[Bug testsuite/80580] New: GIMPLEFE ICE on invalid code (fuzz testing)

Sun, 30 Apr 2017 14:35:48 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80580

            Bug ID: 80580
           Summary: GIMPLEFE ICE on invalid code (fuzz testing)
           Product: gcc
           Version: 8.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: testsuite
          Assignee: unassigned at gcc dot gnu.org
          Reporter: miyuki at gcc dot gnu.org
  Target Milestone: ---

Created attachment 41290
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=41290&action=edit
test cases

I did some fuzz testing of the GIMPLE front end and found several ICEs.

I realize, that GIMPLE FE is intended for internal use in the GCC test suite,
so the requirements for its robustness are not as high as for the user-facing
front ends. Nevertheless, I think correct handling of erroneous input would be
useful for reducing GIMPLE code of real-world bug reports in the future
(because tools like C-Reduce tend to generate lots of erroneous intermediate
inputs).

I used a technique created by John Regehr, which is described in his blog
http://blog.regehr.org/archives/1284 to generate these test cases. Kudos to
John.

There are 46 test cases in the archive and they all produce ICEs with distinct
backtraces. Although they seem to be different bugs, I decided not to file 46
bug reports :).

Example: 

$ cat test001.c
__GIMPLE a() {
  if
  goto

$ cc1 -fgimple -w test001.c
test001.c: In function 'a':
test001.c:3:3: error: expected '(' before 'goto'
   goto
   ^~~~
test001.c:3:3: internal compiler error: Segmentation fault
0xbde80f crash_signal
        /home/miyuki/gcc/src/gcc/toplev.c:337
0x62d467 tree_check
        /home/miyuki/gcc/src/gcc/tree.h:3076
0x62d467 i_label_binding
        /home/miyuki/gcc/src/gcc/c/c-decl.c:289
0x62d467 lookup_label(tree_node*)
        /home/miyuki/gcc/src/gcc/c/c-decl.c:3567
0x62d624 lookup_label_for_goto(unsigned int, tree_node*)
        /home/miyuki/gcc/src/gcc/c/c-decl.c:3615
0x6b9adf c_parser_gimple_if_stmt
        /home/miyuki/gcc/src/gcc/c/gimple-parser.c:1318
0x6b9adf c_parser_gimple_compound_statement
        /home/miyuki/gcc/src/gcc/c/gimple-parser.c:172
0x6b9adf c_parser_parse_gimple_body(c_parser*)
        /home/miyuki/gcc/src/gcc/c/gimple-parser.c:92
0x6a2b2b c_parser_declaration_or_fndef
        /home/miyuki/gcc/src/gcc/c/c-parser.c:2104
0x6aa913 c_parser_external_declaration
        /home/miyuki/gcc/src/gcc/c/c-parser.c:1469
0x6ab1d1 c_parser_translation_unit
        /home/miyuki/gcc/src/gcc/c/c-parser.c:1349
0x6ab1d1 c_parse_file()
        /home/miyuki/gcc/src/gcc/c/c-parser.c:18181
0x708582 c_common_parse_file()
        /home/miyuki/gcc/src/gcc/c-family/c-opts.c:1107
Please submit a full bug report,
with preprocessed source if appropriate.
Please include the complete backtrace with any bug report.
See <https://gcc.gnu.org/bugs/> for instructions.

P.S. I have a patch series to fix some of these bugs. I am planning to rebase,
retest and post these patches soon.

Reply via email to