http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48813
Summary: Segfault with backward branch inside dead loop body
Product: gcc
Version: 4.7.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
AssignedTo: unassig...@gcc.gnu.org
ReportedBy: arthur.j.odw...@gmail.com
Created attachment 24135
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=24135
Output of "gcc -Os -funroll-loops -c test227972954.c -v" with gcc 4.4.5
This reproduces for me with svn revision 172950 (2011-04-25), and also with gcc
4.4.5, but strangely not with gcc 4.5.1. I'm on Ubuntu 10.10, x86-64.
cat >test227972954.c <<EOF
extern unsigned int g_202;
extern int g_16, x;
extern void foo();
int func_103() {
lbl_240:
for (g_16 = 0; g_16 < 1; ++g_16) {
foo();
for (g_202 = 4; g_202 <= 3; ++g_202) { /* loop body is dead */
if (x)
goto lbl_240;
}
}
return 0;
}
EOF
gcc -Os -funroll-loops -c test227972954.c
test227972954.c: In function ‘func_103’:
test227972954.c:14:1: internal compiler error: Segmentation fault
gdb's stack trace looks like this:
Program received signal SIGSEGV, Segmentation fault.
0x00000000005aa45c in fix_bb_placements (from=0x7ffff6df0820,
irred_invalidated=0x7fffffffddfe "") at ../../gcc/cfgloopmanip.c:199
199 SET_BIT (in_queue, base_loop->header->index);
(gdb) backtrace
#0 0x00000000005aa45c in fix_bb_placements (from=0x7ffff6df0820,
irred_invalidated=0x7fffffffddfe "") at ../../gcc/cfgloopmanip.c:199
#1 0x00000000005aab22 in fix_loop_placements (e=<value optimized out>)
at ../../gcc/cfgloopmanip.c:858
#2 remove_path (e=<value optimized out>) at ../../gcc/cfgloopmanip.c:388
#3 0x0000000000745fc6 in peel_loop_completely (flags=6)
at ../../gcc/loop-unroll.c:514
#4 peel_loops_completely (flags=6) at ../../gcc/loop-unroll.c:256
#5 unroll_and_peel_loops (flags=6) at ../../gcc/loop-unroll.c:165
[...]
This test case is reduced from the output of Csmith
(http://embed.cs.utah.edu/csmith/), using the following command line:
csmith --bitfields --packed-struct -s 227972954 > test227972954.c
