https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68756
Bug ID: 68756
Summary: [6 Regression] ICE w/ -O1 -floop-nest-optimize and isl
0.15: isl-0.15/isl_id.c:213: unable to find id
Product: gcc
Version: 6.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: asolokha at gmx dot com
Target Milestone: ---
1. At least gcc-6.0.0-alpha20151129 and gcc-6.0.0-alpha20151206 snapshots hang
when compiling the following reduced snippet w/ -O1 -floop-nest-optimize:
unsigned int z4, pz;
int nn[2];
static unsigned int
xq(unsigned int dj)
{
return dj > 1 ? z4 : z4 | dj;
}
void
la(void)
{
int hd, dl;
unsigned int hn = 0;
for (hd = 0; hd < 2; ++hd) {
for (dl = 0; dl < 2; ++dl)
nn[dl] = 0;
--hn;
pz = xq(hn);
}
}
GDB produces rather uninformative (incomplete) backtrace for cc1 for this case:
Program received signal SIGSEGV, Segmentation fault.
0x000003fff728b2d9 in malloc_consolidate () from /lib64/libc.so.6
(gdb) where
#0 0x000003fff728b2d9 in malloc_consolidate () from /lib64/libc.so.6
#1 0x000003fff728d0eb in _int_malloc () from /lib64/libc.so.6
#2 0x000003fff728f96f in calloc () from /lib64/libc.so.6
#3 0x000000000132a9d1 in xcalloc ()
#4 0x0000000000c6b200 in ?? ()
#5 0x0000000000a5b86b in execute_one_pass(opt_pass*) ()
#6 0x0000000000a5be98 in ?? ()
#7 0x0000000000a5beaa in ?? ()
#8 0x0000000000a5beaa in ?? ()
#9 0x0000000000a5beaa in ?? ()
#10 0x0000000000a5bef5 in execute_pass_list(function*, opt_pass*) ()
#11 0x0000000000764547 in cgraph_node::expand() ()
#12 0x0000000000765eb7 in ?? ()
#13 0x0000000000768713 in symbol_table::finalize_compilation_unit() ()
#14 0x0000000000b273a2 in ?? ()
#15 0x00000000005cff3a in toplev::main(int, char**) ()
#16 0x00000000005d2147 in main ()
Valgrind, surprisingly, produce a different one:
--------8<--------
==17739== Invalid read of size 8
==17739== at 0x4ADA070: isl_id_free (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x4B88BE4: isl_space_free (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x4AFCC77: isl_map_free (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x4A95F3D: ??? (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x4B2AC7C: isl_hash_table_foreach (in
/usr/lib64/libisl.so.15.0.0)
==17739== by 0x4A96ACC: isl_union_map_free (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x11F548A: free_scop(scop*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0x11EA70F: graphite_transform_loops() (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0x11EAC20: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5B86A: execute_one_pass(opt_pass*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5BE97: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5BEA9: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== Address 0x5aacdb8 is 8 bytes inside a block of size 48 free'd
==17739== at 0x402BCBF: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==17739== by 0x4ADA0B0: isl_id_free (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x4B88BDB: isl_space_free (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x4AFCC77: isl_map_free (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x4A95F3D: ??? (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x4B2AC7C: isl_hash_table_foreach (in
/usr/lib64/libisl.so.15.0.0)
==17739== by 0x4A96ACC: isl_union_map_free (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x11F548A: free_scop(scop*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0x11EA70F: graphite_transform_loops() (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0x11EAC20: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5B86A: execute_one_pass(opt_pass*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5BE97: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== Block was alloc'd at
==17739== at 0x402CC93: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==17739== by 0x4B221DD: isl_calloc_or_die (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x4ADA28A: isl_id_alloc (in /usr/lib64/libisl.so.15.0.0)
==17739== by 0x11FEA85: build_poly_scop(scop*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0x11EA67A: graphite_transform_loops() (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0x11EAC20: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5B86A: execute_one_pass(opt_pass*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5BE97: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5BEA9: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5BEA9: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5BEA9: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739== by 0xA5BEF4: execute_pass_list(function*, opt_pass*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==17739==
/var/tmp/portage/dev-libs/isl-0.15/work/isl-0.15/isl_id.c:213: unable to find
id
--17739-- REDIR: 0x53a21d0 (libc.so.6:__GI_stpcpy) redirected to 0x40316c0
(__GI_stpcpy)
wjdkwo0v.i: In function 'la':
--17739-- REDIR: 0x53a1180 (libc.so.6:memchr) redirected to 0x402f840 (memchr)
wjdkwo0v.i:11:1: internal compiler error: Aborted
la(void)
^~
-------->8--------
2. After replacing "bitwise or" w/ "plus" in xq(), driver propagates ICE to the
user:
% gcc-6.0.0-alpha20151206 -c -std=c99 -Wall -Wextra -Wpedantic -O1
-floop-nest-optimize wjdkwo0v.c
wjdkwo0v.c: In function 'la':
wjdkwo0v.c:11:1: internal compiler error: Segmentation fault
la(void)
^~
After this change GDB and Valgrind start to agree on the backtrace, but the
backtrace itself is now different:
==25869== Invalid read of size 2
==25869== at 0x1280E7D: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0x1281832: sese_insert_phis_for_liveouts(sese_info_t*,
basic_block_def*, edge_def*, edge_def*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0x11F3732: graphite_regenerate_ast_isl(scop*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0x11EA695: graphite_transform_loops() (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0x11EAC20: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0xA5B86A: execute_one_pass(opt_pass*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0xA5BE97: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0xA5BEA9: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0xA5BEA9: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0xA5BEA9: ??? (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0xA5BEF4: execute_pass_list(function*, opt_pass*) (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== by 0x764546: cgraph_node::expand() (in
/usr/libexec/gcc/x86_64-pc-linux-gnu/6.0.0-alpha20151206/cc1)
==25869== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==25869==
--25869-- REDIR: 0x53a21d0 (libc.so.6:__GI_stpcpy) redirected to 0x40316c0
(__GI_stpcpy)
wjdkwo0v.c: In function 'la':
--25869-- REDIR: 0x53a1180 (libc.so.6:memchr) redirected to 0x402f840 (memchr)
wjdkwo0v.c:11:1: internal compiler error: Segmentation fault
la(void)
^~
