From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 24991 invoked by alias); 23 Sep 2007 06:00:11 -0000 Received: (qmail 24768 invoked by uid 48); 23 Sep 2007 05:59:51 -0000 Date: Sun, 23 Sep 2007 06:00:00 -0000 Message-ID: <20070923055951.24767.qmail@sourceware.org> X-Bugzilla-Reason: CC References: Subject: [Bug target/32893] zlib segfault in inflate_table() compiled w/ -O -msse2 ftree-vectorize In-Reply-To: Reply-To: gcc-bugzilla@gcc.gnu.org To: gcc-bugs@gcc.gnu.org From: "dirtyepic at gentoo dot org" Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org X-SW-Source: 2007-09/txt/msg01895.txt.bz2 ------- Comment #14 from dirtyepic at gentoo dot org 2007-09-23 05:59 ------- Created an attachment (id=14246) --> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=14246&action=view) inftrees.c this is the testcase from bug #25413. with -O2 -msse2 -ftree-vectorize, i get this in gcc-4.2.0: inftrees.o: file format elf32-i386 Disassembly of section .text: 00000000 : 0: 55 push %ebp 1: 89 e5 mov %esp,%ebp 3: 53 push %ebx 4: 83 ec 24 sub $0x24,%esp 7: 8b 5d 0c mov 0xc(%ebp),%ebx a: 8b 4d 10 mov 0x10(%ebp),%ecx d: 66 0f ef c0 pxor %xmm0,%xmm0 11: 66 0f 7f 45 d8 movdqa %xmm0,-0x28(%ebp) 16: 66 0f 7f 45 e8 movdqa %xmm0,-0x18(%ebp) 1b: 85 c9 test %ecx,%ecx 1d: 74 16 je 35 1f: ba 00 00 00 00 mov $0x0,%edx 24: 0f b7 04 53 movzwl (%ebx,%edx,2),%eax 28: 66 83 44 45 d8 01 addw $0x1,-0x28(%ebp,%eax,2) 2e: 83 c2 01 add $0x1,%edx 31: 39 ca cmp %ecx,%edx 33: 75 ef jne 24 35: b8 00 00 00 00 mov $0x0,%eax 3a: 8d 55 d8 lea -0x28(%ebp),%edx 3d: 66 83 7c 42 1e 00 cmpw $0x0,0x1e(%edx,%eax,2) 43: 75 08 jne 4d 45: 83 e8 01 sub $0x1,%eax 48: 83 f8 f1 cmp $0xfffffff1,%eax 4b: 75 f0 jne 3d 4d: 83 c4 24 add $0x24,%esp 50: 5b pop %ebx 51: 5d pop %ebp 52: c3 ret forcing alignment as in comment #5 results in: inftrees-align.o: file format elf32-i386 Disassembly of section .text: 00000000 : 0: 55 push %ebp 1: 89 e5 mov %esp,%ebp 3: 53 push %ebx 4: 83 ec 24 sub $0x24,%esp 7: 8b 5d 0c mov 0xc(%ebp),%ebx a: 8b 4d 10 mov 0x10(%ebp),%ecx d: b8 01 00 00 00 mov $0x1,%eax 12: 8d 55 d8 lea -0x28(%ebp),%edx 15: 66 c7 44 42 fe 00 00 movw $0x0,-0x2(%edx,%eax,2) 1c: 83 c0 01 add $0x1,%eax 1f: 83 f8 11 cmp $0x11,%eax 22: 75 f1 jne 15 24: 85 c9 test %ecx,%ecx 26: 74 16 je 3e 28: ba 00 00 00 00 mov $0x0,%edx 2d: 0f b7 04 53 movzwl (%ebx,%edx,2),%eax 31: 66 83 44 45 d8 01 addw $0x1,-0x28(%ebp,%eax,2) 37: 83 c2 01 add $0x1,%edx 3a: 39 ca cmp %ecx,%edx 3c: 75 ef jne 2d 3e: b8 00 00 00 00 mov $0x0,%eax 43: 8d 55 d8 lea -0x28(%ebp),%edx 46: 66 83 7c 42 1e 00 cmpw $0x0,0x1e(%edx,%eax,2) 4c: 75 08 jne 56 4e: 83 e8 01 sub $0x1,%eax 51: 83 f8 f1 cmp $0xfffffff1,%eax 54: 75 f0 jne 46 56: 83 c4 24 add $0x24,%esp 59: 5b pop %ebx 5a: 5d pop %ebp 5b: c3 ret there's a gdb log for the segfault in firefox @ http://gcc.gnu.org/bugzilla/attachment.cgi?id=13966 i'll try to find something a little smaller than mozilla that can demonstrate this problem since i still suck at testcases. FWIW, i've been running GCC-4.2 svn with the patch at http://gcc.gnu.org/bugzilla/show_bug.cgi?id=25413#c17 for a couple months now and have built a sizable chunk of our package repository with -ftree-vectorize enabled several times over and have yet to run into any trouble whatsoever. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32893