In stage2, the following fault occurs: mv tmp-libgcc.mk libgcc.mk ./xgcc -B./ -B/home/dave/opt/gnu/gcc/gcc-4.1.0/hppa-linux/bin/ -isystem /home/da ve/opt/gnu/gcc/gcc-4.1.0/hppa-linux/include -isystem /home/dave/opt/gnu/gcc/gcc- 4.1.0/hppa-linux/sys-include -L/home/dave/gnu/gcc-4.0/objdir/gcc/../ld -O2 -O2 - g -O2 -DIN_GCC -W -Wall -Wwrite-strings -Wstrict-prototypes -Wmissing-protot ypes -Wold-style-definition -isystem ./include -I. -I. -I../../gcc/gcc -I../.. /gcc/gcc/. -I../../gcc/gcc/../include -I../../gcc/gcc/../libcpp/include -g0 -f inhibit-size-directive -fno-inline-functions -fno-exceptions -fno-zero-initializ ed-in-bss -fno-unit-at-a-time \ -c ../../gcc/gcc/crtstuff.c -DCRT_BEGIN \ -o crtbegin.o xgcc: Internal error: Segmentation fault (program cc1) (gdb) r `cat xx.sh` Starting program: /home/dave/gnu/gcc-4.0/objdir/gcc/cc1 `cat xx.sh` GNU C version 4.1.0 20050814 (experimental) (hppa-linux) compiled by GNU C version 4.1.0 20050814 (experimental). GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096 options passed: -I. -I. -I../../gcc/gcc -I../../gcc/gcc/. -I../../gcc/gcc/../include -I../../gcc/gcc/../libcpp/include -iprefix -isystem -DIN_GCC -DCRT_BEGIN -isystem -isystem -isystem -auxbase-strip -g -g0 -O2 -O2 -O2 -W -Wall -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wold-style-definition -finhibit-size-directive -fno-inline-functions -fno-exceptions -fno-zero-initialized-in-bss -fno-unit-at-a-time options enabled: -falign-loops -fargument-alias -fbranch-count-reg -fcaller-saves -fcommon -fcprop-registers -fcrossjumping -fcse-follow-jumps -fcse-skip-blocks -fdefer-pop -fdelayed-branch -fdelete-null-pointer-checks -fearly-inlining -feliminate-unused-debug-types -fexpensive-optimizations -ffunction-cse -fgcse -fgcse-lm -fguess-branch-probability -fident -fif-conversion -fif-conversion2 -finhibit-size-directive -fipa-pure-const -fipa-reference -fipa-type-escape -fivopts -fkeep-static-consts -fleading-underscore -floop-optimize -floop-optimize2 -fmath-errno -fmerge-constants -fomit-frame-pointer -foptimize-register-move -foptimize-sibling-calls -fpeephole -fpeephole2 -freg-struct-return -fregmove -freorder-blocks -freorder-functions -frerun-cse-after-loop -frerun-loop-opt -fsched-interblock -fsched-spec -fsched-stalled-insns-dep -fschedule-insns -fschedule-insns2 -fshow-column -fsplit-ivs-in-unroller -fstrength-reduce -fstrict-aliasing -fthread-jumps -ftrapping-math -ftree-ccp -ftree-ch -ftree-copy-prop -ftree-copyrename -ftree-dce -ftree-dominator-opts -ftree-dse -ftree-fre -ftree-loop-im -ftree-loop-ivcanon -ftree-loop-optimize -ftree-lrs -ftree-pre -ftree-salias -ftree-sink -ftree-sra -ftree-store-ccp -ftree-store-copy-prop -ftree-ter -ftree-vrp -fvar-tracking -mbig-switch -mgas -mno-space-regs Compiler executable checksum: f95f669b69fe7f9c73b928e96fbc74e7 vprintf getchar getc_unlocked getchar_unlocked putchar fputc_unlocked putc_unlocked putchar_unlocked getline feof_unlocked ferror_unlocked __strcspn_c1 __strcspn_c2 __strcspn_c3 __strspn_c1 __strspn_c2 __strspn_c3 __strpbrk_c2 __strpbrk_c3 __strtok_r_1c __strsep_1c __strsep_2c __strsep_3c strtod strtol strtoul strtof strtold strtoq strtouq strtoll strtoull atof atoi atol atoll get_cie next_fde last_fde __do_global_dtors_aux Program received signal SIGSEGV, Segmentation fault. bitmap_and_compl_into (a=0x5999fc, b=Variable "b" is not available. ) at ../../gcc/gcc/bitmap.c:780 780 BITMAP_WORD cleared = a_elt->bits[ix] & b_elt->bits[ix]; (gdb) p/x $pc $3 = 0x12fcd4 0x0012fcd4 <bitmap_and_compl_into+212>: ldw 18(,r20),r19 (gdb) p/x $r20 $2 = 0x4e1fe4 (gdb) x/x 0x4e1fe4 0x4e1fe4: Cannot access memory at address 0x4e1fe4 (gdb) bt #0 bitmap_and_compl_into (a=0x5999fc, b=Variable "b" is not available. ) at ../../gcc/gcc/bitmap.c:780 #1 0x000c5540 in insert_phi_nodes_for (var=0x403e2898, phi_insertion_points=0x5999fc, update_p=1 '\001') at ../../gcc/gcc/tree-into-ssa.c:806 #2 0x000c6074 in insert_updated_phi_nodes_for (var=0x403e2898, dfs=0x80, blocks=0x5998a4, update_flags=2) at ../../gcc/gcc/tree-into-ssa.c:2476 #3 0x000c9b84 in update_ssa (update_flags=128) at ../../gcc/gcc/tree-into-ssa.c:2771 My first guess is that this loop has been miscompiled: for (ix = BITMAP_ELEMENT_WORDS; ix--;) { BITMAP_WORD cleared = a_elt->bits[ix] & b_elt->bits[ix]; BITMAP_WORD r = a_elt->bits[ix] ^ cleared; a_elt->bits[ix] = r; changed |= cleared; ior |= r; } In the call to bitmap_and_compl_into that fails, the loop iterates 94061 times before the SIGSEGV. The last successful build was updated at Aug 13 01:18:00 UTC 2005.
This effects all 32bit targets it seems. See also http://gcc.gnu.org/ml/gcc-patches/2005-08/msg00831.html which is what I reported about which patch caused it.
Compiling bitmap.c at -O0 make bootstrap past this point.
(In reply to comment #2) > Compiling bitmap.c at -O0 make bootstrap past this point. On ppc-darwin that is.
Confirmed now, testcase: typedef unsigned long BITMAP_WORD; typedef struct bitmap_element_def { struct bitmap_element_def *next; struct bitmap_element_def *prev; unsigned int indx; BITMAP_WORD bits[4]; } bitmap_element; typedef struct bitmap_head_def { bitmap_element *first; bitmap_element *current; unsigned int indx; } bitmap_head; typedef struct bitmap_head_def *bitmap; int f[100]; int g[100]; unsigned char bitmap_equal_p (bitmap a, bitmap b) { bitmap_element *a_elt; bitmap_element *b_elt; unsigned ix; for (a_elt = a->first, b_elt = b->first; a_elt && b_elt; a_elt = a_elt->next, b_elt = b_elt->next) { if (a_elt->indx != b_elt->indx) return 0; for (ix = 4; ix--;) { if (f[ix] != g[ix]) { return 0; } } } return 1; } int main(void) { bitmap a; a = __builtin_calloc (sizeof(*a),1); bitmap b; b = __builtin_calloc (sizeof(*b),1); a->first = __builtin_calloc(sizeof(*a->first), 1); b->first = __builtin_calloc(sizeof(*b->first), 1); for(int i = 0;i<5;i++) { a->first->bits[i] = i; b->first->bits[i] = i; } if (!bitmap_equal_p (a, b)) __builtin_abort(); return 0; }
We get: ix_14: [0, 3] EQUIVALENCES: { } (0 elements) which is wrong as it should be the union of [0,3] and [-1,-1]. so we are folding: Folding predicate ix_14 != 4294967295 to 1
Here is something which is a little more reduced: int f[100]; int g[100]; unsigned char f1 (int a, int b) { unsigned ix; if (a == b) return 1; for (ix = 4; ix--;) if (f[ix] != g[ix]) return 0; return 1; } int main(void) { if (!f1 (1, 2)) __builtin_abort(); return 0; }
Subject: Re: [4.1 Regression] bitmap.c is being miscompiled (VRP) On Sun, 2005-08-14 at 17:32 +0000, pinskia at gcc dot gnu dot org wrote: > ------- Additional Comments From pinskia at gcc dot gnu dot org 2005-08-14 17:32 ------- > Here is something which is a little more reduced: > int f[100]; > int g[100]; > unsigned char > f1 (int a, int b) > { > unsigned ix; > if (a == b) > return 1; > for (ix = 4; ix--;) > if (f[ix] != g[ix]) > return 0; > return 1; > } > > int main(void) > { > if (!f1 (1, 2)) > __builtin_abort(); > return 0; > } > > The SSA version used in the pointer arithmetic doesn't wrap. The other SSA versions do. We can't afford to simply assume that everything wraps, or else we can't calculate the number of iterations on pretty much any loop.
Here is a testcase which also fail on 64bit targets too: int f[100]; int g[100]; unsigned char f1 (int a, int b) { __SIZE_TYPE__ ix; if (a) return 1; for (ix = 4; ix--;) if (f[ix] != g[ix]) return 0; return 1; } int main(void) { if (!f1 (0, 2)) __builtin_abort(); return 0; } ---
Subject: Bug 23386 CVSROOT: /cvs/gcc Module name: gcc Changes by: spop@gcc.gnu.org 2005-08-15 07:51:42 Modified files: gcc : ChangeLog tree-data-ref.c Added files: gcc/testsuite/gcc.dg/tree-ssa: pr23386.c Log message: PR 23386 * tree-data-ref.c (estimate_niter_from_size_of_data): When step is negative compute the estimation from init downwards to zero. * testsuite/gcc.dg/tree-ssa/pr23386.c: New. Patches: http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/ChangeLog.diff?cvsroot=gcc&r1=2.9731&r2=2.9732 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/tree-data-ref.c.diff?cvsroot=gcc&r1=2.37&r2=2.38 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/gcc.dg/tree-ssa/pr23386.c.diff?cvsroot=gcc&r1=NONE&r2=1.1
Fixed.