+++ This bug was initially created as a clone of Bug #50607 +++ See PR50607#c1. The SEGV happens in lto1. Here's a gdb backtrace (N.B. optimized code on a x86_64 host) running lto1 with "-melf -quiet -dumpdir /tmp/hpautotest-gcc1/cris-elf/gccobj/gcc/testsuite/gcc/ -dumpbase pr23135.x6 -auxbase-strip /tmp/ccSn7Zx5.lto.o -O2 -w -version -flto-partition=none -fresolution=pr23135.res pr23135.o -o pr23135.s": (gdb) r The program being debugged has been started already. Start it from the beginning? (y or n) y Starting program: /tmp/hpautotest-gcc1/cris-elf/gccobj/gcc/lto1 -melf -quiet -dumpdir /tmp/hpautotest-gcc1/cris-elf/gccobj/gcc/testsuite/gcc/ -dumpbase pr23135.x6 -auxbase-strip /tmp/ccSn7Zx5.lto.o -O2 -w -version -flto-partition=none -fresolution=pr23135.res pr23135.o -o pr23135.s GNU GIMPLE (GCC) version 4.7.0 20111003 (experimental) [trunk revision 179480] (cris-elf) compiled by GNU C version 4.4.3 20100127 (Red Hat 4.4.3-4), GMP version 4.3.0, MPFR version 2.4.1, MPC version 0.8 GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096 GNU GIMPLE (GCC) version 4.7.0 20111003 (experimental) [trunk revision 179480] (cris-elf) compiled by GNU C version 4.4.3 20100127 (Red Hat 4.4.3-4), GMP version 4.3.0, MPFR version 2.4.1, MPC version 0.8 GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096 Program received signal SIGSEGV, Segmentation fault. fold_nonarray_ctor_reference (type=<value optimized out>, ctor=<value optimized out>, offset=<value optimized out>, size=32) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:2834 2834 tree byte_offset = DECL_FIELD_OFFSET (cfield); (gdb) bt #0 fold_nonarray_ctor_reference (type=<value optimized out>, ctor=<value optimized out>, offset=<value optimized out>, size=32) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:2834 #1 fold_ctor_reference (type=<value optimized out>, ctor=<value optimized out>, offset=<value optimized out>, size=32) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:2923 #2 0x000000000062225c in fold_const_aggregate_ref_1 (t=0x7ffff7f7ca10, valueize=0) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:3017 #3 0x0000000000627c10 in maybe_fold_reference (expr=0x7ffff7f7ca10, is_lhs=0 '\000') at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:232 #4 0x00000000006292c1 in fold_stmt_1 (gsi=0x7fffffffdb00, inplace=0 '\000') at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:1168 #5 0x0000000000833b1a in optimize_stmt (bb=0x7ffff7f85478, si=...) at /tmp/hpautotest-gcc1/gcc/gcc/tree-ssa-dom.c:2133 #6 0x00000000008347ad in dom_opt_enter_block (walk_data=<value optimized out>, bb=0x7ffff7f85478) at /tmp/hpautotest-gcc1/gcc/gcc/tree-ssa-dom.c:1686 #7 0x00000000009d7228 in walk_dominator_tree (walk_data=0x7fffffffdc50, bb=0x7ffff7f85478) at /tmp/hpautotest-gcc1/gcc/gcc/domwalk.c:188 #8 0x000000000082ed7d in tree_ssa_dominator_optimize () at /tmp/hpautotest-gcc1/gcc/gcc/tree-ssa-dom.c:709 #9 0x00000000006f5f82 in execute_one_pass (pass=0xee6160) at /tmp/hpautotest-gcc1/gcc/gcc/passes.c:2064 #10 0x00000000006f6295 in execute_pass_list (pass=0xee6160) at /tmp/hpautotest-gcc1/gcc/gcc/passes.c:2119 #11 0x00000000006f62a7 in execute_pass_list (pass=0xe606e0) at /tmp/hpautotest-gcc1/gcc/gcc/passes.c:2120 #12 0x00000000007d92f8 in tree_rest_of_compilation (fndecl=0x7ffff7f74800) at /tmp/hpautotest-gcc1/gcc/gcc/tree-optimize.c:420 #13 0x00000000004e836e in cgraph_expand_function (node=0x7ffff7f7f120) at /tmp/hpautotest-gcc1/gcc/gcc/cgraphunit.c:1805 #14 0x00000000004eb72a in cgraph_expand_all_functions () at /tmp/hpautotest-gcc1/gcc/gcc/cgraphunit.c:1864 #15 cgraph_optimize () at /tmp/hpautotest-gcc1/gcc/gcc/cgraphunit.c:2141 #16 0x0000000000475344 in lto_main () at /tmp/hpautotest-gcc1/gcc/gcc/lto/lto.c:2868 #17 0x00000000007776a1 in compile_file () at /tmp/hpautotest-gcc1/gcc/gcc/toplev.c:565 #18 do_compile () at /tmp/hpautotest-gcc1/gcc/gcc/toplev.c:1925 #19 0x0000000000778212 in toplev_main (argc=17, argv=0x7fffffffe008) at /tmp/hpautotest-gcc1/gcc/gcc/toplev.c:2001 #20 0x00000037d421eb1d in __libc_start_main () from /lib64/libc.so.6 #21 0x0000000000459959 in _start () I'll re-run that with all *.o rebuilt with "-O0 -g3".
Last known working revision:first known failing 179447:179464, and 179462 is the only related change in that range, so it's confirmed that's the revision exposing or causing this regression.
So, at r179480, I get, for lto1 and everything related rebuilt with CFLAGS=-g3: (gdb) set args -melf -quiet -dumpdir /tmp/hpautotest-gcc1/cris-elf/gccobj/gcc/testsuite/gcc/ -dumpbase pr23135.x6 -auxbase-strip /tmp/ccJhtPAy.lto.o -O2 -w -version -flto-partition=none -fresolution=pr23135.res pr23135.o -o pr23135.s (gdb) r Starting program: /tmp/hpautotest-gcc1/cris-elf/gccobj/gcc/lto1 -melf -quiet -dumpdir /tmp/hpautotest-gcc1/cris-elf/gccobj/gcc/testsuite/gcc/ -dumpbase pr23135.x6 -auxbase-strip /tmp/ccJhtPAy.lto.o -O2 -w -version -flto-partition=none -fresolution=pr23135.res pr23135.o -o pr23135.s GNU GIMPLE (GCC) version 4.7.0 20111003 (experimental) [trunk revision 179480] (cris-elf) compiled by GNU C version 4.4.3 20100127 (Red Hat 4.4.3-4), GMP version 4.3.0, MPFR version 2.4.1, MPC version 0.8 GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096 GNU GIMPLE (GCC) version 4.7.0 20111003 (experimental) [trunk revision 179480] (cris-elf) compiled by GNU C version 4.4.3 20100127 (Red Hat 4.4.3-4), GMP version 4.3.0, MPFR version 2.4.1, MPC version 0.8 GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096 Program received signal SIGSEGV, Segmentation fault. 0x000000000078bae8 in fold_nonarray_ctor_reference (type=0x7ffff7ece5e8, ctor=0x7ffff7f8dab0, offset=0, size=32) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:2834 2834 tree byte_offset = DECL_FIELD_OFFSET (cfield); Missing separate debuginfos, use: debuginfo-install glibc-2.11.1-1.x86_64 (gdb) p cfield $1 = (tree) 0x0 (gdb) bt #0 0x000000000078bae8 in fold_nonarray_ctor_reference (type=0x7ffff7ece5e8, ctor=0x7ffff7f8dab0, offset=0, size=32) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:2834 #1 0x000000000078c93d in fold_ctor_reference (type=0x7ffff7ece5e8, ctor=0x7ffff7f8dab0, offset=0, size=32) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:2923 #2 0x000000000078d210 in fold_const_aggregate_ref_1 (t=0x7ffff7f7ca10, valueize=0) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:3017 #3 0x000000000078d3dd in fold_const_aggregate_ref (t=0x7ffff7f7ca10) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:3039 #4 0x000000000077e0ef in maybe_fold_reference (expr=0x7ffff7f7ca10, is_lhs=0 '\000') at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:232 #5 0x000000000077eeee in fold_gimple_assign (si=0x7fffffffdac0) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:298 #6 0x0000000000783a3e in fold_stmt_1 (gsi=0x7fffffffdac0, inplace=0 '\000') at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:1168 #7 0x00000000007843cc in fold_stmt (gsi=0x7fffffffdac0) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:1304 #8 0x0000000000af258f in optimize_stmt (bb=0x7ffff7f85478, si=...) at /tmp/hpautotest-gcc1/gcc/gcc/tree-ssa-dom.c:2133 #9 0x0000000000af1254 in dom_opt_enter_block (walk_data=0x7fffffffdc70, bb=0x7ffff7f85478) at /tmp/hpautotest-gcc1/gcc/gcc/tree-ssa-dom.c:1686 #10 0x0000000000d97b8c in walk_dominator_tree (walk_data=0x7fffffffdc70, bb=0x7ffff7f85478) at /tmp/hpautotest-gcc1/gcc/gcc/domwalk.c:188 #11 0x0000000000aec22b in tree_ssa_dominator_optimize () at /tmp/hpautotest-gcc1/gcc/gcc/tree-ssa-dom.c:709 #12 0x00000000008dabbb in execute_one_pass (pass=0x1377160) at /tmp/hpautotest-gcc1/gcc/gcc/passes.c:2064 #13 0x00000000008dada9 in execute_pass_list (pass=0x1377160) at /tmp/hpautotest-gcc1/gcc/gcc/passes.c:2119 #14 0x00000000008dadca in execute_pass_list (pass=0x12f0ba0) at /tmp/hpautotest-gcc1/gcc/gcc/passes.c:2120 #15 0x0000000000a56d01 in tree_rest_of_compilation (fndecl=0x7ffff7f74800) at /tmp/hpautotest-gcc1/gcc/gcc/tree-optimize.c:420 #16 0x0000000000557390 in cgraph_expand_function (node=0x7ffff7f7f120) at /tmp/hpautotest-gcc1/gcc/gcc/cgraphunit.c:1805 #17 0x000000000055754f in cgraph_expand_all_functions () at /tmp/hpautotest-gcc1/gcc/gcc/cgraphunit.c:1864 #18 0x0000000000557ca1 in cgraph_optimize () at /tmp/hpautotest-gcc1/gcc/gcc/cgraphunit.c:2141 #19 0x000000000048e19a in lto_main () at /tmp/hpautotest-gcc1/gcc/gcc/lto/lto.c:2868 #20 0x00000000009b0ca9 in compile_file () at /tmp/hpautotest-gcc1/gcc/gcc/toplev.c:565 #21 0x00000000009b2fa3 in do_compile () at /tmp/hpautotest-gcc1/gcc/gcc/toplev.c:1925 #22 0x00000000009b311a in toplev_main (argc=17, argv=0x7fffffffe008) at /tmp/hpautotest-gcc1/gcc/gcc/toplev.c:2001 #23 0x0000000000490f90 in main (argc=17, argv=0x7fffffffe008) at /tmp/hpautotest-gcc1/gcc/gcc/main.c:36 HTH!
(gdb) bt #0 0x000000000078bae8 in fold_nonarray_ctor_reference (type=0x7ffff7ece5e8, ctor=0x7ffff7f8dab0, offset=0, size=32) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:2834 can you show what ctor is here? Thus, debug_tree (ctor)?
(In reply to comment #3) > can you show what ctor is here? Thus, debug_tree (ctor)? Program received signal SIGSEGV, Segmentation fault. 0x000000000078bae8 in fold_nonarray_ctor_reference (type=0x7ffff7ece5e8, ctor=0x7ffff7f8dab0, offset=0, size=32) at /tmp/hpautotest-gcc1/gcc/gcc/gimple-fold.c:2834 2834 tree byte_offset = DECL_FIELD_OFFSET (cfield); Missing separate debuginfos, use: debuginfo-install glibc-2.11.1-1.x86_64 (gdb) p type $1 = (tree) 0x7ffff7ece5e8 (gdb) pt <integer_type 0x7ffff7ece5e8 int public SI size <integer_cst 0x7ffff7ec5b20 type <integer_type 0x7ffff7ece0a8 bitsizetype> constant 32> unit size <integer_cst 0x7ffff7ec5b40 type <integer_type 0x7ffff7ece000 sizetype> constant 4> align 8 symtab 0 alias set 2 canonical type 0x7ffff7ece5e8 precision 32 min <integer_cst 0x7ffff7ec5e40 -2147483648> max <integer_cst 0x7ffff7ec5e60 2147483647> pointer_to_this <pointer_type 0x7ffff7edc2a0>> (gdb) p ctor $2 = (tree) 0x7ffff7f8dab0 (gdb) pt <constructor 0x7ffff7f8dab0 type <vector_type 0x7ffff7f7d0a8 vecint type <integer_type 0x7ffff7ece5e8 int public SI size <integer_cst 0x7ffff7ec5b20 constant 32> unit size <integer_cst 0x7ffff7ec5b40 constant 4> align 8 symtab 0 alias set 2 canonical type 0x7ffff7ece5e8 precision 32 min <integer_cst 0x7ffff7ec5e40 -2147483648> max <integer_cst 0x7ffff7ec5e60 2147483647> pointer_to_this <pointer_type 0x7ffff7edc2a0>> DI size <integer_cst 0x7ffff7ec5fa0 constant 64> unit size <integer_cst 0x7ffff7ec5fc0 constant 8> align 64 symtab 0 alias set -1 canonical type 0x7ffff7f7d150 nunits 2 pointer_to_this <pointer_type 0x7ffff7f7d5e8>> constant lngt 2 val <integer_cst 0x7ffff7f75a80 type <integer_type 0x7ffff7ece5e8 int> constant -150> val <integer_cst 0x7ffff7f75b60 type <integer_type 0x7ffff7ece5e8 int> constant -100>> (gdb)
Hm, this means we have an unfolded vector CONSTRUCTOR, we should have a VECTOR_CST here. Or the following, reproducible on x86_64 with -m32: typedef int v4si __attribute__((vector_size(16))); int x; static const v4si v = { (int)&x, 2, 3, 4 }; int foo () { return v[0]; } I have a patch. You might want to check it. Index: gcc/gimple-fold.c =================================================================== --- gcc/gimple-fold.c (revision 179505) +++ gcc/gimple-fold.c (working copy) @@ -2747,10 +2747,12 @@ fold_array_ctor_reference (tree type, tr double_int low_bound, elt_size; double_int index, max_index; double_int access_index; - tree domain_type = TYPE_DOMAIN (TREE_TYPE (ctor)); + tree domain_type = NULL_TREE; HOST_WIDE_INT inner_offset; /* Compute low bound and elt size. */ + if (TREE_CODE (ctor) == ARRAY_TYPE) + domain_type = TYPE_DOMAIN (TREE_TYPE (ctor)); if (domain_type && TYPE_MIN_VALUE (domain_type)) { /* Static constructors for variably sized objects makes no sense. */ @@ -2917,7 +2919,8 @@ fold_ctor_reference (tree type, tree cto if (TREE_CODE (ctor) == CONSTRUCTOR) { - if (TREE_CODE (TREE_TYPE (ctor)) == ARRAY_TYPE) + if (TREE_CODE (TREE_TYPE (ctor)) == ARRAY_TYPE + || TREE_CODE (TREE_TYPE (ctor)) == VECTOR_TYPE) return fold_array_ctor_reference (type, ctor, offset, size); else return fold_nonarray_ctor_reference (type, ctor, offset, size);
Created attachment 25411 [details] Same patch, just as an attachment, for those that want to re-use it. In testing now. Will know in 3h.
On Tue, 4 Oct 2011, hp at gcc dot gnu.org wrote: > http://gcc.gnu.org/bugzilla/show_bug.cgi?id=50609 > > --- Comment #6 from Hans-Peter Nilsson <hp at gcc dot gnu.org> 2011-10-04 15:32:22 UTC --- > Created attachment 25411 [details] > --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=25411 > Same patch, just as an attachment, for those that want to re-use it. Has a typo btw, correct version posted here: http://gcc.gnu.org/ml/gcc-patches/2011-10/msg00230.html
(In reply to comment #7) > http://gcc.gnu.org/ml/gcc-patches/2011-10/msg00230.html This patch fixed the gcc.c-torture/execute/pr23135.c regression for cris-elf. Thanks! (So did the previous version, quite uninterestingly. Neither affected the regression in PR50607.)
Author: rguenth Date: Wed Oct 5 09:31:40 2011 New Revision: 179540 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=179540 Log: 2011-10-05 Richard Guenther <rguenther@suse.de> PR tree-optimization/50609 * gimple-fold.c (fold_array_ctor_reference): Also handle vector typed constructors. (fold_ctor_reference): Dispatch to fold_array_ctor_reference for vector typed constructors. Modified: trunk/gcc/ChangeLog trunk/gcc/gimple-fold.c
Fixed.