Summary: | [4.4 Regression] genautomata segfaults when -O2 is enabled | ||
---|---|---|---|
Product: | gcc | Reporter: | Zhang Le <r0bertz> |
Component: | target | Assignee: | Richard Sandiford <rsandifo> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | ebotcazou, gcc-bugs, kumba |
Priority: | P3 | Keywords: | build, wrong-code |
Version: | 4.4.0 | ||
Target Milestone: | 4.4.0 | ||
Host: | mipsel-unknown-linux-gnu | Target: | mipsel-unknown-linux-gnu |
Build: | mipsel-unknown-linux-gnu | Known to work: | |
Known to fail: | Last reconfirmed: | 2008-11-15 20:42:11 |
Description
Zhang Le
2008-11-07 15:32:35 UTC
(In reply to comment #0) > The problem with output_translate_vect_name is this function has two calls to > fprintf, and they are called for the first time in this program. Another thing I don't understand is why fprintf elsewhere is replaced with fwrite including in the output_range_type function, but it is still itself in output_translate_vect_name. I have done an experiment. Please take a look at the beginning of output_translate_vect_name function: 0x0040647c <output_translate_vect_name+0>: addiu sp,sp,-8 0x00406480 <output_translate_vect_name+4>: lw v0,4(a1) 0x00406484 <output_translate_vect_name+8>: sw gp,4(sp) 0x00406488 <output_translate_vect_name+12>: lui gp,0x44 0x0040648c <output_translate_vect_name+16>: beqz v0,0x4064b0 <output_translate_vect_name+52> 0x00406490 <output_translate_vect_name+20>: addiu gp,gp,4240 0x00406494 <output_translate_vect_name+24>: lw t9,-32532(gp) 0x00406498 <output_translate_vect_name+28>: lui a1,0x42 0x0040649c <output_translate_vect_name+32>: lw gp,4(sp) 0x004064a0 <output_translate_vect_name+36>: lw a2,0(v0) 0x004064a4 <output_translate_vect_name+40>: addiu a1,a1,-8008 0x004064a8 <output_translate_vect_name+44>: jr t9 If I replace the following instruction with nop, then the genautomata will succeed. 0x0040649c <output_translate_vect_name+32>: lw gp,4(sp) I ran into this too. The problem flag is -foptimize-sibling-calls. You can pass that with -O1 to trigger the bug, but not with -O0. Some other optimization in -O1 seems to be mixing with this one and causing the flaw. Ran into this on mips-unknown-linux-gnu, btw. Mips-specific maybe? liblbxutil-1.0.1 package could be used to reproduce this bug. I will investigate this later when i have time. and sed-4.1.5, too. I am trying to find which specific flag or flags when used together with -foptimize-sibling-calls could trigger this problem. As the first step I tried to find a set of flags used together with -O0 and -foptimize-sibling-calls could trigger this problem. Presumably this set of flags should be those disabled at -O0 but enabled at -O1. So I did the following to find the differences: gcc -c -Q -O0 --help=optimizers > /tmp/O0-opts gcc -c -Q -O1 --help=optimizers > /tmp/O1-opts diff /tmp/O0-opts /tmp/O1-opts | grep enabled | cut -d " " -f 4 Then I used these flags with -O0 and -foptimize-sibling-calls together, but this didn't trigger the bug. Is there anything I have overlooked here? > Then I used these flags with -O0 and -foptimize-sibling-calls together, but
> this didn't trigger the bug.
>
> Is there anything I have overlooked here?
Yes, not all optimizations are controlled by a specific flag, as explained in
the manual.
I'll try to look at this tomorrow. The code in comment #1 is certainly wrong: the store at <output_translate_vect_name+8> is supposed come after the GP addiu at <output_translate_vect_name+20>. With that fixed, the function should work as expected. I'm guessing this is a scheduling bug, but time will tell. Subject: Bug 38052 Author: rsandifo Date: Sun Nov 16 20:25:40 2008 New Revision: 141925 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=141925 Log: gcc/ PR target/38052 * config/mips/mips.c (machine_function): Update the comment above global_pointer. (mips_global_pointer): Use INVALID_REGNUM rather than 0 to indicate that a function doesn't need a global pointer. (mips_current_loadgp_style): Update accordingly. (mips_restore_gp): Likewise. (mips_output_cplocal): Likewise. (mips_expand_prologue): Likewise. Modified: trunk/gcc/ChangeLog trunk/gcc/config/mips/mips.c Subject: Bug 38052 Author: rsandifo Date: Sun Nov 16 20:31:13 2008 New Revision: 141926 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=141926 Log: gcc/ PR target/38052 * config/mips/mips.c (mips_cfun_call_saved_reg_p) (mips_cfun_might_clobber_call_saved_reg_p): New functions, split out from... (mips_save_reg_p): ...here. Always consult TARGET_CALL_SAVED_GP rather than call_really_used_regs when handling $gp. Modified: trunk/gcc/ChangeLog trunk/gcc/config/mips/mips.c Fixed on mainline. |