While working on a Cygwin/AVR backend patch, I had segmentation fault
occur in df-scan.c - which appears unrelated to target.
I can't provide testcase as backend is modfied - but source was 20011113-1.c
It all happens in df_scan.c (Rev 130805 14 Dec 2007)
df_ref_create_structure() trys to access EMPTY collection_rec->def_vec
as type DF_REF_REG_DEF is being set by df_uses_record(), yet no space
was allocated by df_noted_rescan()
This appears to be a bug but seek your combined wisdom before filling a
report:
1) emit-rtl (line 4647) calls df_notes_rescan (insn);
2) df_notes_rescan (line 2043) creates struct df_collection_rec
collection_rec but does not allocate any storage for member "def_vec"
then (line 2062) calls df_uses_record - related to usage of
REG_EQUIV and REG_EQUAL notes
3) df_uses_record (line 2994) , calls df_ref_record (relate to recording
definition for PRE_DEC..POST_MODIFY) - with type set as DF_REF_REG_DEF
5) df_ref_record calls df_ref_create_structure - which fails
Below is stack dump and a few variables and RTX of insn printed out
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i686-pc-cygwin"...
(gdb) source ./gdbini.in
./gdbini.in: No such file or directory.
(gdb) source ./gdbinit.in
Breakpoint 1 at 0x6268d6: file ../../gcc/gcc/diagnostic.c, line 660.
Breakpoint 2 at 0x626863: file ../../gcc/gcc/diagnostic.c, line 604.
Breakpoint 3 at 0xa77a20
Breakpoint 4 at 0xa77a10
(gdb) run -mmcu=atmega128 -g -w -O3 -DSTACK_SIZE=400 -da
-DNO_TRAMPOLINES -fno-show-column -DSIGNAL_SUPPRESS -std=gnu99 200
11113-1.c -o 20011113-1.o
Starting program: /cygdrive/e/awhconf/gcc/cc1.exe -mmcu=atmega128 -g
-w -O3 -DSTACK_SIZE=400 -da -DNO_TRAMPOLINES -fno-show-col
umn -DSIGNAL_SUPPRESS -std=gnu99 20011113-1.c -o 20011113-1.o
Loaded symbols for /cygdrive/c/WINDOWS/system32/ntdll.dll
Loaded symbols for /cygdrive/c/WINDOWS/system32/kernel32.dll
Loaded symbols for /usr/bin/cygwin1.dll
Loaded symbols for /cygdrive/c/WINDOWS/system32/advapi32.dll
Loaded symbols for /cygdrive/c/WINDOWS/system32/rpcrt4.dll
Loaded symbols for /usr/bin/cygiconv-2.dll
foo baz bar main
Analyzing compilation unit
Performing interprocedural optimizations
<visibility> <early_local_cleanups> <inline> <static-var>
<pure-const>Assembling functions:
bar foo baz main
Program received signal SIGSEGV, Segmentation fault.
0x007a03de in df_ref_create_structure (collection_rec=0x22c840,
reg=0x124, loc=0x7ff31b04, bb=0x7fec3c00, insn=0x7ff778a0,
ref_type=DF_REF_REG_DEF, ref_flags=292) at ../../gcc/gcc/df-scan.c:2611
2611 collection_rec->def_vec[collection_rec->next_def++] =
this_ref;
(gdb) where
#0 0x007a03de in df_ref_create_structure (collection_rec=0x22c840,
reg=0x124, loc=0x7ff31b04, bb=0x7fec3c00, insn=0x7ff778a0,
ref_type=DF_REF_REG_DEF, ref_flags=292) at ../../gcc/gcc/df-scan.c:2611
#1 0x007a2d8a in df_uses_record (collection_rec=0x22c840, loc=0x0,
ref_type=DF_REF_REG_MEM_LOAD, bb=0x7fec3c00,
insn=0x7ff778a0, flags=DF_REF_IN_NOTE) at ../../gcc/gcc/df-scan.c:2994
#2 0x007a56db in df_notes_rescan (insn=0x7ff778a0) at
../../gcc/gcc/df-scan.c:2062
#3 0x004d3c91 in set_unique_reg_note (insn=0x7ff778a0, kind=REG_EQUAL,
datum=0x7ff1e8f0) at ../../gcc/gcc/emit-rtl.c:4647
#4 0x005ce935 in try_replace_reg (from=0x7ff1d740, to=0x1bebbd8,
insn=0x7ff778a0) at ../../gcc/gcc/gcse.c:2687
#5 0x005cef5d in constprop_register (insn=0x7ff778a0, from=0x7ff1d740,
to=0x7ff319c8, alter_jumps=0 '\0')
at ../../gcc/gcc/gcse.c:2904
#6 0x005cfdfc in one_cprop_pass (pass=1, cprop_jumps=0 '\0',
bypass_jumps=0 '\0') at ../../gcc/gcc/gcse.c:2973
#7 0x005d5166 in rest_of_handle_gcse () at ../../gcc/gcc/gcse.c:722
#8 0x00621508 in execute_one_pass (pass=0xa79770) at
../../gcc/gcc/passes.c:1118
#9 0x006216ae in execute_pass_list (pass=0xa79350) at
../../gcc/gcc/passes.c:1171
#10 0x006216c1 in execute_pass_list (pass=0xa79630) at
../../gcc/gcc/passes.c:1172
#11 0x00848b4c in tree_rest_of_compilation (fndecl=0x7fdcf340) at
../../gcc/gcc/tree-optimize.c:404
#12 0x0062277b in cgraph_expand_function (node=0x7ff40480) at
../../gcc/gcc/cgraphunit.c:1151
#13 0x006243fe in cgraph_optimize () at ../../gcc/gcc/cgraphunit.c:1214
#14 0x0041aff7 in c_write_global_declarations () at
../../gcc/gcc/c-decl.c:8074
#15 0x006295e6 in toplev_main (argc=14, argv=0x1b91d60) at
../../gcc/gcc/toplev.c:1055
#16 0x004938da in main (argc=14, argv=0x1b91d60) at ../../gcc/gcc/main.c:35
(gdb) pr
The history is empty.
(gdb) print insn
$1 = (rtx) 0x7ff778a0
(gdb) pr
(insn 10 84 11 3 20011113-1.c:36 (set (reg:QI 50)
(mem:QI (post_inc:HI (reg:HI 48)) [0 S1 A8])) 8 {*movqi}
(expr_list:REG_EQUAL (mem:QI (post_inc:HI (reg:HI 48)) [0 S1 A8])
(nil)))
(gdb) print collection_rec
$2 = (struct df_collection_rec *) 0x22c840
(gdb) print *collection_rec
$3 = {def_vec = 0x0, next_def = 0, use_vec = 0x0, next_use = 0,
eq_use_vec = 0x22b860, next_eq_use = 0, mw_vec = 0x22a8b0,
next_mw = 0}
