Confirmed.

have a similiar build failure, but seen with both 4.6 and 4.7, so this seems to be a 4.6 regression too. works with -O2 and below.

fails with 4.6 20110428 and trunk 20110419.

$ gcc -g -O3 -c psf.i 
psf.c: In function 'psf_fit':
psf.c:300:6: internal compiler error: Segmentation fault
Please submit a full bug report,


Program received signal SIGSEGV, Segmentation fault.
0x000000000083e71a in build2_stat ()
(gdb) bt
#0  0x000000000083e71a in build2_stat ()
#1  0x00000000005490ee in gimple_assign_rhs_to_tree ()
#2  0x000000000080114e in insert_debug_temp_for_var_def ()
#3  0x0000000000801538 in insert_debug_temps_for_defs ()
#4  0x000000000062553a in gsi_remove ()
#5  0x0000000000763862 in ?? ()
#6  0x000000000076402f in ?? ()
#7  0x000000000069f0e9 in execute_one_pass ()
#8  0x000000000069f395 in execute_pass_list ()
#9  0x000000000069f3a7 in execute_pass_list ()
#10 0x000000000069f3a7 in execute_pass_list ()
#11 0x000000000076b051 in tree_rest_of_compilation ()
#12 0x00000000008a915f in ?? ()
#13 0x00000000008aadba in cgraph_optimize ()
#14 0x00000000008ab1ba in cgraph_finalize_compilation_unit ()
#15 0x00000000004b6e05 in c_write_global_declarations ()
#16 0x00000000007301be in toplev_main ()
#17 0x00007ffff625aeed in __libc_start_main (main=<value optimized out>, argc=<value optimized out>, 
    ubp_av=<value optimized out>, init=<value optimized out>, fini=<value optimized out>, 
    rtld_fini=<value optimized out>, stack_end=0x7fffffffe5e8) at libc-start.c:228
#18 0x00000000004a67f9 in _start ()

Created attachment 24168 [details]
preprocessed source

Backtrace with debug symbols for the testcase from comment #3 (trunk r173240):

$ gcc -w -c -O3 -g psf.i -wrapper valgrind,-q,--num-callers=40
==5472== Invalid read of size 2
==5472==    at 0xA9521C: build2_stat (tree.c:3753)
==5472==    by 0x5E408E: gimple_assign_rhs_to_tree (cfgexpand.c:78)
==5472==    by 0xA37EBF: insert_debug_temp_for_var_def (tree-ssa.c:402)
==5472==    by 0xA383EA: insert_debug_temps_for_defs (tree-ssa.c:506)
==5472==    by 0x762FB8: gsi_remove (gimple-iterator.c:511)
==5472==    by 0x9504B9: distribute_loop (tree-loop-distribution.c:206)
==5472==    by 0x95100C: tree_loop_distribution (tree-loop-distribution.c:1252)
==5472==    by 0x816DF5: execute_one_pass (passes.c:1556)
==5472==    by 0x8170D4: execute_pass_list (passes.c:1611)
==5472==    by 0x8170E6: execute_pass_list (passes.c:1612)
==5472==    by 0x8170E6: execute_pass_list (passes.c:1612)
==5472==    by 0x95F6EA: tree_rest_of_compilation (tree-optimize.c:423)
==5472==    by 0xB42C22: cgraph_expand_function (cgraphunit.c:1579)
==5472==    by 0xB4516B: cgraph_optimize (cgraphunit.c:1638)
==5472==    by 0xB456F9: cgraph_finalize_compilation_unit (cgraphunit.c:1099)
==5472==    by 0x4FAF73: c_write_global_declarations (c-decl.c:9883)
==5472==    by 0x903A17: toplev_main (toplev.c:591)
==5472==    by 0x644AB6C: (below main) (in /lib64/libc-2.11.3.so)
==5472==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==5472== 
psf.c: In function 'psf_fit':
psf.c:300:6: internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.

-fno-tree-loop-distribute-patterns prevents the crash.

Created attachment 24191 [details]
reduced testcase from comment #2

$ gcc -O3 -g pr48159-2.c -fno-tree-loop-distribute-patterns -c
$ gcc -O3 -g pr48159-2.c
pr48159-2.c: In function 'foo':
pr48159-2.c:4:1: internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.

Fails with both 4.7 and 4.6.1 (r173059).

Caused by http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=167697

Further reduced testcase for -O3 -g:

void
foo (double x, int y, double *__restrict z, double *__restrict w)
{
  while (y--)
    *z++ = (*w++ = 0) * x;
}

First of all, it surprises me that tree-loop-distribution.c and stmts_from_loop don't do anything special about debug stmts, I'd say stmts_from_loop should
ignore debug stmts like it ignores GIMPLE_LABELs and generate_loops_for_partition and generate_builtin match that, the first
by keeping all DEBUG stmts in all loops and generate_builtin to just ignore them.  Otherwise I think we risk -fcompare-debug failures.

The second problem is in generate_loops_for_partition, it wants to remove
all stmts that are not in that partition, and going in the order of stmts queued
from stmts_from_loop, by walking the loop bbs sequentially and first going through not marked phis, removing each of them, then going through stmts from first to last in the bb, again removing unneeded stmts.

insert_debug_temp_for_var_def though assumes I think that within one bb stmts are removed from the end towards beginning and that bbs are traversed during removal in the right order according to dominator info.  Not sure what we want to do there, perhaps reset all the debug stmts that use values set by stmts that are not in the current partition?  Alex, any ideas?  In particular, the problematic DEBUG stmt uses a SSA_NAME which is not in partition bitmap, whose definition is a PHI node result again not in the partition, and where one of the PHI arguments again uses the SSA_NAME also used in the DEBUG stmt.

Created attachment 24223 [details]
gcc46-pr48159.patch

Untested fix.

Author: jakub
Date: Wed May 11 12:53:43 2011
New Revision: 173656

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=173656
Log:
	PR debug/48159
	* tree-ssa.c (reset_debug_uses): New function.
	* tree-flow.h (reset_debug_uses): New prototype.
	* tree-data-ref.c (stmts_from_loop): Ignore debug stmts.
	* tree-loop-distribution.c (generate_loops_for_partition): Call
	reset_debug_uses on the stmts that will be removed.  Keep around
	all debug stmts, don't count them as bits in partition bitmap.
	(generate_builtin): Don't count debug stmts or labels as bits in
	partition bitmap.

	* gcc.dg/pr48159-1.c: New test.
	* gcc.dg/pr48159-2.c: New test.

Added:
    trunk/gcc/testsuite/gcc.dg/pr48159-1.c
    trunk/gcc/testsuite/gcc.dg/pr48159-2.c
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/testsuite/ChangeLog
    trunk/gcc/tree-data-ref.c
    trunk/gcc/tree-flow.h
    trunk/gcc/tree-loop-distribution.c
    trunk/gcc/tree-ssa.c

Author: jakub
Date: Wed May 11 13:07:54 2011
New Revision: 173657

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=173657
Log:
	PR debug/48159
	* tree-ssa.c (reset_debug_uses): New function.
	* tree-flow.h (reset_debug_uses): New prototype.
	* tree-data-ref.c (stmts_from_loop): Ignore debug stmts.
	* tree-loop-distribution.c (generate_loops_for_partition): Call
	reset_debug_uses on the stmts that will be removed.  Keep around
	all debug stmts, don't count them as bits in partition bitmap.
	(generate_builtin): Don't count debug stmts or labels as bits in
	partition bitmap.

	* gcc.dg/pr48159-1.c: New test.
	* gcc.dg/pr48159-2.c: New test.

Added:
    branches/gcc-4_6-branch/gcc/testsuite/gcc.dg/pr48159-1.c
    branches/gcc-4_6-branch/gcc/testsuite/gcc.dg/pr48159-2.c
Modified:
    branches/gcc-4_6-branch/gcc/ChangeLog
    branches/gcc-4_6-branch/gcc/testsuite/ChangeLog
    branches/gcc-4_6-branch/gcc/tree-data-ref.c
    branches/gcc-4_6-branch/gcc/tree-flow.h
    branches/gcc-4_6-branch/gcc/tree-loop-distribution.c
    branches/gcc-4_6-branch/gcc/tree-ssa.c

Fixed.