[Bug target/45478] __attribute__((__target__())) causes crashes at various places

Thu, 02 Sep 2010 10:32:32 -0700 


------- Comment #4 from zsojka at seznam dot cz  2010-09-02 17:32 -------
Created an attachment (id=21674)
 --> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=21674&action=view)
another testcase

This needs -O as well:
$ gcc -O pr45478-4.c

Related valgrind output:
$ valgrind cc1 -O -quiet pr45478-4.c
...
==17845== Invalid write of size 1
==17845==    at 0x877B2AA: mark_reg_pointer (emit-rtl.c:1121)
==17845==    by 0x89B97B6: assign_parm_setup_reg (function.c:3137)
==17845==    by 0x89BA9F7: assign_parms (function.c:3368)
==17845==    by 0x89BF1C6: expand_function_start (function.c:4666)
==17845==    by 0x84C594E: gimple_expand_cfg (cfgexpand.c:3825)
==17845==    by 0x8EEB8F3: execute_one_pass (passes.c:1568)
==17845==    by 0x8EEBAC7: execute_pass_list (passes.c:1623)
==17845==    by 0x97772D8: tree_rest_of_compilation (tree-optimize.c:452)
==17845==    by 0xA3362AC: cgraph_expand_function (cgraphunit.c:1469)
==17845==    by 0xA336517: cgraph_expand_all_functions (cgraphunit.c:1548)
==17845==    by 0xA336B09: cgraph_optimize (cgraphunit.c:1804)
==17845==    by 0xA334877: cgraph_finalize_compilation_unit (cgraphunit.c:1012)
==17845==  Address 0x4b6c45c is 3 bytes after a block of size 1 alloc'd
==17845==    at 0x40287FE: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==17845==    by 0xB6A0D6A: xrealloc (xmalloc.c:177)
==17845==    by 0x8778B49: gen_reg_rtx (emit-rtl.c:901)
==17845==    by 0x84B764D: expand_one_register_var (cfgexpand.c:846)
==17845==    by 0x84B80B6: expand_one_var (cfgexpand.c:993)
==17845==    by 0x84B910C: expand_used_vars (cfgexpand.c:1330)
==17845==    by 0x84C58CF: gimple_expand_cfg (cfgexpand.c:3807)
==17845==    by 0x8EEB8F3: execute_one_pass (passes.c:1568)
==17845==    by 0x8EEBAC7: execute_pass_list (passes.c:1623)
==17845==    by 0x97772D8: tree_rest_of_compilation (tree-optimize.c:452)
==17845==    by 0xA3362AC: cgraph_expand_function (cgraphunit.c:1469)
==17845==    by 0xA336517: cgraph_expand_all_functions (cgraphunit.c:1548)
==17845== 
==17845== Invalid read of size 4
==17845==    at 0xAF5EFFF: count_reg_usage (cse.c:6583)
==17845==    by 0xAF6029A: count_reg_usage (cse.c:6681)
==17845==    by 0xAF5F593: count_reg_usage (cse.c:6608)
==17845==    by 0xAF5F804: count_reg_usage (cse.c:6625)
==17845==    by 0xAF61651: delete_trivially_dead_insns (cse.c:6800)
==17845==    by 0xAE3E705: rest_of_handle_jump2 (cfgcleanup.c:2425)
==17845==    by 0x8EEB8F3: execute_one_pass (passes.c:1568)
==17845==    by 0x8EEBAC7: execute_pass_list (passes.c:1623)
==17845==    by 0x8EEBAE3: execute_pass_list (passes.c:1624)
==17845==    by 0x97772D8: tree_rest_of_compilation (tree-optimize.c:452)
==17845==    by 0xA3362AC: cgraph_expand_function (cgraphunit.c:1469)
==17845==    by 0xA336517: cgraph_expand_all_functions (cgraphunit.c:1548)
==17845==  Address 0x4b6fb78 is not stack'd, malloc'd or (recently) free'd
==17845== 
==17845== Invalid write of size 4
==17845==    at 0xAF5F004: count_reg_usage (cse.c:6583)
==17845==    by 0xAF6029A: count_reg_usage (cse.c:6681)
==17845==    by 0xAF5F593: count_reg_usage (cse.c:6608)
==17845==    by 0xAF5F804: count_reg_usage (cse.c:6625)
==17845==    by 0xAF61651: delete_trivially_dead_insns (cse.c:6800)
==17845==    by 0xAE3E705: rest_of_handle_jump2 (cfgcleanup.c:2425)
==17845==    by 0x8EEB8F3: execute_one_pass (passes.c:1568)
==17845==    by 0x8EEBAC7: execute_pass_list (passes.c:1623)
==17845==    by 0x8EEBAE3: execute_pass_list (passes.c:1624)
==17845==    by 0x97772D8: tree_rest_of_compilation (tree-optimize.c:452)
==17845==    by 0xA3362AC: cgraph_expand_function (cgraphunit.c:1469)
==17845==    by 0xA336517: cgraph_expand_all_functions (cgraphunit.c:1548)
==17845==  Address 0x4b6fb78 is not stack'd, malloc'd or (recently) free'd
==17845== 
==17845== Invalid read of size 4
==17845==    at 0xAF5EFFF: count_reg_usage (cse.c:6583)
==17845==    by 0xAF6029A: count_reg_usage (cse.c:6681)
==17845==    by 0xAF5FBC4: count_reg_usage (cse.c:6645)
==17845==    by 0xAF61651: delete_trivially_dead_insns (cse.c:6800)
==17845==    by 0xAE3E705: rest_of_handle_jump2 (cfgcleanup.c:2425)
==17845==    by 0x8EEB8F3: execute_one_pass (passes.c:1568)
==17845==    by 0x8EEBAC7: execute_pass_list (passes.c:1623)
==17845==    by 0x8EEBAE3: execute_pass_list (passes.c:1624)
==17845==    by 0x97772D8: tree_rest_of_compilation (tree-optimize.c:452)
==17845==    by 0xA3362AC: cgraph_expand_function (cgraphunit.c:1469)
==17845==    by 0xA336517: cgraph_expand_all_functions (cgraphunit.c:1548)
==17845==    by 0xA336B09: cgraph_optimize (cgraphunit.c:1804)
==17845==  Address 0x4b6fb78 is not stack'd, malloc'd or (recently) free'd
==17845== 
==17845== Invalid write of size 4
==17845==    at 0xAF5F004: count_reg_usage (cse.c:6583)
==17845==    by 0xAF6029A: count_reg_usage (cse.c:6681)
==17845==    by 0xAF5FBC4: count_reg_usage (cse.c:6645)
==17845==    by 0xAF61651: delete_trivially_dead_insns (cse.c:6800)
==17845==    by 0xAE3E705: rest_of_handle_jump2 (cfgcleanup.c:2425)
==17845==    by 0x8EEB8F3: execute_one_pass (passes.c:1568)
==17845==    by 0x8EEBAC7: execute_pass_list (passes.c:1623)
==17845==    by 0x8EEBAE3: execute_pass_list (passes.c:1624)
==17845==    by 0x97772D8: tree_rest_of_compilation (tree-optimize.c:452)
==17845==    by 0xA3362AC: cgraph_expand_function (cgraphunit.c:1469)
==17845==    by 0xA336517: cgraph_expand_all_functions (cgraphunit.c:1548)
==17845==    by 0xA336B09: cgraph_optimize (cgraphunit.c:1804)
==17845==  Address 0x4b6fb78 is not stack'd, malloc'd or (recently) free'd
==17845== 
==17845== Invalid read of size 4
==17845==    at 0xAF5EFFF: count_reg_usage (cse.c:6583)
==17845==    by 0xAF6029A: count_reg_usage (cse.c:6681)
==17845==    by 0xAF6029A: count_reg_usage (cse.c:6681)
==17845==    by 0xAF5F593: count_reg_usage (cse.c:6608)
==17845==    by 0xAF5F804: count_reg_usage (cse.c:6625)
==17845==    by 0xAF61651: delete_trivially_dead_insns (cse.c:6800)
==17845==    by 0xAE3E705: rest_of_handle_jump2 (cfgcleanup.c:2425)
==17845==    by 0x8EEB8F3: execute_one_pass (passes.c:1568)
==17845==    by 0x8EEBAC7: execute_pass_list (passes.c:1623)
==17845==    by 0x8EEBAE3: execute_pass_list (passes.c:1624)
==17845==    by 0x97772D8: tree_rest_of_compilation (tree-optimize.c:452)
==17845==    by 0xA3362AC: cgraph_expand_function (cgraphunit.c:1469)
==17845==  Address 0x4b6fb7c is not stack'd, malloc'd or (recently) free'd
==17845== 
==17845== Invalid write of size 4
==17845==    at 0xAF5F004: count_reg_usage (cse.c:6583)
==17845==    by 0xAF6029A: count_reg_usage (cse.c:6681)
==17845==    by 0xAF6029A: count_reg_usage (cse.c:6681)
==17845==    by 0xAF5F593: count_reg_usage (cse.c:6608)
==17845==    by 0xAF5F804: count_reg_usage (cse.c:6625)
==17845==    by 0xAF61651: delete_trivially_dead_insns (cse.c:6800)
==17845==    by 0xAE3E705: rest_of_handle_jump2 (cfgcleanup.c:2425)
==17845==    by 0x8EEB8F3: execute_one_pass (passes.c:1568)
==17845==    by 0x8EEBAC7: execute_pass_list (passes.c:1623)
==17845==    by 0x8EEBAE3: execute_pass_list (passes.c:1624)
==17845==    by 0x97772D8: tree_rest_of_compilation (tree-optimize.c:452)
==17845==    by 0xA3362AC: cgraph_expand_function (cgraphunit.c:1469)
==17845==  Address 0x4b6fb7c is not stack'd, malloc'd or (recently) free'd
==17845== 
==17845== Invalid read of size 2
==17845==    at 0x868FFFD: df_ref_record (df-scan.c:2881)
==17845==    by 0x8696BE4: df_entry_block_defs_collect (df-scan.c:3941)
==17845==    by 0x8696C8A: df_record_entry_block_defs (df-scan.c:3959)
==17845==    by 0x8688633: df_scan_blocks (df-scan.c:676)
==17845==    by 0x8649B4F: rest_of_handle_df_initialize (df-core.c:738)
==17845==    by 0x8EEB8F3: execute_one_pass (passes.c:1568)
==17845==    by 0x8EEBAC7: execute_pass_list (passes.c:1623)
==17845==    by 0x8EEBAE3: execute_pass_list (passes.c:1624)
==17845==    by 0x97772D8: tree_rest_of_compilation (tree-optimize.c:452)
==17845==    by 0xA3362AC: cgraph_expand_function (cgraphunit.c:1469)
==17845==    by 0xA336517: cgraph_expand_all_functions (cgraphunit.c:1548)
==17845==    by 0xA336B09: cgraph_optimize (cgraphunit.c:1804)
==17845==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==17845== 
pr45478-4.c: In function 'search_line_sse42':
pr45478-4.c:14:1: internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.


With other similiar testcases, I received various ICEs:
000.i:817:15: internal compiler error: in memory_address_addr_space, at
explow.c:505
1380.i:700:1: internal compiler error: RTL check: expected code 'const_int',
have '' in const_int_htab_eq, at emit-rtl.c:187
*** glibc detected ***
/tmp/portage/sys-devel/gcc-4.6.0_pre9999/work/build/prev-gcc/cc1: malloc():
smallbin double linked list corrupted: 0x0a2e1da0 ***

They are probably caused by working with uninitialized and invalid memory.

All these testcases are from libcpp/lex.c, I got them while reducing testcase
for PR45478. It's probably not needed to upload all of them.


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=45478

Reply via email to