[Bug tree-optimization/93156] New: abused nonnull attribute evokes new segfault in gcc 10 since Nov 4 commit, 0fb958ab8aa

Sat, 04 Jan 2020 14:45:57 -0800 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93156

            Bug ID: 93156
           Summary: abused nonnull attribute evokes new segfault in gcc 10
                    since Nov 4 commit, 0fb958ab8aa
           Product: gcc
           Version: 10.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: tree-optimization
          Assignee: unassigned at gcc dot gnu.org
          Reporter: jim at meyering dot net
  Target Milestone: ---

First clue: the following (derived from a gnulib test) segfaults with -O1, but
not with -O0. I build gcc from master ~daily, so could conveniently "bisect" to
around Nov 4 or 5. Before then, this program would exit zero. Since then, it
segfaults.

$ gcc -O0 -ggdb3 k.c && ./a.out; echo $?
0
$ gcc -O1 -ggdb3 k.c && ./a.out
zsh: segmentation fault (core dumped)  ./a.out
[Exit 139 (SEGV)]
$ gdb a.out
Reading symbols from a.out...
(gdb) r
Starting program: /home/j/w/co/sed/gnulib-tests/a.out
warning: Loadable section ".note.gnu.property" outside of ELF segments

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7e15107 in __GI___realpath (name=name@entry=0xffffffffffffffff
<error: Cannot access memory at address 0xffffffffffffffff>,
resolved=resolved@entry=0x0) at canonicalize.c:50
50        if (name == NULL)

$ cat k.c
extern char *canonicalize_file_name (const char *__name) __attribute__
((__nonnull__ (1)));
extern int rand (void);

/* Return NULL.
   Usual compilers are not able to infer something about the return value.  */
static void *
null_ptr (void)
{
  unsigned int x = rand ();
  unsigned int y = x * x;
  if (y & 2)
    return (void *) -1;
  else
    return (void *) 0;
}

int
main (void)
{
  return !!canonicalize_file_name (null_ptr ());
}

I bisected to this commit:
--------------
commit 0fb958ab8aadda977333cd8a5fbd349babd2807c
Author: aldyh <aldyh@138bc75d-0d04-0410-961f-82ee72b054a4>
Date:   Mon Nov 4 22:05:26 2019 +0000

    Remove handle_pointers argument from all the vrp_val*{min,max} functions. 
Always
    assume pointers should be handled.

    git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@277796
138bc75d-0d04-0410-961f-82ee72b054a4

 gcc/ChangeLog  | 23 +++++++++++++++++++
 gcc/tree-vrp.c | 70 ++++++++++++++++++++++++++++------------------------------
 gcc/tree-vrp.h | 10 ++++-----

Reply via email to