GCC trunk gets a ICE when building SPEC CPU2000 test 252.eon with "-O2 -fPIC -fno-inline", but not with -fno-ipa-sra, on powerpc-linux with secureplt enabled, as demonstrated by this minimized testcase: class mrSurfaceList { public: int *operator[] (int i) const { } }; int * makeGrid (mrSurfaceList * l) { return (*l)[0]; } elm3b149% /home/janis/tools/gcc-trunk-anonsvn/bin/g++ -c -O2 -fPIC -fno-inline bug.cc bug.cc: In function ‘int* makeGrid(mrSurfaceList*)’: bug.cc:10:1: internal compiler error: in output_507, at config/rs6000/rs6000.md:12527 Please submit a full bug report, with preprocessed source if appropriate. See <http://gcc.gnu.org/bugs.html> for instructions. The ICE begins with this patch, which adds IPA SRA: http://gcc.gnu.org/viewcvs?view=rev&rev=151800 r151800 | jamborm | 2009-09-17 11:35:38 +0000 (Thu, 17 Sep 2009)
Off hand, I cannot tell if this is a target issue where the target should have rejected the sibcall because of secureplt or the IPA-SRA not copying all the decl flags correctly.
The ICE happens with either -m32 or -m64, but after this same patch eon segfaults in a destructor when compiled with "-m32 -O2 -fPIC" when built with GCC with secureplt enabled. valgrind reports some other invalid accesses before that segfault. valgrind also complains about mismatched free()/delete/delete[] in eon, which can be fixed by patching ggString.h with @@ -89,7 +89,7 @@ private: ~StringRep(); void *operator new(size_t, unsigned long len); void *operator new(size_t s) { return new char[s]; } -// void operator delete(void *p) { delete p; } + void operator delete(void *p) { delete [] (char *)p; } int len; int refs; char str[1]; Peter, can you get someone to look at this further? I've got a setup to build and run eon outside of the SPEC framework.
Confirmed. Alan, can you have a look at this? This is ICE'ing at the gcc_assert(!TARGET_SECURE_PLT) you added to define_insn "*sibcall_value_nonlocal_sysv<mode>" as part of your fix for PR36634. The insn we're ICE'ing on looks like: (call_insn/u/j:TI 6 18 7 bug.cc:9 (parallel [ (set (reg:SI 3 3) (call (mem:SI (symbol_ref/i:SI ("_ZNK13mrSurfaceListixEi") [flags 0x1] <function_decl 0x40000371900 operator[]>) [0 S4 A8]) (const_int 0 [0x0]))) (use (const_int 0 [0x0])) (use (reg:SI 65 lr)) (return) ]) 493 {*sibcall_value_nonlocal_sysvsi} (expr_list:REG_EH_REGION (const_int 0 [0x0]) (nil)) (nil))
I haven't looked in detail at this yet, but why are we getting nonlocal sibcalls at all for sysv? rs6000_function_ok_for_sibcall says we shouldn't. I'm not sure why the nonlocal sibcall patterns even accept DEFAULT_ABI == ABI_V4. Incidentally, the reason why we can't do a nonlocal sibcall when using secure plt is that pic_offset_table_rtx (got pointer reg, r30) needs to be live as a pic plt call stub uses r30. Since that register is non-volatile it can't be live for the tail call.
OK, so at the time we call make_decl_rtl for mrSurfaceList::operator[] (gdb) bt #0 rs6000_elf_encode_section_info (decl=0x40402a00, rtl=0x404014a0, first=1) at /home/alan/src/gcc/gcc/config/rs6000/rs6000.c:23487 #1 0x1082a4e4 in make_decl_rtl (decl=0x40402a00) at /home/alan/src/gcc/gcc/varasm.c:1471 #2 0x1082b924 in notice_global_symbol (decl=0x40402a00) at /home/alan/src/gcc/gcc/varasm.c:1628 #3 0x108839e8 in cgraph_mark_reachable_node (node=0x4035c1b0) at /home/alan/src/gcc/gcc/cgraph.c:1479 #4 0x10889fd0 in cgraph_analyze_functions () at /home/alan/src/gcc/gcc/cgraphunit.c:980 #5 0x1088c250 in cgraph_finalize_compilation_unit () at /home/alan/src/gcc/gcc/cgraphunit.c:1073 #6 0x1012fbdc in cp_write_global_declarations () at /home/alan/src/gcc/gcc/cp/decl2.c:3780 we see these flags on the function decl: addressable used public static weak autoinline decl_5 The weak flag makes default_binds_local_p decide that this is non-local so doesn't set SYMBOL_REF_LOCAL_P on the rtl. Later, here: (gdb) bt #0 cgraph_make_node_local (node=0x4035c1b0) at /home/alan/src/gcc/gcc/cgraph.c:2157 #1 0x106e15e4 in modify_function () at /home/alan/src/gcc/gcc/tree-sra.c:3798 #2 ipa_early_sra () at /home/alan/src/gcc/gcc/tree-sra.c:3891 #3 0x1051f750 in execute_one_pass (pass=0x11045634) at /home/alan/src/gcc/gcc/passes.c:1522 #4 0x1051fac4 in execute_pass_list (pass=0x11045634) at /home/alan/src/gcc/gcc/passes.c:1577 #5 0x1051fadc in execute_pass_list (pass=0x11045470) at /home/alan/src/gcc/gcc/passes.c:1578 #6 0x105221d4 in do_per_function_toporder (pass=0x11045408) at /home/alan/src/gcc/gcc/passes.c:1120 #7 execute_ipa_pass_list (pass=0x11045408) at /home/alan/src/gcc/gcc/passes.c:1759 #8 0x1088c034 in ipa_passes () at /home/alan/src/gcc/gcc/cgraphunit.c:1716 #9 cgraph_optimize () at /home/alan/src/gcc/gcc/cgraphunit.c:1775 #10 0x1088c25c in cgraph_finalize_compilation_unit () at /home/alan/src/gcc/gcc/cgraphunit.c:1082 #11 0x1012fbdc in cp_write_global_declarations () at /home/alan/src/gcc/gcc/cp/decl2.c:3780 a bunch of flags on the function decl are cleared, including the weak flag. So rs6000_function_ok_for_sibcall quite happily says that a sibcall is OK, ***but the rtl flags have not been updated***. In particular, SYMBOL_REF_LOCAL_P clear stops rs6000.md:sibcall_value_local32 from matching, and we try to use sibcall_value_nonlocal_sysv. Seems to me that the rtl flags need updating in cgraph_make_node_local.
bootstrap and regression testing a fix
Alan, do you have an update on this? Does you patch fix just the ICE or also the runtime segfault described in comment #2?
I haven't tested my patch against eon, just the testcase here and of course the gcc testsuite. Latest patch url given above
I tried the patch and it fixes both of the problems with eon.
Subject: Bug 42344 Author: amodra Date: Fri Feb 19 23:38:20 2010 New Revision: 156914 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=156914 Log: PR middle-end/42344 * cgraph.h (cgraph_make_decl_local): Declare. * cgraph.c (cgraph_make_decl_local): New function. (cgraph_make_node_local): Use it. * cgraphunit.c (cgraph_function_versioning): Likewise. * ipa.c (function_and_variable_visibility): Likewise. Modified: trunk/gcc/ChangeLog trunk/gcc/cgraph.c trunk/gcc/cgraph.h trunk/gcc/cgraphunit.c trunk/gcc/ipa.c
Fixed