User account creation filtered due to spam.

Bug 21461 - [3.4/4.0 regression] miscompilation at -O2 in 3.4.x, 4.x
Summary: [3.4/4.0 regression] miscompilation at -O2 in 3.4.x, 4.x
Status: RESOLVED DUPLICATE of bug 21920
Alias: None
Product: gcc
Classification: Unclassified
Component: rtl-optimization (show other bugs)
Version: 3.4.3
: P2 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords: wrong-code
Depends on:
Blocks:
 
Reported: 2005-05-09 06:30 UTC by Duraid Madina
Modified: 2005-07-23 22:49 UTC (History)
1 user (show)

See Also:
Host:
Target:
Build:
Known to work: 3.3.6
Known to fail:
Last reconfirmed:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Duraid Madina 2005-05-09 06:30:24 UTC
The SPASS theorem prover (see below) is miscompiled at -O2 by:

gcc version 3.4.3
gcc version 3.4.4 20050314 (prerelease) (Debian 3.4.3-13)
gcc version 4.0.0 (release)
gcc version 4.1.0 20050509 (experimental)

it is compiled correctly by:

gcc version 3.3.6 (Debian 1:3.3.6-3)
gcc version 3.3.5
Intel(R) C Itanium(R) Compiler for Itanium(R)-based applications Version 8.1
LLVM

and the problematic compilers mentioned above at -O1.

TO REPRODUCE:

1) find yourself an ia64 box
2) unpack http://kinoko.c.u-tokyo.ac.jp/~duraid/spassbug.tgz (sorry)
3) make (you'll want to change the "gcc-3.4 -O2" that appears in the Makefile)
4) ./a.out bug_trigger  (this segfaults fairly rapidly, it should run to
completion in ~20s on an itanium 2 system)
Comment 1 Duraid Madina 2005-05-09 06:44:46 UTC
oops, my mistake. this bug appears on x86 too, at least:

gcc version 3.4.4 20050314 (prerelease) (Debian 3.4.3-13)
fails (at -O2), but:

gcc version 3.3.6 (Debian 1:3.3.6-3)
works. Perhaps this is a bug in SPASS, but the program does
appear to behave as far as valgrind is concerned. Not sure what
sort of legal optimization could break a program in this way. I'm pretty
sure there's no floating-point code affecting control flow here.
Comment 2 Serge Belyshev 2005-05-09 11:30:42 UTC
Could you please post backtrace of segfault? with both gcc-4.0 and gcc-3.4 if it
is different.
Comment 3 Andrew Pinski 2005-05-09 12:01:04 UTC
Does -fno-strict-aliasing fix the problem?

Also is there any warnings from -Wstrict-aliasing?

If so this might not be a bug in gcc.
Comment 4 Duraid Madina 2005-05-09 12:20:24 UTC
(In reply to comment #3)
> Does -fno-strict-aliasing fix the problem?

Yes, oops.
 
> Also is there any warnings from -Wstrict-aliasing?

No.
 
> If so this might not be a bug in gcc.

Indeed. Sorry!
Comment 5 Duraid Madina 2005-05-09 12:24:57 UTC
Actually, I shouldn't have closed this so hastily. The code _is_ pretty dirty
but I'm not sure GCC is really doing something legal at -O2.
Comment 6 Serge Belyshev 2005-05-09 13:23:24 UTC
yes, please do not close this bug as i can reproduce it even with
-fno-strict-aliasing, but it seems it breaks at least in four files
(dfgparser.c, list.c, sharing.c, subst.c) so it could take some time to reduce.

I'd like to see your backtrace of segfault to compare with.
(compile it with -O2 -g, and do gdb --args ./a.out bug_trigger and then 'run'
and 'bt')
Comment 7 Duraid Madina 2005-05-09 13:41:18 UTC
Building on ia64 with the 3.4.4 compiler mentioned above, I get:
 
#0  red_ReduceInput (Search=0x60000000000ac338, ClauseList=0x6000000000112e18)
    at clause.h:525
#1  0x400000000010dd90 in top_ProofSearch (Search=0x60000000000ac338,
    ProblemClauses=0x6000000000123f68, InputFlags=0x60000000000cd948,
    UserPrecedence=0x0, BoundApplied=0x60000fffffcf3768) at top.c:913
#2  0x4000000000111350 in main (argc=2, argv=0x0) at top.c:1457

Comment 8 Serge Belyshev 2005-05-09 17:45:50 UTC
This code:

memory.h:413:
    *(POINTER *)Freepointer  = memory_ARRAY[Size]->free;
    memory_ARRAY[Size]->free = Freepointer;

is invalid, because you are changing object of some type via pointer of type
(void **). Either it should be rewritten using unions, or -fno-strict-aliasing
option should be used. More on this here:
http://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html#index-fstrict_002daliasing-524
Comment 9 Andrew Pinski 2005-06-05 09:17:54 UTC
Reopening to ...
Comment 10 Andrew Pinski 2005-06-05 09:18:15 UTC
Mark as a dup of bug 21920.

*** This bug has been marked as a duplicate of 21920 ***