[Bug web/44775] New: union_match_dups failed to check NULL *ref

Thu, 01 Jul 2010 15:43:29 -0700 

union_match_dups has

      ref = type == OP_IN ? use_link : def_link;
      entry = type == OP_IN ? use_entry : def_entry;
      for (; *ref; ref++)
        if (DF_REF_LOC (*ref) == recog_data.operand_loc[op])
          break;

      (*fun) (use_entry + DF_REF_ID (*dupref), entry + DF_REF_ID (*ref));

There is no check for NULL *ref. With this patch:

http://gcc.gnu.org/ml/gcc-patches/2010-07/msg00076.html

on x86, I got

[...@gnu-32 stage1-gcc]$ ./xgcc -B./
/export/gnu/import/git/gcc/gcc/testsuite/gcc.c-torture/execute/arith-rand.c
-m32 -O3 -S -funroll-loops -w
/export/gnu/import/git/gcc/gcc/testsuite/gcc.c-torture/execute/arith-rand.c: In
function ‘main’:
/export/gnu/import/git/gcc/gcc/testsuite/gcc.c-torture/execute/arith-rand.c:114:1:
internal compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.
[...@gnu-32 stage1-gcc]$ 


Program received signal SIGSEGV, Segmentation fault.
0x00000000022b4984 in union_match_dups (insn=0x7ffff19e8510, 
    def_entry=0x459df20, use_entry=0x4594f40, fun=0x22b4764 <unionfind_union>)
    at /export/gnu/import/git/gcc/gcc/web.c:126
126           (*fun) (use_entry + DF_REF_ID (*dupref), entry + DF_REF_ID
(*ref));
(gdb) call debug_rtx (insn)
(insn 216 215 217 40
/export/gnu/import/git/gcc/gcc/testsuite/gcc.c-torture/execute/arith-rand.c:101
(parallel [
            (set (reg:HI 854)
                (ior:HI (ashift:HI (zero_extend:HI (umod:QI (subreg:QI (reg:HI
855 [ xx ]) 0)
                                (reg/v:QI 114 [ yy ])))
                        (const_int 8 [0x8]))
                    (zero_extend:HI (udiv:QI (subreg:QI (reg:HI 855 [ xx ]) 0)
                            (reg/v:QI 114 [ yy ])))))
            (use (reg:HI 855 [ xx ]))
            (clobber (reg:CC 17 flags))
        ]) 350 {udivmodhiqi3} (expr_list:REG_DEAD (reg:HI 855 [ xx ])
        (expr_list:REG_UNUSED (reg:CC 17 flags)
            (nil))))
(gdb) p ref
$2 = (df_ref *) 0x459cbb8
(gdb) p *ref
$3 = (df_ref) 0x0
(gdb)


-- 
           Summary: union_match_dups failed to check NULL *ref
           Product: gcc
           Version: 4.6.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: web
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: hjl dot tools at gmail dot com


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44775

Reply via email to