[Bug middle-end/59470] [4.8 Regression] libstdc++ miscompilation after r205709
jakub at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Wed Dec 11 18:43:00 GMT 2013
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59470
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |vmakarov at gcc dot gnu.org
--- Comment #9 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
So, it looks like a register allocation bug. We have in -fdump-rtl-ira-slim
IMHO correct:
92: {sp:SI=sp:SI-0x30;clobber flags:CC;}
REG_UNUSED flags:CC
94: {r165:SI=sp:SI+0x2f;clobber flags:CC;}
REG_UNUSED flags:CC
95: NOTE_INSN_DELETED
96: {r165:SI=r165:SI&0xfffffffffffffff0;clobber flags:CC;}
REG_UNUSED flags:CC
...
152: {r175:SI=r165:SI-r74:SI;clobber flags:CC;}
REG_DEAD r165:SI
REG_UNUSED flags:CC
153: r59:SI=r175:SI+0x14
REG_DEAD r175:SI
...
164: {sp:SI=sp:SI-r185:SI;clobber flags:CC;}
REG_DEAD r185:SI
REG_UNUSED flags:CC
166: {r189:SI=sp:SI+0x2f;clobber flags:CC;}
REG_UNUSED flags:CC
167: NOTE_INSN_DELETED
168: {r189:SI=r189:SI&0xfffffffffffffff0;clobber flags:CC;}
REG_UNUSED flags:CC
170: {r82:SI=r189:SI+0x2;clobber flags:CC;}
REG_DEAD r189:SI
REG_UNUSED flags:CC
...
174: [sp:SI+0x1c]=r190:SI
REG_DEAD r190:SI
REG_EQUAL frame:SI-0x8
175: [sp:SI+0x18]=r59:SI
REG_DEAD r59:SI
176: [sp:SI+0x14]=r82:SI
177: [sp:SI+0x10]=r139:SI
178: r191:SI=sign_extend([r124:SI+0x25])
REG_EQUIV [sp:SI+0xc]
179: [sp:SI+0xc]=r191:SI
REG_DEAD r191:SI
180: [sp:SI+0x8]=r85:SI
REG_DEAD r85:SI
181: [sp:SI+0x4]=r86:SI
REG_DEAD r86:SI
182: [sp:SI]=r137:SI
183: call
[`_ZNKSt7num_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE12_M_group_intEPKcjcRSt8ios_basePcS9_Ri']
argc:0x20
Note that r165 pseudo is live across call to another function which is in
between insn 96 and insn 152. In -fdump-rtl-reload-slim we have incorrect:
92: {sp:SI=sp:SI-0x30;clobber flags:CC;}
94: {dx:SI=sp:SI+0x2f;clobber flags:CC;}
95: NOTE_INSN_DELETED
96: {dx:SI=dx:SI&0xfffffffffffffff0;clobber flags:CC;}
...
441: [bp:SI-0x2c]=dx:SI
REG_DEAD dx:SI
...
442: dx:SI=[bp:SI-0x2c]
152: {dx:SI=dx:SI-cx:SI;clobber flags:CC;}
REG_DEAD dx:SI
153: ax:SI=dx:SI+0x14
REG_DEAD dx:SI
461: [bp:SI-0x2c]=ax:SI
REG_DEAD ax:SI
...
164: {sp:SI=sp:SI-ax:SI;clobber flags:CC;}
REG_DEAD ax:SI
166: {ax:SI=sp:SI+0x2f;clobber flags:CC;}
167: NOTE_INSN_DELETED
168: {ax:SI=ax:SI&0xfffffffffffffff0;clobber flags:CC;}
170: {ax:SI=ax:SI+0x2;clobber flags:CC;}
REG_DEAD ax:SI
423: dx:SI=ax:SI
REG_DEAD ax:SI
...
174: [sp:SI+0x1c]=cx:SI
REG_DEAD cx:SI
REG_EQUAL frame:SI-0x8
460: dx:SI=[bp:SI-0x2c]
175: [sp:SI+0x18]=dx:SI
REG_DEAD dx:SI
444: [bp:SI-0x2c]=dx:SI
425: dx:SI=dx:SI
REG_DEAD dx:SI
176: [sp:SI+0x14]=dx:SI
REG_DEAD dx:SI
177: [sp:SI+0x10]=si:SI
178: dx:SI=sign_extend([di:SI+0x25])
REG_EQUIV [sp:SI+0xc]
179: [sp:SI+0xc]=dx:SI
REG_DEAD dx:SI
180: [sp:SI+0x8]=ax:SI
REG_DEAD ax:SI
426: cx:SI=[bp:SI-0x54]
181: [sp:SI+0x4]=cx:SI
REG_DEAD cx:SI
427: cx:SI=[bp:SI-0x48]
182: [sp:SI]=cx:SI
REG_DEAD cx:SI
183: call
[`_ZNKSt7num_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE12_M_group_intEPKcjcRSt8ios_basePcS9_Ri']
argc:0x20
The bug I see is in the 460/444 reloads for insn 175. The correct value that
insn 176 is supposed to store is live in edx register iup to insn 174,
but LRA? decides to throw away it's value when reloading insn 175 and loads
there the value of former pseudo r59 from [bp-0x2c], stores that correctly into
[sp+0x18] and saves to [bp-0x2c] again (why? the value hasn't really changed).
But the old edx (pseudo r82) is lost. Vlad, can you please have a look?
More information about the Gcc-bugs
mailing list