Bug 4382 - [3.2 regression] __builtin_{set,long}jmp with -O3 can crash the compiler

Description:

Last confirmed:

Opened: 2001-09-24 04:56

I guess there are some problems with inlaingin function and
non-local gotos. I found it during Ksi developments, but
it also crashes C compiler. However as 
__bultin_{set,long}jmp are not documented, and in sources
there are comments, not to use them other way then
Ada and sjlj exception, so I'm not sure if code below
is legal. However, this seems to be a problem.

Release:
20010917 snapshot, gcc 3.0.1

Environment:
PLD Linux/GNU on ia32, possibly other ia32, don't crash
axp-pld-linux

How-To-Repeat:
compile following with -O3 (-fno-inline removes problem):

#v+
struct jmp_buf {
        void *p[5];
};

static void jumpaway(struct jmp_buf *ptr)
{
        __builtin_longjmp(ptr ,1);
        abort();
}

int main(void)
{
        struct jmp_buf buf;

        if (__builtin_setjmp(&buf) == 0) {
        } else
                return 0;
        jumpaway(&buf);
        abort();
        return 0;
}
#v-

------- Comment #2 From Wolfgang Bangerth 2002-12-06 15:55 -------

State-Changed-From-To: open->analyzed
State-Changed-Why: Confirmed. I get with 3.2.2pre and 3.3pre:
    tmp/g> /home/bangerth/bin/gcc-3.2.2-pre/bin/gcc -c -O3 x.c
    x.c: In function `main':
    x.c:21: Internal compiler error in make_edges, at cfgbuild.c:402
    Please submit a full bug report,
    with preprocessed source if appropriate.
    See <URL:http://www.gnu.org/software/gcc/bugs.html> for instructions.
    tmp/g>
    tmp/g>
    tmp/g>
    tmp/g> /home/bangerth/bin/gcc-3.3-pre/bin/gcc -c -O3 x.c
    x.c: In function `main':
    x.c:21: error: Wrong amount of branch edges after unconditional jump 0
    x.c:21: internal compiler error: verify_flow_info failed
    Please submit a full bug report,
    with preprocessed source if appropriate.
    See <URL:http://www.gnu.org/software/gcc/bugs.html> for instructions.
    
    
    This used to work with 2.95, but failed with 3.0 first.
    
    The following slighty simpler code also crashes the compiler,
    but please don't anyone ask me whether this makes any
    sense any more:
    -------------------------------
    void jumpaway(int *ptr) {
      __builtin_longjmp(ptr,1);
    }
    
    int main(void) {
      __builtin_setjmp(0);
      jumpaway(0);
    }
    --------------------------

------- Comment #3 From janis187@us.ibm.com 2002-12-19 15:26 -------

From: Janis Johnson <janis187@us.ibm.com>
To: gcc-gnats@gcc.gnu.org, gcc-prs@gcc.gnu.org, gcc-bugs@gcc.gnu.org,
   nobody@gcc.gnu.org, malekith@pld.org.pl
Cc:  
Subject: Re: optimization/4382: [3.2/3.3 regression] __builtin_{set,long}jmp with 
 -O3 can crash the compiler
Date: Thu, 19 Dec 2002 15:26:15 -0800

 The regression reported in PR optimization/4382 showed up
 starting with this patch:
 
 2000-12-20  Richard Henderson  <rth@redhat.com>
 
         * rtl.h (REG_NON_LOCAL_GOTO): New.
         * rtl.c (reg_note_name): Update.
         * stmt.c (expand_goto): Emit a REG_NON_LOCAL_GOTO note.
         * builtins.c (expand_builtin_longjmp): Likewise.
         * flow.c (make_edges): Check for REG_NON_LOCAL_GOTO and do
         not emit an edge.
 
 I used the original, larger test case provided by the
 submitter.
 
 Output from the compiler with the current mainline is the
 same as that reported by Wolfgang a couple of weeks ago.
 
 http://gcc.gnu.org/cgi-bin/gnatsweb.pl?cmd=view%20audit-trail&database=gcc&pr=4382

------- Comment #4 From Wolfgang Bangerth 2003-01-24 15:35 -------

From: Wolfgang Bangerth <bangerth@ticam.utexas.edu>
To: gcc-gnats@gcc.gnu.org
Cc:  
Subject: Re: optimization/4382
Date: Fri, 24 Jan 2003 15:35:23 -0600 (CST)

 ---------- Forwarded message ----------
 Date: Fri, 24 Jan 2003 13:20:47 -0800
 From: Richard Henderson <rth@redhat.com>
 To: Janis Johnson <janis187@us.ibm.com>
 Cc: gcc@gcc.gnu.org, rodrigc@attbi.com, bangerth@ticam.utexas.edu
 Subject: Re: patch that caused regression PR optimization/4382
 
 On Thu, Dec 19, 2002 at 03:25:13PM -0800, Janis Johnson wrote:
 > The regression reported in PR optimization/4382 showed up ...
 
 This is _really_ borderline, but ok.  We'll hack around
 this problem like so.
 
 If you call both __builtin_setjmp and __builtin_longjmp in
 the same function, expect things to crash again, however.
 All I can say is, Don't Do That.
 
 
 r~
 
 
         * tree-inline.c (find_builtin_longjmp_call_1): New.
         (find_builtin_longjmp_call): New.
         (inlinable_function_p): Use it.
 
 Index: tree-inline.c
 ===================================================================
 RCS file: /cvs/gcc/gcc/gcc/tree-inline.c,v
 retrieving revision 1.40
 diff -c -p -d -r1.40 tree-inline.c
 *** tree-inline.c	24 Dec 2002 08:30:33 -0000	1.40
 --- tree-inline.c	24 Jan 2003 21:14:47 -0000
 *************** static tree add_stmt_to_compound PARAMS 
 *** 125,130 ****
 --- 125,132 ----
   #endif /* INLINER_FOR_JAVA */
   static tree find_alloca_call_1 PARAMS ((tree *, int *, void *));
   static tree find_alloca_call PARAMS ((tree));
 + static tree find_builtin_longjmp_call_1 PARAMS ((tree *, int *, void *));
 + static tree find_builtin_longjmp_call PARAMS ((tree));
   
   /* The approximate number of instructions per statement.  This number
      need not be particularly accurate; it is used only to make
 *************** tree_inlinable_function_p (fn)
 *** 873,879 ****
     return inlinable_function_p (fn, NULL);
   }
   
 ! /* if *TP is possibly call to alloca, return nonzero.  */
   static tree
   find_alloca_call_1 (tp, walk_subtrees, data)
        tree *tp;
 --- 875,881 ----
     return inlinable_function_p (fn, NULL);
   }
   
 ! /* If *TP is possibly call to alloca, return nonzero.  */
   static tree
   find_alloca_call_1 (tp, walk_subtrees, data)
        tree *tp;
 *************** find_alloca_call_1 (tp, walk_subtrees, d
 *** 885,892 ****
     return NULL;
   }
   
 ! /* Return subexpression representing possible alloca call,
 !    if any.  */
   static tree
   find_alloca_call (exp)
        tree exp;
 --- 887,893 ----
     return NULL;
   }
   
 ! /* Return subexpression representing possible alloca call, if any.  */
   static tree
   find_alloca_call (exp)
        tree exp;
 *************** find_alloca_call (exp)
 *** 894,899 ****
 --- 895,926 ----
     return walk_tree (&exp, find_alloca_call_1, NULL, NULL);
   }
   
 + static tree
 + find_builtin_longjmp_call_1 (tp, walk_subtrees, data)
 +      tree *tp;
 +      int *walk_subtrees ATTRIBUTE_UNUSED;
 +      void *data ATTRIBUTE_UNUSED;
 + {
 +   tree exp = *tp, decl;
 + 
 +   if (TREE_CODE (exp) == CALL_EXPR
 +       && TREE_CODE (TREE_OPERAND (exp, 0)) == ADDR_EXPR
 +       && (decl = TREE_OPERAND (TREE_OPERAND (exp, 0), 0),
 + 	  TREE_CODE (decl) == FUNCTION_DECL)
 +       && DECL_BUILT_IN_CLASS (decl) == BUILT_IN_NORMAL
 +       && DECL_FUNCTION_CODE (decl) == BUILT_IN_LONGJMP)
 +     return decl;
 + 
 +   return NULL;
 + }
 + 
 + static tree
 + find_builtin_longjmp_call (exp)
 +      tree exp;
 + {
 +   return walk_tree (&exp, find_builtin_longjmp_call_1, NULL, NULL);
 + }
 + 
   /* Returns nonzero if FN is a function that can be inlined into the
      inlining context ID_.  If ID_ is NULL, check whether the function
      can be inlined at all.  */
 *************** inlinable_function_p (fn, id)
 *** 933,938 ****
 --- 960,973 ----
        allowance for extern inline functions, though.  */
     else if (! (*lang_hooks.tree_inlining.disregard_inline_limits) (fn)
   	   && currfn_insns > MAX_INLINE_INSNS_SINGLE)
 +     ;
 +   /* We can't inline functions that call __builtin_longjmp at all.
 +      The non-local goto machenery really requires the destination
 +      be in a different function.  If we allow the function calling
 +      __builtin_longjmp to be inlined into the function calling
 +      __builtin_setjmp, Things will Go Awry.  */
 +   /* ??? Need front end help to identify "regular" non-local goto.  */
 +   else if (find_builtin_longjmp_call (DECL_SAVED_TREE (fn)))
       ;
     /* Refuse to inline alloca call unless user explicitly forced so as this may
        change program's memory overhead drastically when the function using alloca

Bug 4382 depends on:			Show dependency tree Show dependency graph
Bug 4382 blocks:			Show dependency tree Show dependency graph

GCC Bugzilla Bug 4382

[3.2 regression] __builtin_{set,long}jmp with -O3 can crash the compiler

Last modified: 2003-07-25 17:33:46

Known to work:
Known to fail: