GCC 4.9.0 ICEs on the following code. (i686 and x86_64) $ cat error.c int main (void) { int x = 0; int y = 127 | ( 128 & ( 2 * x )); return 0; } $ i686-pc-linux-gnu-gcc-4.9.0 error.c i686-pc-linux-gnu-gcc-4.9.0: internal compiler error: Segmentation fault (program cc1) 0x8053b4e execute ../../../../../gcc/gcc/gcc.c:2824 0x8053e1a do_spec_1 ../../../../../gcc/gcc/gcc.c:4616 0x80565bd process_brace_body ../../../../../gcc/gcc/gcc.c:5873 0x80565bd handle_braces ../../../../../gcc/gcc/gcc.c:5787 0x8054a2a do_spec_1 ../../../../../gcc/gcc/gcc.c:5270 0x80565bd process_brace_body ../../../../../gcc/gcc/gcc.c:5873 0x80565bd handle_braces ../../../../../gcc/gcc/gcc.c:5787 0x8054a2a do_spec_1 ../../../../../gcc/gcc/gcc.c:5270 0x805414e do_spec_1 ../../../../../gcc/gcc/gcc.c:5375 0x80565bd process_brace_body ../../../../../gcc/gcc/gcc.c:5873 0x80565bd handle_braces ../../../../../gcc/gcc/gcc.c:5787 0x8054a2a do_spec_1 ../../../../../gcc/gcc/gcc.c:5270 0x80565bd process_brace_body ../../../../../gcc/gcc/gcc.c:5873 0x80565bd handle_braces ../../../../../gcc/gcc/gcc.c:5787 0x8054a2a do_spec_1 ../../../../../gcc/gcc/gcc.c:5270 0x80565bd process_brace_body ../../../../../gcc/gcc/gcc.c:5873 0x80565bd handle_braces ../../../../../gcc/gcc/gcc.c:5787 0x8054a2a do_spec_1 ../../../../../gcc/gcc/gcc.c:5270 0x80565bd process_brace_body ../../../../../gcc/gcc/gcc.c:5873 0x80565bd handle_braces ../../../../../gcc/gcc/gcc.c:5787 Please submit a full bug report, with preprocessed source if appropriate. Please include the complete backtrace with any bug report. See <http://gcc.gnu.org/bugs.html> for instructions. $ i686-pc-linux-gnu-gcc-4.9.0 -v Using built-in specs. COLLECT_GCC=i686-pc-linux-gnu-gcc-4.9.0 COLLECT_LTO_WRAPPER=/usr/local/i686-tools/gcc-4.9.0/libexec/gcc/i686-pc-linux-gnu/4.9.0/lto-wrapper Target: i686-pc-linux-gnu Configured with: ../../../../gcc/configure --prefix=/usr/local/i686-tools/gcc-4.9.0/ --with-gmp=/usr/local/gmp-5.1.1/ --with-mpfr=/usr/local/mpfr-3.1.2/ --with-mpc=/usr/local/mpc-1.0.1/ --disable-multilib --disable-nls --enable-languages=c Thread model: posix gcc version 4.9.0 20130805 (experimental) (GCC)
Ugh. Confirmed.
FWIW, also segfaults on arm-none-eabi. gdb says: fold_binary_loc (loc=787, code=BIT_AND_EXPR, type=0x7ffff6eba5e8, op0=0x7ffff7052488, op1=0x7ffff6de6280)
Started with r187280.
Another testcases: int bar (int i) { return 1 | ((i * 2) & 254); } int foo (int i) { return 1 | ((i * 2) & 255); }
(In reply to Marek Polacek from comment #4) > Another testcases: > > int > bar (int i) > { > return 1 | ((i * 2) & 254); > } > > int > foo (int i) > { > return 1 | ((i * 2) & 255); > } This happens for any value of the RHS of the AND that is >= 128. A stack overflow occurs because fold_binary_loc keeps getting called, but op1, which is supposed to be the result of maksing the RHS with the NOT of the 2 in (i * 2) is set to something else. Now investigating...
Well, for (i * 2) & 128 the BIT_AND_EXPR case doesn't do anything, but then we get into BIT_IOR_EXPR case, here the "Canonicalize (X & C1) | C2." code changes that into (i * 2) & 255, then in BIT_AND_EXPR we drop the zero bits, so we get (i * 2) & 254, but then it gets canonicalized into (i * 2) & 255 again and so on and on, then we overflow.
Kyrylo, do you plan to work on this? If that's the case, please assign the bug to yourself.
Mine.
Proposed patch posted at: http://gcc.gnu.org/ml/gcc-patches/2013-08/msg00361.html
Author: ktkachov Date: Tue Sep 17 13:29:41 2013 New Revision: 202652 URL: http://gcc.gnu.org/viewcvs?rev=202652&root=gcc&view=rev Log: [gcc/] 2013-09-17 Kyrylo Tkachov <kyrylo.tkachov@arm.com> PR tree-optimization/58088 * fold-const.c (mask_with_trailing_zeros): New function. (fold_binary_loc): Make sure we don't recurse infinitely when the X in (X & C1) | C2 is a tree of the form (Y * K1) & K2. Use mask_with_trailing_zeros where appropriate. [gcc/testsuite] 2013-09-17 Kyrylo Tkachov <kyrylo.tkachov@arm.com> PR tree-optimization/58088 * gcc.c-torture/compile/pr58088.c: New test. Added: trunk/gcc/testsuite/gcc.c-torture/compile/pr58088.c Modified: trunk/gcc/ChangeLog trunk/gcc/fold-const.c trunk/gcc/testsuite/ChangeLog
Author: ktkachov Date: Tue Sep 17 13:59:42 2013 New Revision: 202653 URL: http://gcc.gnu.org/viewcvs?rev=202653&root=gcc&view=rev Log: [gcc/] 2013-09-17 Kyrylo Tkachov <kyrylo.tkachov@arm.com> PR tree-optimization/58088 * fold-const.c (mask_with_trailing_zeros): New function. (fold_binary_loc): Make sure we don't recurse infinitely when the X in (X & C1) | C2 is a tree of the form (Y * K1) & K2. Use mask_with_trailing_zeros where appropriate. [gcc/testsuite/] 2013-09-17 Kyrylo Tkachov <kyrylo.tkachov@arm.com> PR tree-optimization/58088 * gcc.c-torture/compile/pr58088.c: New test. Added: branches/gcc-4_8-branch/gcc/testsuite/gcc.c-torture/compile/pr58088.c Modified: branches/gcc-4_8-branch/gcc/ChangeLog branches/gcc-4_8-branch/gcc/fold-const.c branches/gcc-4_8-branch/gcc/testsuite/ChangeLog
Fixed on trunk and 4.8 branch.
*** Bug 58617 has been marked as a duplicate of this bug. ***