7630 – gcc 3.2 breaks on Mozilla 1.0's JS sources with -march=pentium4

Bug 7630 - gcc 3.2 breaks on Mozilla 1.0's JS sources with -march=pentium4

Summary: gcc 3.2 breaks on Mozilla 1.0's JS sources with -march=pentium4

Status:	RESOLVED FIXED

Alias:	None

Product:	gcc
Classification:	Unclassified
Component:	rtl-optimization (show other bugs)
Version:	3.2

Importance:	P3 normal
Target Milestone:	---
Assignee:	Not yet assigned to anyone

URL:
Keywords:	ice-on-valid-code

Depends on:
Blocks:

Reported:	2002-08-19 00:26 UTC by jbuhler
Modified:	2003-07-25 17:33 UTC (History)
CC List:	2 users (show)

See Also:
Host:	i686-pc-linux-gnu
Target:	i686-pc-linux-gnu
Build:	i686-pc-linux-gnu
Known to work:
Known to fail:
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description jbuhler 2002-08-19 00:26:06 UTC

	I attempted to compile Mozilla 1.0 with gcc 3.2 using the options
        '-O -march=pentium4'.  The compile crashes with ICE's on multiple
        files in the js/src directory (the Javascript implementation).
        Compiling with -march=pentium3 does not exhibit the problem,
        nor does compiling without optimization.

        The ICE's are of the form "unable to find a register to spill in
        class GENERAL_REGS" and appear to be related to the use of the
        Pentium 4's SSE instructions.  See next section for a specific,
        cut-down example.

Release:
3.2

Environment:
System: Linux guanyin 2.4.19 #2 Fri Aug 2 21:50:19 CDT 2002 i686 unknown
Architecture: i686 (Pentium 4)
host: i686-pc-linux-gnu
build: i686-pc-linux-gnu
target: i686-pc-linux-gnu
configured with: ../gcc-3.2/configure --prefix=/usr/local/gcc-3.2 --enable-languages=c,c++,f77 --enable-__cxa_atexit

How-To-Repeat:
        Build the following code "foo.cc" with options
        gcc -c -fPIC -O -march=pentium4 foo.c
        (both -O and -fPIC are required to trigger the ICE).

        This code is cut down from Mozilla 1.0's src/js/jsparse.c.  It's
        got an uninitialized variable, though I don't believe the
        original source had one (initializing 'd' removes the ICE).  
        Other ICE's happen in jsinterp.c and jsdtoa.c, but these files
        contain really huge functions that are much harder to trace.

typedef union {
    double value;
    struct {
        unsigned int lsw;
        unsigned int msw;
    } parts;
} js_ieee_double_shape_type;

#define JSDOUBLE_HI32(x)  ({js_ieee_double_shape_type sh_u;  \
                            sh_u.value = (x);                \
                            sh_u.parts.msw; })


enum JSOp {JSOP_URSH, JSOP_DIV};
struct JSParseNode {
    enum JSOp     pn_op;
    double        dval;
};

int js_FoldConstants(struct JSParseNode *pn)
{
    double d;
    
    switch (pn->pn_op) {
    case JSOP_URSH:
        d = 0;
        
    case JSOP_DIV:
        if (JSDOUBLE_HI32(d) ^ JSDOUBLE_HI32(d))
            d = 0;
        break;
        
    default:;
    }
    
    pn->dval = d;
    return 0;
}

Comment 1 jbuhler 2002-08-19 00:26:06 UTC

Fix:
	Compile without optimization, or with -march=pentium3 instead of
        -march=pentium4

Comment 2 Jan Hubicka 2002-10-17 08:49:10 UTC

State-Changed-From-To: open->closed
State-Changed-Why: Fixed by my patch commited to both mainline and branch	* reload1.c (reload_inner_reg_of_subreg): New argument output;
    	(push_reload): Update call.