uses, dead or
alive.  It woudl be possible to keep this check and add check into code
deleting dead_statements to update when result of dead PHI is propagated
through.

I am bootsrapping/regtesting this version.

Index: tree-ssa-dce.c
===================================================================
--- tree-ssa-dce.c	(revision 150009)
+++ tree-ssa-dce.c	(working copy)
@@ -828,9 +828,6 @@ mark_virtual_phi_result_for_renaming (gi
     }
   FOR_EACH_IMM_USE_STMT (stmt, iter, gimple_phi_result (phi))
     {
-      if (gimple_code (stmt) != GIMPLE_PHI
-	  && !gimple_plf (stmt, STMT_NECESSARY))
-        continue;
       FOR_EACH_IMM_USE_ON_STMT (use_p, iter)
         SET_USE (use_p, SSA_NAME_VAR (gimple_phi_result (phi)));
       update_stmt (stmt);
Comment 5 Martin Jambor 2009-07-28 13:28:37 UTC
Honza, unless there are any new problems, can you commit the patch?  Thanks.
Comment 6 Jan Hubicka 2009-07-28 16:38:05 UTC
Subject: Bug 40759

Author: hubicka
Date: Tue Jul 28 16:37:50 2009
New Revision: 150168

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=150168
Log:

	PR tree-optimization/40759
	* tree-ssa-dce.c (mark_virtual_phi_result_for_renaming): Mark all uses
	for renaming.

Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/tree-ssa-dce.c

Comment 7 Richard Biener 2009-09-07 10:22:39 UTC
Fixed.