This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug jit/64722] New: On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: "dmalcolm at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Thu, 22 Jan 2015 02:13:27 +0000
- Subject: [Bug jit/64722] New: On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- Auto-submitted: auto-generated
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64722
Bug ID: 64722
Summary: On 2nd time libgccjit is run in-process on i686,
generated code clobbers %ebx register
Product: gcc
Version: 5.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: jit
Assignee: dmalcolm at gcc dot gnu.org
Reporter: dmalcolm at gcc dot gnu.org
Build: i686-pc-linux-gnu
I'm seeing a crash on i686 for various test cases, each
within "main", getting ready to begin the *3rd* iteration of the test.
FAIL: test-array-as-pointer.c.exe killed: 37097 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
FAIL: test-calling-external-function.c.exe killed: 37185 exp8 0 0 CHILDKILLED
SIGSEGV {segmentation violation}
FAIL: test-combination.c.exe killed: 37273 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
FAIL: test-expressions.c.exe killed: 38499 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
FAIL: test-fibonacci.c.exe killed: 38587 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
FAIL: test-functions.c.exe killed: 38627 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
FAIL: test-hello-world.c.exe killed: 38695 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
FAIL: test-nested-contexts.c.exe killed: 38831 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
FAIL: test-operator-overloading.cc.exe killed: 38919 exp8 0 0 CHILDKILLED
SIGSEGV {segmentation violation}
FAIL: test-quadratic.c.exe killed: 38959 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
FAIL: test-quadratic.cc.exe killed: 39000 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
FAIL: test-reading-struct.c.exe killed: 39040 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
FAIL: test-threads.c.exe killed: 39176 exp8 0 0 CHILDKILLED SIGSEGV
{segmentation violation}
All of them crash here in main, trying to read "argv", apparently something has
trashed %ebx:
(gdb) disassemble main
Dump of assembler code for function main:
0x080499c0 <+0>: lea 0x4(%esp),%ecx
0x080499c4 <+4>: and $0xfffffff0,%esp
0x080499c7 <+7>: pushl -0x4(%ecx)
0x080499ca <+10>: push %ebp
0x080499cb <+11>: mov %esp,%ebp
0x080499cd <+13>: push %ebx
0x080499ce <+14>: push %ecx
0x080499cf <+15>: sub $0x10,%esp
0x080499d2 <+18>: mov %ecx,%ebx
0x080499d4 <+20>: movl $0x1,-0xc(%ebp)
0x080499db <+27>: jmp 0x8049a25 <main+101>
=> 0x080499dd <+29>: mov 0x4(%ebx),%eax
0x080499e0 <+32>: mov (%eax),%eax
0x080499e2 <+34>: sub $0xc,%esp
0x080499e5 <+37>: push %eax
0x080499e6 <+38>: call 0x8049982 <extract_progname>
0x080499eb <+43>: add $0x10,%esp
0x080499ee <+46>: sub $0x8,%esp
0x080499f1 <+49>: push $0x5
0x080499f3 <+51>: pushl -0xc(%ebp)
0x080499f6 <+54>: push %eax
0x080499f7 <+55>: push $0x804a06b
0x080499fc <+60>: push $0x400
0x08049a01 <+65>: push $0x804c340
0x08049a06 <+70>: call 0x8048fc0 <snprintf@plt>
0x08049a0b <+75>: add $0x20,%esp
0x08049a0e <+78>: mov 0x4(%ebx),%eax
0x08049a11 <+81>: mov (%eax),%eax
0x08049a13 <+83>: sub $0x8,%esp
0x08049a16 <+86>: push $0x0
0x08049a18 <+88>: push %eax
0x08049a19 <+89>: call 0x80498be <test_jit>
0x08049a1e <+94>: add $0x10,%esp
0x08049a21 <+97>: addl $0x1,-0xc(%ebp)
0x08049a25 <+101>: cmpl $0x5,-0xc(%ebp)
0x08049a29 <+105>: jle 0x80499dd <main+29>
0x08049a2b <+107>: call 0x8049335 <totals>
0x08049a30 <+112>: mov $0x0,%eax
0x08049a35 <+117>: lea -0x8(%ebp),%esp
0x08049a38 <+120>: pop %ecx
0x08049a39 <+121>: pop %ebx
0x08049a3a <+122>: pop %ebp
0x08049a3b <+123>: lea -0x4(%ecx),%esp
0x08049a3e <+126>: ret
End of assembler dump.
Investigating test-hello-world.c and the generated "hello_world":
(gdb) break hello_world
On iteration 1:
(gdb) disassemble hello_world
Dump of assembler code for function hello_world:
0xf671a510 <+0>: push %ebp
0xf671a511 <+1>: mov %esp,%ebp
0xf671a513 <+3>: push %ebx
=> 0xf671a514 <+4>: sub $0x4,%esp
0xf671a517 <+7>: call 0xf671a53d <__x86.get_pc_thunk.ax>
0xf671a51c <+12>: add $0x1ae4,%eax
0xf671a521 <+17>: sub $0x8,%esp
0xf671a524 <+20>: pushl 0x8(%ebp)
0xf671a527 <+23>: lea -0x1aa8(%eax),%edx
0xf671a52d <+29>: push %edx
0xf671a52e <+30>: mov %eax,%ebx
0xf671a530 <+32>: call 0xf671a3b0 <printf@plt>
0xf671a535 <+37>: add $0x10,%esp
0xf671a538 <+40>: mov -0x4(%ebp),%ebx
0xf671a53b <+43>: leave
0xf671a53c <+44>: ret
End of assembler dump.
but on iteration 2:
(gdb) cont
ITERATION 2
Breakpoint 1, 0xf671a516 in hello_world (name=0x804a35a "world") from
/tmp/libgccjit-9zApb1/fake.so
(gdb) disassemble
Dump of assembler code for function hello_world:
0xf671a510 <+0>: push %ebp
0xf671a511 <+1>: mov %esp,%ebp
0xf671a513 <+3>: sub $0x8,%esp
=> 0xf671a516 <+6>: call 0xf671a539 <__x86.get_pc_thunk.ax>
0xf671a51b <+11>: add $0x1ae5,%eax
0xf671a520 <+16>: sub $0x8,%esp
0xf671a523 <+19>: pushl 0x8(%ebp)
0xf671a526 <+22>: lea -0x1aac(%eax),%edx
0xf671a52c <+28>: push %edx
0xf671a52d <+29>: mov %eax,%ebx
0xf671a52f <+31>: call 0xf671a3b0 <printf@plt>
0xf671a534 <+36>: add $0x10,%esp
0xf671a537 <+39>: leave
0xf671a538 <+40>: ret
End of assembler dump.
If I'm reading this right, iteration 1's generated "hello_world" saves and
restores %ebx, but iteration 2's version of it is clobbering %ebx.
- Follow-Ups:
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: dmalcolm at gcc dot gnu.org
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: dmalcolm at gcc dot gnu.org
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: jakub at gcc dot gnu.org
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: enkovich.gnu at gmail dot com
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: jakub at gcc dot gnu.org
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: jakub at gcc dot gnu.org
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: dmalcolm at gcc dot gnu.org
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: enkovich.gnu at gmail dot com
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: dmalcolm at gcc dot gnu.org
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: dmalcolm at gcc dot gnu.org
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: enkovich.gnu at gmail dot com
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: dmalcolm at gcc dot gnu.org
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: dmalcolm at gcc dot gnu.org
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: enkovich.gnu at gmail dot com
- [Bug jit/64722] On 2nd time libgccjit is run in-process on i686, generated code clobbers %ebx register
- From: dmalcolm at gcc dot gnu.org