http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52881
Bug #: 52881 Summary: ICE due to null pointer deref Classification: Unclassified Product: gcc Version: 4.8.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c AssignedTo: unassig...@gcc.gnu.org ReportedBy: reg...@cs.utah.edu CC: cheny...@cs.utah.edu [regehr@dyson r3]$ current-gcc -O2 small.c small.c: In function 'fn3': small.c:27:1: internal compiler error: Segmentation fault Please submit a full bug report, with preprocessed source if appropriate. See <http://gcc.gnu.org/bugs.html> for instructions. [regehr@dyson r3]$ valgrind -q --trace-children=yes current-gcc -O2 small.c ==30315== Invalid read of size 8 ==30315== at 0xDEAB99: search_line_sse2(unsigned char const*, unsigned char const*) (lex.c:393) ==30315== by 0xDEAD61: _cpp_clean_line (lex.c:739) ==30315== by 0xDEB787: _cpp_get_fresh_line (lex.c:2000) ==30315== by 0xDECF40: _cpp_lex_direct (lex.c:2065) ==30315== by 0xDEDCCB: _cpp_lex_token (lex.c:1939) ==30315== by 0xDF1E8F: cpp_get_token_1(cpp_reader*, unsigned int*) (macro.c:2245) ==30315== by 0x57F3A2: c_lex_with_flags(tree_node**, unsigned int*, unsigned char*, int) (c-lex.c:302) ==30315== by 0x52D9B4: c_lex_one_token(c_parser*, c_token*) (c-parser.c:221) ==30315== by 0x53406D: c_parser_compound_statement_nostart(c_parser*) (c-parser.c:401) ==30315== by 0x540F28: c_parser_compound_statement(c_parser*) (c-parser.c:4071) ==30315== by 0x531B77: c_parser_declaration_or_fndef(c_parser*, bool, bool, bool, bool, bool, tree_node**) (c-parser.c:1758) ==30315== by 0x54118D: c_parser_external_declaration(c_parser*) (c-parser.c:1363) ==30315== Address 0x56e90d8 is 424 bytes inside a block of size 429 alloc'd ==30315== at 0x4C275A2: realloc (vg_replace_malloc.c:525) ==30315== by 0xE16C9C: xrealloc (xmalloc.c:179) ==30315== by 0xDDF8A3: _cpp_convert_input (charset.c:1734) ==30315== by 0xDE82AA: read_file(cpp_reader*, _cpp_file*) (files.c:652) ==30315== by 0xDE8CAA: _cpp_stack_file (files.c:723) ==30315== by 0xDEA605: cpp_read_main_file(cpp_reader*, char const*) (init.c:593) ==30315== by 0x58491B: c_common_post_options(char const**) (c-opts.c:1056) ==30315== by 0x8C5CD8: toplev_main(int, char**) (toplev.c:1281) ==30315== by 0x52D2C4C: (below main) (libc-start.c:226) ==30315== ==30315== Invalid read of size 8 ==30315== at 0xDEAB83: search_line_sse2(unsigned char const*, unsigned char const*) (lex.c:381) ==30315== by 0xDEAD61: _cpp_clean_line (lex.c:739) ==30315== by 0xDEB787: _cpp_get_fresh_line (lex.c:2000) ==30315== by 0xDECF40: _cpp_lex_direct (lex.c:2065) ==30315== by 0xDEDCCB: _cpp_lex_token (lex.c:1939) ==30315== by 0xDF1E8F: cpp_get_token_1(cpp_reader*, unsigned int*) (macro.c:2245) ==30315== by 0x57F3A2: c_lex_with_flags(tree_node**, unsigned int*, unsigned char*, int) (c-lex.c:302) ==30315== by 0x52D9B4: c_lex_one_token(c_parser*, c_token*) (c-parser.c:221) ==30315== by 0x53406D: c_parser_compound_statement_nostart(c_parser*) (c-parser.c:401) ==30315== by 0x540F28: c_parser_compound_statement(c_parser*) (c-parser.c:4071) ==30315== by 0x531B77: c_parser_declaration_or_fndef(c_parser*, bool, bool, bool, bool, bool, tree_node**) (c-parser.c:1758) ==30315== by 0x54118D: c_parser_external_declaration(c_parser*) (c-parser.c:1363) ==30315== Address 0x56e90d8 is 424 bytes inside a block of size 429 alloc'd ==30315== at 0x4C275A2: realloc (vg_replace_malloc.c:525) ==30315== by 0xE16C9C: xrealloc (xmalloc.c:179) ==30315== by 0xDDF8A3: _cpp_convert_input (charset.c:1734) ==30315== by 0xDE82AA: read_file(cpp_reader*, _cpp_file*) (files.c:652) ==30315== by 0xDE8CAA: _cpp_stack_file (files.c:723) ==30315== by 0xDEA605: cpp_read_main_file(cpp_reader*, char const*) (init.c:593) ==30315== by 0x58491B: c_common_post_options(char const**) (c-opts.c:1056) ==30315== by 0x8C5CD8: toplev_main(int, char**) (toplev.c:1281) ==30315== by 0x52D2C4C: (below main) (libc-start.c:226) ==30315== ==30315== Invalid read of size 4 ==30315== at 0x5EA374: dfs_enumerate_from(basic_block_def*, int, bool (*)(basic_block_def const*, void const*), basic_block_def**, int, void const*) (cfganal.c:1210) ==30315== by 0x5FD803: get_loop_body(loop const*) (cfgloop.c:829) ==30315== by 0x5FF17F: verify_loop_structure() (cfgloop.c:1351) ==30315== by 0x7D4A95: loop_optimizer_init(unsigned int) (loop-init.c:64) ==30315== by 0x7D4BEE: rtl_loop_init() (loop-init.c:210) ==30315== by 0x820F04: execute_one_pass(opt_pass*) (passes.c:2079) ==30315== by 0x8212C4: execute_pass_list(opt_pass*) (passes.c:2134) ==30315== by 0x8212D6: execute_pass_list(opt_pass*) (passes.c:2135) ==30315== by 0x8212D6: execute_pass_list(opt_pass*) (passes.c:2135) ==30315== by 0x933C9D: tree_rest_of_compilation(tree_node*) (tree-optimize.c:422) ==30315== by 0x615A09: cgraph_expand_function(cgraph_node*) (cgraphunit.c:1784) ==30315== by 0x6178CB: cgraph_optimize() (cgraphunit.c:1851) ==30315== Address 0x50 is not stack'd, malloc'd or (recently) free'd ==30315== small.c: In function 'fn3': small.c:27:1: internal compiler error: Segmentation fault Please submit a full bug report, with preprocessed source if appropriate. See <http://gcc.gnu.org/bugs.html> for instructions. [regehr@dyson r3]$ cat small.c int a, b, c, d, e, f, h, i, j, k, l, m, n, o; static int g; int fn1 () { for (;; ++f) if (e) break; return 0; } unsigned char fn2 (); void fn3 () { lbl_220: if (j) { lbl_221: l = (g || b) <= fn1 (); for (;;) { g = 0; fn2 (); if (k) goto lbl_220; break; } if (l) goto lbl_221; } } unsigned char fn2 () { o = d ? 0 : c; h = m | a % o != n; return i; } [regehr@dyson r3]$ current-gcc -v Using built-in specs. COLLECT_GCC=current-gcc COLLECT_LTO_WRAPPER=/uusoc/exports/scratch/regehr/z/compiler-install/gcc-r186167-install/bin/../libexec/gcc/x86_64-unknown-linux-gnu/4.8.0/lto-wrapper Target: x86_64-unknown-linux-gnu Configured with: ../configure --with-libelf=/usr/local --enable-lto --prefix=/home/regehr/z/compiler-install/gcc-r186167-install --program-prefix=r186167- --enable-languages=c,c++ Thread model: posix gcc version 4.8.0 20120405 (experimental) (GCC)