Bug 18670 – compiler segfault if `new` on a union type with dip1000
Status
RESOLVED
Resolution
FIXED
Severity
critical
Priority
P1
Component
dmd
Product
D
Version
D2
Platform
All
OS
All
Creation time
2018-03-27T14:41:04Z
Last change time
2018-04-06T21:05:18Z
Keywords
ice
Assigned to
No Owner
Creator
John Colvin
Comments
Comment #0 by john.loughran.colvin — 2018-03-27T14:41:04Z
Found while trying to compile Adam D. Ruppe's terminal-emulator, reduced with dustmite and some manual work
% cat terminalemulator.d
void foo() {
new OVERLAPPED;
}
union OVERLAPPED {
uint OffsetHigh;
uint Pointer;
}
% gdb dmd
< ... blah blah ... >
(gdb) r terminalemulator.d -dip1000
< ... blah blah ... >
DMD v2.079.0-283-g2e21d0713-dirty DEBUG
Program received signal SIGSEGV, Segmentation fault.
0x000000000059f2bd in dmd.escape.escapeByValue(dmd.expression.Expression, dmd.escape.EscapeByResults*) (er=0x7ffffffeca60, e=0x0) at dmd/escape.d:1293
1293 e.accept(v);
(gdb) bt
#0 0x000000000059f2bd in dmd.escape.escapeByValue(dmd.expression.Expression, dmd.escape.EscapeByResults*) (er=0x7ffffffeca60, e=0x0) at dmd/escape.d:1293
#1 0x000000000059e4a9 in dmd.escape.checkNewEscape(dmd.dscope.Scope*, dmd.expression.Expression, bool) (gag=false, e=0x0, sc=0x7ffffe274120) at dmd/escape.d:592
#2 0x00000000005b8342 in ExpressionSemanticVisitor::visit(NewExp*) (this=0x7ffffffecf08, exp=0x7fffff6b53b0) at dmd/expressionsem.d:2363
#3 0x00000000005a9ba6 in NewExp::accept(Visitor*) (this=0x7fffff6b53b0, v=0x7ffffffecf08) at dmd/expression.d:4155
#4 0x00000000005cc5ef in expressionSemantic(Expression*, Scope*) (e=0x7fffff6b53b0, sc=0x7ffffe274120) at dmd/expressionsem.d:9367
#5 0x000000000064f0cc in StatementSemanticVisitor::visit(ExpStatement*) (this=0x7ffffffecfd8, s=0x7fffff6b5420) at dmd/statementsem.d:177
#6 0x0000000000631a0e in ExpStatement::accept(Visitor*) (this=0x7fffff6b5420, v=0x7ffffffecfd8) at dmd/statement.d:715
#7 0x000000000064efa7 in statementSemantic(Statement*, Scope*) (s=0x7fffff6b5420, sc=0x7ffffe274120) at dmd/statementsem.d:126
#8 0x000000000064f38a in StatementSemanticVisitor::visit(CompoundStatement*) (this=0x7ffffffed2d8, cs=0x7fffff6b5440) at dmd/statementsem.d:235
#9 0x0000000000632206 in CompoundStatement::accept(Visitor*) (this=0x7fffff6b5440, v=0x7ffffffed2d8) at dmd/statement.d:908
#10 0x000000000064efa7 in statementSemantic(Statement*, Scope*) (s=0x7fffff6b5440, sc=0x7ffffe274120) at dmd/statementsem.d:126
#11 0x0000000000663aae in Semantic3Visitor::visit(FuncDeclaration*) (this=0x7ffffffedb80, funcdecl=0x7fffff6b5060) at dmd/semantic3.d:581
#12 0x00000000005d35e6 in FuncDeclaration::accept(Visitor*) (this=0x7fffff6b5060, v=0x7ffffffedb80) at dmd/func.d:2277
#13 0x00000000006623c5 in semantic3(Dsymbol*, Scope*) (dsym=0x7fffff6b5060, sc=0x7ffffe273e30) at dmd/semantic3.d:82
#14 0x00000000006627c6 in Semantic3Visitor::visit(Module*) (this=0x7ffffffedc30, mod=0x7fffff6b4c00) at dmd/semantic3.d:193
#15 0x000000000055838e in Module::accept(Visitor*) (this=0x7fffff6b4c00, v=0x7ffffffedc30) at dmd/dmodule.d:1322
#16 0x00000000006623c5 in semantic3(Dsymbol*, Scope*) (dsym=0x7fffff6b4c00, sc=0x0) at dmd/semantic3.d:82
#17 0x00000000005fd1f7 in dmd.mars.tryMain(ulong, const(char)**) (argv=0x7ffffffee958, argc=3) at dmd/mars.d:836
#18 0x00000000005fe17b in D main () at dmd/mars.d:1098
Comment #1 by hsteoh — 2018-03-27T21:09:24Z
This is an ICE; upping priority.
Comment #2 by hsteoh — 2018-03-27T21:12:57Z
Unable to reproduce problem on git master. Perhaps it has since been fixed?
Comment #3 by hsteoh — 2018-03-27T21:13:49Z
P.S. Tested on git commit 2e21d0713babf760e4428d6404d733282ef85e8a, just to be clear.
Comment #4 by bitter.taste — 2018-03-28T07:38:14Z
I can reproduce the segfault on master, the easy fix is to add a `arg !is null` before calling `escapeByValue` to take into account the union types but I'm not sure if the change is sound wrt the escape analysis.
Comment #5 by razvan.nitu1305 — 2018-03-28T10:04:19Z