[Bug rtl-optimization/78580] [6/7 Regression] Segfault in gcc with multilib (-m32) and -ffixed-*
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78580 Jakub Jelinek changed: What|Removed |Added CC||jakub at gcc dot gnu.org, ||uros at gcc dot gnu.org --- Comment #2 from Jakub Jelinek --- /* PR rtl-optimization/78580 */ /* { dg-do compile } */ /* { dg-options "-O0 -ffixed-ebx" } */ extern const signed char a; int foo (signed char x) { return x; } int main () { foo (a); return 0; } Apparently with just -m32 we have ira_allocno_classes of: AREG,DREG,CREG,BREG,SIREG,DIREG,AD_REGS,CLOBBERED_REGS,Q_REGS,NON_Q_REGS,TLS_GOTBASE_REGS,GENERAL_REGS,FP_TOP_REG,FP_SECOND_REG,FLOAT_REGS,FLOAT_INT_REGS while with -m32 -ffixed-ebx AREG,DREG,CREG,SIREG,DIREG,AD_REGS,CLOBBERED_REGS,NON_Q_REGS,TLS_GOTBASE_REGS,GENERAL_REGS,FP_TOP_REG,FP_SECOND_REG,FLOAT_REGS,FLOAT_INT_REGS i.e. BREG and Q_REGS is missing in the latter case. update_bad_spill_attribute only initializes dead_points for the allocno classes, but then we process allocno with Q_REGS allocno class and in the latter case (sometimes) ICE because dead_points[Q_REGS] is random garbage. So, is the bug that i?86 needs Q_REGS to be an allocno class always (shall ix86_additional_allocno_class_p return true also for Q_REGS? Just for -m32 or always?), or is the bug that if Q_REGS is not an allocno class then there shouldn't be allocno with that class?
[Bug ipa/78599] [7 Regression] hwint.h:292:72: runtime error: shift exponent 64 is too large for 64-bit type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78599 --- Comment #5 from prathamesh3492 at gcc dot gnu.org --- Created attachment 40212 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=40212=edit fix formatting of patch in comment 3 Oops, sorry about that. Fixed formatting in this version. Does it look OK ? Thanks, Prathamesh
[Bug tree-optimization/78625] [7 Regression] ICE in invert_tree_comparison, at fold-const.c:2483 w/ -O1 -Wmaybe-uninitialized
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78625 Richard Biener changed: What|Removed |Added CC||aldyh at gcc dot gnu.org Component|rtl-optimization|tree-optimization Target Milestone|--- |7.0 --- Comment #1 from Richard Biener --- #2 0x01171bdf in pred_neg_p (x1=..., x2=...) at /space/rguenther/src/svn/trunk/gcc/tree-ssa-uninit.c:1488 1488c2 = invert_tree_comparison (x2.cond_code, false); (gdb) l 1483 || !operand_equal_p (x1.pred_rhs, x2.pred_rhs, 0)) 1484return false; 1485 1486 c1 = x1.cond_code; 1487 if (x1.invert == x2.invert) 1488c2 = invert_tree_comparison (x2.cond_code, false); x2.cond_code is BIT_AND_EXPR. Sth like Index: gcc/tree-ssa-uninit.c === --- gcc/tree-ssa-uninit.c (revision 243100) +++ gcc/tree-ssa-uninit.c (working copy) @@ -1485,7 +1485,12 @@ pred_neg_p (pred_info x1, pred_info x2) c1 = x1.cond_code; if (x1.invert == x2.invert) -c2 = invert_tree_comparison (x2.cond_code, false); +{ + if (TREE_CODE_CLASS (x2.cond_code) == tcc_comparison) + c2 = invert_tree_comparison (x2.cond_code, false); + else + return false; +} else c2 = x2.cond_code; might fix it.
[Bug libstdc++/78627] [7 Regression] r243036 causes Firefox build failure
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78627 Richard Biener changed: What|Removed |Added Target Milestone|--- |7.0
[Bug rtl-optimization/78626] [7 Regression] ICE in rtl_verify_bb_insns, at cfgrtl.c:2656 (error: flow control insn inside a basic block)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78626 Richard Biener changed: What|Removed |Added Target Milestone|--- |7.0
[Bug middle-end/78629] vec.h: null pointer passed as argument 1, which is declared to never be null
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78629 --- Comment #2 from Richard Biener --- Ah, it's for the case of len == 0, but that is explicitely allowed: template inline void vec::safe_grow (unsigned len MEM_STAT_DECL) { unsigned oldlen = length (); gcc_checking_assert (oldlen <= len); reserve_exact (len - oldlen PASS_MEM_STAT); if (m_vec) m_vec->quick_grow (len); else gcc_checking_assert (len == 0); } so I think the bug is in template inline void vec ::safe_grow_cleared (unsigned len MEM_STAT_DECL) { unsigned oldlen = length (); safe_grow (len PASS_MEM_STAT); memset (&(address ()[oldlen]), 0, sizeof (T) * (len - oldlen)); } instead which should simply conditionalize the memset on len != 0 (OTOH the undefinedness is on the borderline...). Same for quick_grow_cleared I suppose. So size_t sz = sizeof (T) * (len - oldlen); if (sz != 0) memset (...);
[Bug fortran/78618] ICE in gfc_check_rank, at fortran/check.c:3670
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78618 Martin Liška changed: What|Removed |Added Status|UNCONFIRMED |NEW Last reconfirmed||2016-12-01 CC||marxin at gcc dot gnu.org Ever confirmed|0 |1 --- Comment #2 from Martin Liška --- Confirmed, started to fail with GCC 4.7.0.
[Bug fortran/78619] [5/6/7 Regression] ICE in copy_reference_ops_from_ref, at tree-ssa-sccvn.c:889
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78619 Martin Liška changed: What|Removed |Added CC||marxin at gcc dot gnu.org, ||pault at gcc dot gnu.org Known to work||4.8.5 Summary|ICE in |[5/6/7 Regression] ICE in |copy_reference_ops_from_ref |copy_reference_ops_from_ref |, at tree-ssa-sccvn.c:889 |, at tree-ssa-sccvn.c:889 Known to fail||4.9.4, 5.4.0, 6.2.0, 7.0 --- Comment #2 from Martin Liška --- Started to ICE with r229954, before that an error is reported: pr78619.f90:3:17: z = sign(1.0, f) 1 Warning: Non-RECURSIVE procedure ‘f’ at (1) is possibly calling itself recursively. Declare it RECURSIVE or use ‘-frecursive’ pr78619.f90:3:17: z = sign(1.0, f) 1 Error: ‘b’ argument of ‘sign’ intrinsic at (1) must be the same type and kind as ‘a’
[Bug middle-end/78629] vec.h: null pointer passed as argument 1, which is declared to never be null
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78629 --- Comment #1 from prathamesh3492 at gcc dot gnu.org --- This slight change to finish_match_operand() fixes the error, but not sure if it's correct. diff --git a/gcc/genmatch.c b/gcc/genmatch.c index 41951c5..3ff5bdf 100644 --- a/gcc/genmatch.c +++ b/gcc/genmatch.c @@ -4798,7 +4798,10 @@ parser::finish_match_operand (operand *op) /* Look for matching captures, diagnose mis-uses of @@ and apply early lowering and distribution of value_match. */ auto_veccpts; - cpts.safe_grow_cleared (capture_ids->elements ()); + cpts.reserve (capture_ids->elements ()); + for (unsigned i = 0; i < capture_ids->elements (); ++i) +cpts.quick_push (vNULL); + walk_captures (op, cpts); for (unsigned i = 0; i < cpts.length (); ++i) { Thanks, Prathamesh
[Bug debug/78587] dwarf2out.c:1517:45: runtime error: negation of -9223372036854775808 cannot be represented in type 'long int [4]'; cast to an unsigned type to negate this value to itself
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78587 --- Comment #5 from Jakub Jelinek --- Author: jakub Date: Thu Dec 1 09:24:55 2016 New Revision: 243100 URL: https://gcc.gnu.org/viewcvs?rev=243100=gcc=rev Log: PR debug/78587 * dwarf2out.c (loc_descr_plus_const): For negative offset use uint_loc_descriptor instead of int_loc_descriptor and perform negation in unsigned HOST_WIDE_INT type. (scompare_loc_descriptor): Shift UINTVAL left instead of INTVAL. * gcc.dg/debug/pr78587.c: New test. Added: trunk/gcc/testsuite/gcc.dg/debug/pr78587.c Modified: trunk/gcc/ChangeLog trunk/gcc/dwarf2out.c trunk/gcc/testsuite/ChangeLog
[Bug middle-end/78629] New: vec.h: null pointer passed as argument 1, which is declared to never be null
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78629 Bug ID: 78629 Summary: vec.h: null pointer passed as argument 1, which is declared to never be null Product: gcc Version: 7.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: middle-end Assignee: unassigned at gcc dot gnu.org Reporter: prathamesh3492 at gcc dot gnu.org Target Milestone: --- build/genmatch --gimple match.pd gives following runtime error when it's built with ubsan: ../../gcc/gcc/vec.h:1609:3: runtime error: null pointer passed as argument 1, which is declared to never be null /usr/include/x86_64-linux-gnu/bits/string3.h:90:70: runtime error: null pointer passed as argument 1, which is declared to never be null GIMPLE decision tree has 1846 leafs, maximum depth 12 and a total number of 7248 nodes removed 1070 duplicate tails ../../gcc/gcc/vec.h:1609:3: runtime error: null pointer passed as argument 1, which is declared to never be null #0 0x44fb51 in vec, va_heap, vl_ptr>::safe_grow_cleared(unsigned int) ../../gcc/gcc/vec.h:1609 #1 0x44fb51 in parser::finish_match_operand(operand*) ../../gcc/gcc/genmatch.c:4801 #2 0x45d597 in parser::parse_simplify(simplify::simplify_kind, vec &, predicate_id*, operand*) ../../gcc/gcc/genmatch.c:4433 #3 0x45e70b in parser::parse_pattern() ../../gcc/gcc/genmatch.c:4745 #4 0x466213 in parser::parser(cpp_reader*) ../../gcc/gcc/genmatch.c:4855 #5 0x40a899 in main ../../gcc/gcc/genmatch.c:4953 #6 0x7fafc65e982f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #7 0x40bbd8 in _start (/home/bilbo/gnu-toolchain/gcc/master/ubsan-stage1-build/gcc/build/genmatch+0x40bbd8) Thanks, Prathamesh
[Bug c++/70909] Libiberty Demangler segfaults (4)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70909 --- Comment #18 from Marcel Böhme --- (In reply to Markus Trippelsdorf from comment #17) > Nathan's patch fixes this issue: > https://patchwork.ozlabs.org/patch/701137/ > It is currently being reviewed. It doesn't seem to fix the original issue for me. $ binutils-gdb/build/binutils/cxxfilt _Z1MA_aA_MMA_St1MS_o11T00t2M0z Segmentation fault With Valgrind complaining: ==108073== Memcheck, a memory error detector ==108073== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==108073== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info ==108073== Command: binutils-gdb/build/binutils/cxxfilt _Z1MA_aA_MMA_St1MS_o11T00t2M0z ==108073== ==108073== Stack overflow in thread 1: can't grow stack to 0xffe801fe8 ==108073== ==108073== Process terminating with default action of signal 11 (SIGSEGV) ==108073== Access not within mapped region at address 0xFFE801FE8 ==108073==at 0x7D9704: d_print_comp_inner (cp-demangle.c:4587)
[Bug go/78628] New: GO fails to build a translation unit decl
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78628 Bug ID: 78628 Summary: GO fails to build a translation unit decl Product: gcc Version: 7.0 Status: UNCONFIRMED Keywords: wrong-debug Severity: normal Priority: P3 Component: go Assignee: ian at airs dot com Reporter: rguenth at gcc dot gnu.org CC: cmang at google dot com Target Milestone: --- The GO FE does not build a TRANSLATION_UNIT_DECL which both LTO and dwarf2out (debug_hooks->register_main_translation_unit) take information from like the language of the source. Frontends nowadays are expected to preferably use a TRANSLATION_UNIT_DECL as DECL_CONTEXT for file-scope entities (rather than NULL_TREE) and LTO requires at least one TU DECL to fixup such NULL_TREE file-scope DECL_CONTEXT.
[Bug target/78213] [7 Regression] -fself-test fails on aarch64
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78213 Markus Trippelsdorf changed: What|Removed |Added CC||trippels at gcc dot gnu.org --- Comment #10 from Markus Trippelsdorf --- testsuite/gcc.dg/pr78213.c often times out: FAIL: gcc.dg/pr78213.c (test for excess errors) FAIL: gcc.dg/pr78213.c -fself-test (test for warnings, line ) WARNING: program timed out. This happens on ppc64le with "make -j60 check".
[Bug c++/78615] error: cannot decrement a pointer to incomplete type
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78615 Richard Biener changed: What|Removed |Added Version|unknown |7.0 --- Comment #3 from Richard Biener --- Yeah, I think this is not valid code.
[Bug bootstrap/78616] [7 regression] bootstrap fails for x86_64-darwin at stage1 after 243030 when the bootstrap compiler doesn't have strndup
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78616 Richard Biener changed: What|Removed |Added Target Milestone|--- |7.0 --- Comment #6 from Richard Biener --- Or just use xstrndup like we do in gcc/?
[Bug fortran/78619] ICE in copy_reference_ops_from_ref, at tree-ssa-sccvn.c:889
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78619 Richard Biener changed: What|Removed |Added Keywords||accepts-invalid, ||ice-on-invalid-code Status|UNCONFIRMED |NEW Last reconfirmed||2016-12-01 Ever confirmed|0 |1 --- Comment #1 from Richard Biener --- (gdb) p debug_gimple_stmt (stmt) f.0_1 = f; the RHS is a FUNCTION_DECL and the LHS is a SSA name of FUNCTION_TYPE.
[Bug c++/78620] C++11, Padding bytes not zero-intialized when POD is initialized with compiler generated default constructor
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78620 --- Comment #1 from Richard Biener --- AFAIK padding bytes are always having undefined content (even in C).
[Bug c++/78623] non-dependent name treated as if it were dependent, requiring use of template keyword
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78623 --- Comment #1 from Richard Biener --- clang agrees with GCC: > clang++ t.C -S -std=c++11 t.C:15:20: error: use 'template' keyword to treat 'foo' as a dependent template name result.foo(); // (*) ^ template 1 error generated.
[Bug ipa/78599] [7 Regression] hwint.h:292:72: runtime error: shift exponent 64 is too large for 64-bit type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78599 Jakub Jelinek changed: What|Removed |Added CC||jakub at gcc dot gnu.org --- Comment #4 from Jakub Jelinek --- Formatting nit: || shouldn't be at the end of line.
[Bug sanitizer/77538] segmentation fault: thread sanitizer shadow stack overflow
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77538 --- Comment #20 from peien luo --- (In reply to Dmitry Vyukov from comment #18) > Looks like shadow stack overflow. > Do you use fibers, ucontext, longjmp, exceptions or any other non-obvious > control flow constructs? > Fibers and exceptions are not supported. Longjmp should work. (gdb) p &(thr->shadow_stack[0]) $9 = (unsigned long *) 0x7f9842712080 (gdb) p thr->shadow_stack_pos $10 = (__sanitizer::uptr *) 0x7f9842762b68 so it actually took the 'shadow stack' size of 330472, then it crashed. is that huge number abnormal?
[Bug target/78614] [7 Regression] ICE error: invalid rtl sharing found in the insn (verify_rtx_sharing) gcc/emit-rtl.c:2743
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78614 Jakub Jelinek changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #22 from Jakub Jelinek --- Should be fixed now, the other patch (simplify-rtx.c) is just an optimization.