FS#39180 - [gcc] segfaults when assembling certain GHC-produced files
Attached to Project:
Arch Linux
Opened by Dan Doel (dolio) - Wednesday, 05 March 2014, 03:05 GMT
Last edited by Allan McRae (Allan) - Saturday, 27 December 2014, 06:50 GMT
Opened by Dan Doel (dolio) - Wednesday, 05 March 2014, 03:05 GMT
Last edited by Allan McRae (Allan) - Saturday, 27 December 2014, 06:50 GMT
|
Details
When testing out the GHC 7.8.1 release candidate, I was
getting segfaults on certain files. I eventually tracked it
down to gcc segfaulting on an intermediate assembly file.
I'll attach the file in question (compressed; it's quite
large, but I don't have any other examples).
The segfault can be reproduced by running: /usr/bin/gcc -DTABLES_NEXT_TO_CODE -x assembler-with-cpp -c ghc3240_8.s -o ghc3240_8.o I've tested with multilib/gcc-multilib 4.8.2-8 and core/gcc 4.8.2-8 on x86_64. Both segfault. 
ghc3240_8.s.xz
(1.83 MiB)
|
This task depends upon
Closed by Allan McRae (Allan)
Saturday, 27 December 2014, 06:50 GMT
Reason for closing: Fixed
Additional comments about closing: gcc-4.9.2-2
Saturday, 27 December 2014, 06:50 GMT
Reason for closing: Fixed
Additional comments about closing: gcc-4.9.2-2
1) putting #define TABLES_NEXT_TO_CODE at the top of the file and omitting the -D flag also causes the segfault
2) TABLES_NEXT_TO_CODE is not really significant. Something needs to be CPP defined, and the length matters, but that's it. -DFAKE_THE_FUNK segfaults, but -DNASTY_DUNK doesn't. Or -DAAAAAAAAAAAA (12 As) works, but -DAAAAAAAAAAAAA (13 As) segfaults.
Compiling with "gcc -x assembler-with-cpp -c ghc3240_8.s -o ghc3240_8.o" does not segfault. So it must have an issue with TABLES_NEXT_TO_CODE. But that is not in the .s file, and nor is any .ifdef statements...
I'm clearly missing something here, but I have not needed to debug and ICE from a .s file before.
Well into the realms of WTF now!
If I go to line 5, and duplicate it, so that there are two lines:
.byte 67
.byte 67
The segfault disappears. So perhaps it's related to the file's size (modulo some number) somehow?
Fiddling with bytes to make them have more or fewer characters seems to have no effect. But adding or deleting a line fixes the segfault. Even adding a blank line at the beginning of the file fixes it. But, adding blank lines to the end of the file does not.
0x0000000000c505ae in get_data_from_adhoc_loc(line_maps*, unsigned int) ()
(gdb) bt
#0 0x0000000000c505ae in get_data_from_adhoc_loc(line_maps*, unsigned int) ()
#1 0x0000000000c3e61c in ?? ()
#2 0x0000000000c3e84e in expand_location(unsigned int) ()
#3 0x000000000057c7ae in preprocess_file(cpp_reader*) ()
#4 0x000000000057b071 in c_common_init() ()
#5 0x0000000000531e8e in c_objc_common_init() ()
#6 0x0000000000813c87 in toplev_main(int, char**) ()
#7 0x00007ffff66efb05 in __libc_start_main () from /usr/lib/libc.so.6
#8 0x000000000050a0e7 in _start ()
Adding a blank line before 395848 fixes the segfault.
Adding a blank line after 395848 does not.
Deleting line 395848 fixes the segfault.
But, truncating has different effects. Truncating before line 4400769 fixes the segfault, while truncating there or after does not. Truncating at line 4400769 preserves the behavior of modificaitons at line 395848, though.
I don't know if this is of any help. It doesn't slim down the test case appreciably, and those numbers don't jump out at me as meaningful.
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60436
Also, I think the bug is definitely narrowed down to the preprocessor, as `cpp -DABCDEFGHIJLKM` is sufficient to segfault.