[Bug target/32893] zlib segfault in inflate_table() compiled w/ -O -msse2 ftree-vectorize
dirtyepic at gentoo dot org
gcc-bugzilla@gcc.gnu.org
Sun Sep 23 06:00:00 GMT 2007
------- Comment #14 from dirtyepic at gentoo dot org 2007-09-23 05:59 -------
Created an attachment (id=14246)
--> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=14246&action=view)
inftrees.c
this is the testcase from bug #25413. with -O2 -msse2 -ftree-vectorize, i get
this in gcc-4.2.0:
inftrees.o: file format elf32-i386
Disassembly of section .text:
00000000 <inflate_table>:
0: 55 push %ebp
1: 89 e5 mov %esp,%ebp
3: 53 push %ebx
4: 83 ec 24 sub $0x24,%esp
7: 8b 5d 0c mov 0xc(%ebp),%ebx
a: 8b 4d 10 mov 0x10(%ebp),%ecx
d: 66 0f ef c0 pxor %xmm0,%xmm0
11: 66 0f 7f 45 d8 movdqa %xmm0,-0x28(%ebp)
16: 66 0f 7f 45 e8 movdqa %xmm0,-0x18(%ebp)
1b: 85 c9 test %ecx,%ecx
1d: 74 16 je 35 <inflate_table+0x35>
1f: ba 00 00 00 00 mov $0x0,%edx
24: 0f b7 04 53 movzwl (%ebx,%edx,2),%eax
28: 66 83 44 45 d8 01 addw $0x1,-0x28(%ebp,%eax,2)
2e: 83 c2 01 add $0x1,%edx
31: 39 ca cmp %ecx,%edx
33: 75 ef jne 24 <inflate_table+0x24>
35: b8 00 00 00 00 mov $0x0,%eax
3a: 8d 55 d8 lea -0x28(%ebp),%edx
3d: 66 83 7c 42 1e 00 cmpw $0x0,0x1e(%edx,%eax,2)
43: 75 08 jne 4d <inflate_table+0x4d>
45: 83 e8 01 sub $0x1,%eax
48: 83 f8 f1 cmp $0xfffffff1,%eax
4b: 75 f0 jne 3d <inflate_table+0x3d>
4d: 83 c4 24 add $0x24,%esp
50: 5b pop %ebx
51: 5d pop %ebp
52: c3 ret
forcing alignment as in comment #5 results in:
inftrees-align.o: file format elf32-i386
Disassembly of section .text:
00000000 <inflate_table>:
0: 55 push %ebp
1: 89 e5 mov %esp,%ebp
3: 53 push %ebx
4: 83 ec 24 sub $0x24,%esp
7: 8b 5d 0c mov 0xc(%ebp),%ebx
a: 8b 4d 10 mov 0x10(%ebp),%ecx
d: b8 01 00 00 00 mov $0x1,%eax
12: 8d 55 d8 lea -0x28(%ebp),%edx
15: 66 c7 44 42 fe 00 00 movw $0x0,-0x2(%edx,%eax,2)
1c: 83 c0 01 add $0x1,%eax
1f: 83 f8 11 cmp $0x11,%eax
22: 75 f1 jne 15 <inflate_table+0x15>
24: 85 c9 test %ecx,%ecx
26: 74 16 je 3e <inflate_table+0x3e>
28: ba 00 00 00 00 mov $0x0,%edx
2d: 0f b7 04 53 movzwl (%ebx,%edx,2),%eax
31: 66 83 44 45 d8 01 addw $0x1,-0x28(%ebp,%eax,2)
37: 83 c2 01 add $0x1,%edx
3a: 39 ca cmp %ecx,%edx
3c: 75 ef jne 2d <inflate_table+0x2d>
3e: b8 00 00 00 00 mov $0x0,%eax
43: 8d 55 d8 lea -0x28(%ebp),%edx
46: 66 83 7c 42 1e 00 cmpw $0x0,0x1e(%edx,%eax,2)
4c: 75 08 jne 56 <inflate_table+0x56>
4e: 83 e8 01 sub $0x1,%eax
51: 83 f8 f1 cmp $0xfffffff1,%eax
54: 75 f0 jne 46 <inflate_table+0x46>
56: 83 c4 24 add $0x24,%esp
59: 5b pop %ebx
5a: 5d pop %ebp
5b: c3 ret
there's a gdb log for the segfault in firefox @
http://gcc.gnu.org/bugzilla/attachment.cgi?id=13966
i'll try to find something a little smaller than mozilla that can demonstrate
this problem since i still suck at testcases.
FWIW, i've been running GCC-4.2 svn with the patch at
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=25413#c17 for a couple months now
and have built a sizable chunk of our package repository with -ftree-vectorize
enabled several times over and have yet to run into any trouble whatsoever.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32893
More information about the Gcc-bugs
mailing list