When the attached correct code is compiled with gcc 3.2 or 3.2.1, with -mcpu=i386 (anything up to -mcpu=i586 will reproduce it), and -O2 optimisation level (both lower and higher optimisation levels do not produce the bug), it segfaults. The assembly code produced attempts to read from memory location 0x00000001. Even modifications as small as removing the function call that does nothing will stop the bug from happening. Release: gcc version 3.2.1 Environment: Reading specs from /home/kevin/lib/gcc-lib/i686-pc-linux-gnu/3.2.1/specs Configured with: ./configure --prefix=/home/kevin Thread model: posix gcc version 3.2.1 How-To-Repeat: gcc -Wall -O2 -mcpu=i386 -g gcc-bug.c -o gcc-bug [kevin@indy cutdown]$ gdb ./gcc-bug ... Program received signal SIGSEGV, Segmentation fault. 0x0804835a in main (argc=1, argv=0xbffffad4) at gcc-bug.c:12 12 ptr++;
Fix: Compiling with -fno-strength-reduce -O2 fixes the problem, compiling with -O1 or lower fixes the problem, compiling with -O2 -mcpu=i686 or higher fixes the problem. The latest gcc 3.3 snapshot does not exhibit the problem.
State-Changed-From-To: open->feedback State-Changed-Why: For some reason, the attachment got lost. Could you possibly provide it again? Thanks, Paolo.
State-Changed-From-To: feedback->analyzed State-Changed-Why: Confirmed. The whole 3.2 branch is affected (also with -mcpu=i486 and i586).
Responsible-Changed-From-To: unassigned->ebotcazou Responsible-Changed-Why: Loop optimizer bug. Fix in progress.
From: caf@guarana.org To: paolo@gcc.gnu.org, gcc-bugs@gcc.gnu.org, gcc-prs@gcc.gnu.org, kevin@sylandro.com, nobody@gcc.gnu.org, gcc-gnats@gcc.gnu.org Cc: Subject: Re: optimization/8988: gcc3.2 and 3.2.1 with -O2 and -mcpu=i386 generates code that segfaults Date: Thu, 19 Dec 2002 00:37:16 +1100 On Wed, Dec 18, 2002 at 12:54:39PM -0000, paolo@gcc.gnu.org wrote: > Synopsis: gcc3.2 and 3.2.1 with -O2 and -mcpu=i386 generates code that segfaults > > State-Changed-From-To: open->feedback > State-Changed-By: paolo > State-Changed-When: Wed Dec 18 04:54:38 2002 > State-Changed-Why: > For some reason, the attachment got lost. Could you possibly > provide it again? > Thanks, Paolo. > > http://gcc.gnu.org/cgi-bin/gnatsweb.pl?cmd=view%20audit-trail&database=gcc&pr=8988 Preprocessed output attached. By the way, the bad assembly that causes the crash is: .L8: leal 1(%ecx), %edx xorl %ecx, %ecx ; %ecx is 0 .p2align 2,,3 .L7: movl %edx, %eax movl %edx, -28(%ebp) leal 2(%ecx), %edx ; %edx is 2 movl %eax, %ecx movb -1(%edx), %al ; we try to read from 0x00000001 - Kevin.
From: caf@guarana.org To: paolo@gcc.gnu.org, gcc-bugs@gcc.gnu.org, gcc-prs@gcc.gnu.org, kevin@sylandro.com, nobody@gcc.gnu.org, gcc-gnats@gcc.gnu.org Cc: Subject: Re: optimization/8988: gcc3.2 and 3.2.1 with -O2 and -mcpu=i386 generates code that segfaults Date: Thu, 19 Dec 2002 00:38:19 +1100 --y0ulUmNC+osPPQO6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Dec 18, 2002 at 12:54:39PM -0000, paolo@gcc.gnu.org wrote: > Synopsis: gcc3.2 and 3.2.1 with -O2 and -mcpu=i386 generates code that segfaults > > State-Changed-From-To: open->feedback > State-Changed-By: paolo > State-Changed-When: Wed Dec 18 04:54:38 2002 > State-Changed-Why: > For some reason, the attachment got lost. Could you possibly > provide it again? > Thanks, Paolo. *Oops* :) Preprocessed output *really* attached this time. Sorry about that :) - Kevin. --y0ulUmNC+osPPQO6 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="smeg.i" # 1 "smeg.c" # 1 "<built-in>" # 1 "<command line>" # 1 "smeg.c" void next_arg(char *p1, char **p2) { } int main(int argc, char *argv[]) { char str[] = "foo { xx }"; char *ptr = str + 5; next_arg(ptr, &ptr); while (*ptr && (*ptr == 13 || *ptr == 32)) ptr++; return 0; } --y0ulUmNC+osPPQO6--
State-Changed-From-To: analyzed->closed State-Changed-Why: Fixed.
From: ebotcazou@gcc.gnu.org To: gcc-gnats@gcc.gnu.org Cc: Subject: optimization/8988 Date: 19 Dec 2002 20:27:57 -0000 CVSROOT: /cvs/gcc Module name: gcc Branch: gcc-3_2-branch Changes by: ebotcazou@gcc.gnu.org 2002-12-19 12:27:57 Modified files: gcc : ChangeLog loop.c gcc/testsuite : ChangeLog Added files: gcc/testsuite/gcc.c-torture/execute: 20021219-1.c Log message: PR optimization/8988 * loop.c (maybe_eliminate_biv): Kill REG_EQUAL notes mentioning the biv when eliminating. Patches: http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/ChangeLog.diff?cvsroot=gcc&only_with_tag=gcc-3_2-branch&r1=1.13152.2.657.2.164&r2=1.13152.2.657.2.165 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/loop.c.diff?cvsroot=gcc&only_with_tag=gcc-3_2-branch&r1=1.389.2.7.2.5&r2=1.389.2.7.2.6 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/ChangeLog.diff?cvsroot=gcc&only_with_tag=gcc-3_2-branch&r1=1.1672.2.166.2.74&r2=1.1672.2.166.2.75 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/gcc.c-torture/execute/20021219-1.c.diff?cvsroot=gcc&only_with_tag=gcc-3_2-branch&r1=NONE&r2=1.1.2.1
From: ebotcazou@gcc.gnu.org To: gcc-gnats@gcc.gnu.org Cc: Subject: optimization/8988 Date: 19 Dec 2002 20:38:07 -0000 CVSROOT: /cvs/gcc Module name: gcc Branch: gcc-3_3-branch Changes by: ebotcazou@gcc.gnu.org 2002-12-19 12:38:07 Modified files: gcc : ChangeLog loop.c gcc/testsuite : ChangeLog Added files: gcc/testsuite/gcc.c-torture/execute: 20021219-1.c Log message: PR optimization/8988 * loop.c (maybe_eliminate_biv): Kill REG_EQUAL notes mentioning the biv when eliminating. Patches: http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/ChangeLog.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=1.16114.2.7&r2=1.16114.2.8 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/loop.c.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=1.433&r2=1.433.2.1 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/ChangeLog.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=1.2261.2.3&r2=1.2261.2.4 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/gcc.c-torture/execute/20021219-1.c.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=NONE&r2=1.1.4.1
From: ebotcazou@gcc.gnu.org To: gcc-gnats@gcc.gnu.org Cc: Subject: optimization/8988 Date: 19 Dec 2002 20:47:13 -0000 CVSROOT: /cvs/gcc Module name: gcc Changes by: ebotcazou@gcc.gnu.org 2002-12-19 12:47:12 Modified files: gcc : ChangeLog loop.c gcc/testsuite : ChangeLog Added files: gcc/testsuite/gcc.c-torture/execute: 20021219-1.c Log message: PR optimization/8988 * loop.c (maybe_eliminate_biv): Kill REG_EQUAL notes mentioning the biv when eliminating. Patches: http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/ChangeLog.diff?cvsroot=gcc&r1=1.16152&r2=1.16153 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/loop.c.diff?cvsroot=gcc&r1=1.434&r2=1.435 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/ChangeLog.diff?cvsroot=gcc&r1=1.2268&r2=1.2269 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/gcc.c-torture/execute/20021219-1.c.diff?cvsroot=gcc&r1=1.1&r2=1.2