Command line: gcc -fschedule-insns vararg-1.c && ./a.out Testcase can be further reduced to: ----------- testcase.c ----------- int foo(int i, ...) { return i; } int main() { return foo(0, 0.0); } ---------------------------------- I am not sure the testcase is valid, but I can't find any proof it isn't. "If access to the varying arguments is desired, the called function shall declare an object (...) having type va_list." is the most related sentence in the C99 TC3 draft, but it doesn't say what to do when 'access to varying arguments isn't desired'. Tested revisions: r157965 - crash 4.4.3 - crash 4.3.4, 4.2.4, 4.1.2, 3.4.6, 3.3.6 - OK Output: $ gcc-4.5.0-alpha20100401 -fschedule-insns testcase.c && ./a.out Segmentation fault The problem is unaligned access with movaps: foo: pushq %rbp # movq %rsp, %rbp #, pushq %rbx # subq $64, %rsp #, movzbl %al, %eax #, tmp61 leaq -9(%rbp), %rbx #, tmp62 ... movaps %xmm0, -127(%rbx) #, access is aligned to 8-byte boundary, not 16-byte when -fschedule-insns is not used, "leaq -9(%rbp), %rbx" is changed to "leaq -1(%rbp), %rdx", and the access is aligned correctly
Confirmed. We end up using the callee saved reg %rbx and thus need to push it but we do not preserve alignment correctly.
i386.c has tmp_reg = gen_reg_rtx (Pmode); emit_insn (gen_rtx_SET (VOIDmode, tmp_reg, plus_constant (save_area, ix86_varargs_gpr_size + 127))); mem = gen_rtx_MEM (BLKmode, plus_constant (tmp_reg, -127)); MEM_NOTRAP_P (mem) = 1; set_mem_alias_set (mem, set); set_mem_align (mem, BITS_PER_WORD); /* And finally do the dirty job! */ emit_insn (gen_sse_prologue_save (mem, nsse_reg, GEN_INT (cum->sse_regno), label)); We pass 64bit aligned memory to sse_prologue_save_insn which uses movaps on 64bit aligned memory.
A patch is posted at http://gcc.gnu.org/ml/gcc-patches/2010-04/msg00229.html
Subject: Bug 43668 Author: hjl Date: Wed Apr 7 21:48:51 2010 New Revision: 158092 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=158092 Log: Align stack to 16byte for FP register save area. gcc/ 2010-04-06 H.J. Lu <hongjiu.lu@intel.com> PR target/43668 * config/i386/i386.c (setup_incoming_varargs_64): Align stack to 16byte for FP register save area. gcc/testsuite/ 2010-04-06 H.J. Lu <hongjiu.lu@intel.com> PR target/43668 * gcc.target/i386/pr43668.c: New. Added: branches/gcc-4_4-branch/gcc/testsuite/gcc.target/i386/pr43668.c Modified: branches/gcc-4_4-branch/gcc/ChangeLog branches/gcc-4_4-branch/gcc/config/i386/i386.c branches/gcc-4_4-branch/gcc/testsuite/ChangeLog
Subject: Bug 43668 Author: hjl Date: Wed Apr 7 21:58:27 2010 New Revision: 158093 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=158093 Log: Align stack to 16byte for FP register save area. gcc/ 2010-04-07 H.J. Lu <hongjiu.lu@intel.com> PR target/43668 * config/i386/i386.c (setup_incoming_varargs_64): Align stack to 16byte for FP register save area. gcc/testsuite/ 2010-04-07 H.J. Lu <hongjiu.lu@intel.com> PR target/43668 * gcc.target/i386/pr43668.c: New. Modified: branches/gcc-4_5-branch/gcc/ChangeLog branches/gcc-4_5-branch/gcc/config/i386/i386.c branches/gcc-4_5-branch/gcc/testsuite/ChangeLog
Trunk patch still pending.
Subject: Bug 43668 Author: hjl Date: Tue May 4 21:15:35 2010 New Revision: 159046 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=159046 Log: Add a testcase for PR target/43668. 2010-05-04 H.J. Lu <hongjiu.lu@intel.com> PR target/43668 * gcc.target/i386/pr43668.c: New. Added: trunk/gcc/testsuite/gcc.target/i386/pr43668.c Modified: trunk/gcc/testsuite/ChangeLog
Fixed by http://gcc.gnu.org/ml/gcc-cvs/2010-04/msg00589.html http://gcc.gnu.org/ml/gcc-cvs/2010-05/msg00089.html on trunk.