[Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c
@ 2023-12-04 14:04 iamanonymous.cs at gmail dot com
  2023-12-04 15:35 ` [Bug target/112845] [11/12/13/14 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504 jakub at gcc dot gnu.org
                   ` (8 more replies)
  0 siblings, 9 replies; 10+ messages in thread
From: iamanonymous.cs at gmail dot com @ 2023-12-04 14:04 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112845

            Bug ID: 112845
           Summary: ICE: in extract_insn, at recog.cc:2804 with -Os
                    -fcf-protection -c
           Product: gcc
           Version: 14.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: target
          Assignee: unassigned at gcc dot gnu.org
          Reporter: iamanonymous.cs at gmail dot com
  Target Milestone: ---

*******************************************************************************
OS and Platform:
$ uname -a:
Linux ubuntu 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023
x86_64 x86_64 x86_64 GNU/Linux
*******************************************************************************
gcc version:
$ gcc -v
Using built-in specs.
COLLECT_GCC=/root/gcc_set/202311291030/bin/gcc
COLLECT_LTO_WRAPPER=/root/gcc_set/202311291030/libexec/gcc/x86_64-pc-linux-gnu/14.0.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: ../gcc/configure --prefix=/root/gcc_set/202311291030
--with-gmp=/root/build_essential --with-mpfr=/root/build_essential
--with-mpc=/root/build_essential --enable-languages=c,c++ --disable-multilib
--with-sanitizer=address,undefined,thread,leak
Thread model: posix
Supported LTO compression algorithms: zlib
gcc version 14.0.0 20231129 (experimental) (GCC) 

git version: 99fa0bfd63d97825c4221dcd3123940f1d0e6291
*******************************************************************************
Program:
$ cat mutant.c
#ifdef __x86_64__
#define ENDBR_IMMEDIATE 0xfa1e0ff3
#else
#define ENDBR_IMMEDIATE 0xfb1e0ff3
#endif

int
func (int* p)
{
  return *(p + ENDBR_IMMEDIATE);
}

*******************************************************************************
Command Lines:
$ gcc -Os -fcf-protection -c mutant.c
mutant.c: In function ‘func’:
mutant.c:11:1: error: unrecognizable insn:
   11 | }
      | ^
(insn 27 7 28 2 (set (reg:DI 0 ax [101])
        (const_int 4196274163 [0xfa1e0ff3])) "mutant.c":10:10 discrim 1 -1
     (nil))
during RTL pass: cprop_hardreg
mutant.c:11:1: internal compiler error: in extract_insn, at recog.cc:2804
0x7e504e _fatal_insn(char const*, rtx_def const*, char const*, int, char
const*)
        ../../gcc/gcc/rtl-error.cc:108
0x7e506a _fatal_insn_not_found(rtx_def const*, char const*, int, char const*)
        ../../gcc/gcc/rtl-error.cc:116
0x7e3572 extract_insn(rtx_insn*)
        ../../gcc/gcc/recog.cc:2804
0xf7209b extract_constrain_insn(rtx_insn*)
        ../../gcc/gcc/recog.cc:2703
0xf7b182 copyprop_hardreg_forward_1
        ../../gcc/gcc/regcprop.cc:836
0xf7c389 execute
        ../../gcc/gcc/regcprop.cc:1423
Please submit a full bug report, with preprocessed source (by using
-freport-bug).
Please include the complete backtrace with any bug report.
See <https://gcc.gnu.org/bugs/> for instructions.

Also ICE on trunk, compiler explorer: https://godbolt.org/z/d3x5sbG7W

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug target/112845] [11/12/13/14 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504
  2023-12-04 14:04 [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c iamanonymous.cs at gmail dot com
@ 2023-12-04 15:35 ` jakub at gcc dot gnu.org
  2023-12-04 15:38 ` jakub at gcc dot gnu.org
                   ` (7 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: jakub at gcc dot gnu.org @ 2023-12-04 15:35 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112845

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|unassigned at gcc dot gnu.org      |jakub at gcc dot gnu.org
   Last reconfirmed|                            |2023-12-04
             Status|UNCONFIRMED                 |ASSIGNED
                 CC|                            |jakub at gcc dot gnu.org
            Summary|ICE: in extract_insn, at    |[11/12/13/14 Regression]
                   |recog.cc:2804 with -Os      |ICE: in extract_insn, at
                   |-fcf-protection -c          |recog.cc:2804 with -Os
                   |                            |-fcf-protection -c since
                   |                            |r8-3504
     Ever confirmed|0                           |1

--- Comment #1 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Guess introduced by my r8-3504-g2891beff1aa8e627ba27b35d28d6a8e6198a0625

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug target/112845] [11/12/13/14 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504
  2023-12-04 14:04 [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c iamanonymous.cs at gmail dot com
  2023-12-04 15:35 ` [Bug target/112845] [11/12/13/14 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504 jakub at gcc dot gnu.org
@ 2023-12-04 15:38 ` jakub at gcc dot gnu.org
  2023-12-04 15:38 ` jakub at gcc dot gnu.org
                   ` (6 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: jakub at gcc dot gnu.org @ 2023-12-04 15:38 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112845

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|---                         |11.5

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug target/112845] [11/12/13/14 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504
  2023-12-04 14:04 [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c iamanonymous.cs at gmail dot com
  2023-12-04 15:35 ` [Bug target/112845] [11/12/13/14 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504 jakub at gcc dot gnu.org
  2023-12-04 15:38 ` jakub at gcc dot gnu.org
@ 2023-12-04 15:38 ` jakub at gcc dot gnu.org
  2023-12-05 12:18 ` cvs-commit at gcc dot gnu.org
                   ` (5 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: jakub at gcc dot gnu.org @ 2023-12-04 15:38 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112845

--- Comment #2 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Created attachment 56788
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=56788&action=edit
gcc14-pr112845.patch

Untested fix.

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug target/112845] [11/12/13/14 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504
  2023-12-04 14:04 [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c iamanonymous.cs at gmail dot com
                   ` (2 preceding siblings ...)
  2023-12-04 15:38 ` jakub at gcc dot gnu.org
@ 2023-12-05 12:18 ` cvs-commit at gcc dot gnu.org
  2023-12-05 12:19 ` [Bug target/112845] [11/12/13 " jakub at gcc dot gnu.org
                   ` (4 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-12-05 12:18 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112845

--- Comment #3 from GCC Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Jakub Jelinek <jakub@gcc.gnu.org>:

https://gcc.gnu.org/g:e0786ca9a18c50ad08c40936b228e325193664b8

commit r14-6180-ge0786ca9a18c50ad08c40936b228e325193664b8
Author: Jakub Jelinek <jakub@redhat.com>
Date:   Tue Dec 5 13:17:57 2023 +0100

    i386: Fix -fcf-protection -Os ICE due to movabsq peephole2 [PR112845]

    The following testcase ICEs in the movabsq $(i32 << shift), r64 peephole2
    I've added a while back to use smaller code than movabsq if possible.
    If i32 is 0xfa1e0ff3 and shift is not divisible by 8, then it creates
    an invalid insn (as 0xfa1e0ff3 CONST_INT is not allowed as
    x86_64_immediate_operand nor x86_64_zext_immediate_operand), the peephole2
    even triggers on it again and again (this time with shift 0) until it gives
    up.

    The following patch fixes that.  As ix86_endbr_immediate_operand needs a
    CONST_INT and it is hopefully rare, I chose to use FAIL rather than
handling
    it in the condition (where I'd probably need to call ctz_hwi again etc.).

    2023-12-05  Jakub Jelinek  <jakub@redhat.com>

            PR target/112845
            * config/i386/i386.md (movabsq $(i32 << shift), r64 peephole2):
FAIL
            if the new immediate is ix86_endbr_immediate_operand.

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug target/112845] [11/12/13 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504
  2023-12-04 14:04 [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c iamanonymous.cs at gmail dot com
                   ` (3 preceding siblings ...)
  2023-12-05 12:18 ` cvs-commit at gcc dot gnu.org
@ 2023-12-05 12:19 ` jakub at gcc dot gnu.org
  2023-12-05 16:33 ` cvs-commit at gcc dot gnu.org
                   ` (3 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: jakub at gcc dot gnu.org @ 2023-12-05 12:19 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112845

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|[11/12/13/14 Regression]    |[11/12/13 Regression] ICE:
                   |ICE: in extract_insn, at    |in extract_insn, at
                   |recog.cc:2804 with -Os      |recog.cc:2804 with -Os
                   |-fcf-protection -c since    |-fcf-protection -c since
                   |r8-3504                     |r8-3504

--- Comment #4 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Fixed on the trunk so far.

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug target/112845] [11/12/13 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504
  2023-12-04 14:04 [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c iamanonymous.cs at gmail dot com
                   ` (4 preceding siblings ...)
  2023-12-05 12:19 ` [Bug target/112845] [11/12/13 " jakub at gcc dot gnu.org
@ 2023-12-05 16:33 ` cvs-commit at gcc dot gnu.org
  2023-12-05 17:02 ` [Bug target/112845] [11/12 " jakub at gcc dot gnu.org
                   ` (2 subsequent siblings)
  8 siblings, 0 replies; 10+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-12-05 16:33 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112845

--- Comment #5 from GCC Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-13 branch has been updated by Jakub Jelinek
<jakub@gcc.gnu.org>:

https://gcc.gnu.org/g:8d057d1f1fe5bf20d32912bc65ad620810583107

commit r13-8127-g8d057d1f1fe5bf20d32912bc65ad620810583107
Author: Jakub Jelinek <jakub@redhat.com>
Date:   Tue Dec 5 13:17:57 2023 +0100

    i386: Fix -fcf-protection -Os ICE due to movabsq peephole2 [PR112845]

    The following testcase ICEs in the movabsq $(i32 << shift), r64 peephole2
    I've added a while back to use smaller code than movabsq if possible.
    If i32 is 0xfa1e0ff3 and shift is not divisible by 8, then it creates
    an invalid insn (as 0xfa1e0ff3 CONST_INT is not allowed as
    x86_64_immediate_operand nor x86_64_zext_immediate_operand), the peephole2
    even triggers on it again and again (this time with shift 0) until it gives
    up.

    The following patch fixes that.  As ix86_endbr_immediate_operand needs a
    CONST_INT and it is hopefully rare, I chose to use FAIL rather than
handling
    it in the condition (where I'd probably need to call ctz_hwi again etc.).

    2023-12-05  Jakub Jelinek  <jakub@redhat.com>

            PR target/112845
            * config/i386/i386.md (movabsq $(i32 << shift), r64 peephole2):
FAIL
            if the new immediate is ix86_endbr_immediate_operand.

    (cherry picked from commit e0786ca9a18c50ad08c40936b228e325193664b8)

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug target/112845] [11/12 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504
  2023-12-04 14:04 [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c iamanonymous.cs at gmail dot com
                   ` (5 preceding siblings ...)
  2023-12-05 16:33 ` cvs-commit at gcc dot gnu.org
@ 2023-12-05 17:02 ` jakub at gcc dot gnu.org
  2023-12-16  0:38 ` cvs-commit at gcc dot gnu.org
  2023-12-17 13:55 ` cvs-commit at gcc dot gnu.org
  8 siblings, 0 replies; 10+ messages in thread
From: jakub at gcc dot gnu.org @ 2023-12-05 17:02 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112845

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|[11/12/13 Regression] ICE:  |[11/12 Regression] ICE: in
                   |in extract_insn, at         |extract_insn, at
                   |recog.cc:2804 with -Os      |recog.cc:2804 with -Os
                   |-fcf-protection -c since    |-fcf-protection -c since
                   |r8-3504                     |r8-3504

--- Comment #6 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Now fixed for 13.3 as well.

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug target/112845] [11/12 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504
  2023-12-04 14:04 [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c iamanonymous.cs at gmail dot com
                   ` (6 preceding siblings ...)
  2023-12-05 17:02 ` [Bug target/112845] [11/12 " jakub at gcc dot gnu.org
@ 2023-12-16  0:38 ` cvs-commit at gcc dot gnu.org
  2023-12-17 13:55 ` cvs-commit at gcc dot gnu.org
  8 siblings, 0 replies; 10+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-12-16  0:38 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112845

--- Comment #7 from GCC Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-12 branch has been updated by Jakub Jelinek
<jakub@gcc.gnu.org>:

https://gcc.gnu.org/g:87d013f7c877f944adbbaa4e94244baf990cb9f2

commit r12-10054-g87d013f7c877f944adbbaa4e94244baf990cb9f2
Author: Jakub Jelinek <jakub@redhat.com>
Date:   Tue Dec 5 13:17:57 2023 +0100

    i386: Fix -fcf-protection -Os ICE due to movabsq peephole2 [PR112845]

    The following testcase ICEs in the movabsq $(i32 << shift), r64 peephole2
    I've added a while back to use smaller code than movabsq if possible.
    If i32 is 0xfa1e0ff3 and shift is not divisible by 8, then it creates
    an invalid insn (as 0xfa1e0ff3 CONST_INT is not allowed as
    x86_64_immediate_operand nor x86_64_zext_immediate_operand), the peephole2
    even triggers on it again and again (this time with shift 0) until it gives
    up.

    The following patch fixes that.  As ix86_endbr_immediate_operand needs a
    CONST_INT and it is hopefully rare, I chose to use FAIL rather than
handling
    it in the condition (where I'd probably need to call ctz_hwi again etc.).

    2023-12-05  Jakub Jelinek  <jakub@redhat.com>

            PR target/112845
            * config/i386/i386.md (movabsq $(i32 << shift), r64 peephole2):
FAIL
            if the new immediate is ix86_endbr_immediate_operand.

    (cherry picked from commit e0786ca9a18c50ad08c40936b228e325193664b8)

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [Bug target/112845] [11/12 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504
  2023-12-04 14:04 [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c iamanonymous.cs at gmail dot com
                   ` (7 preceding siblings ...)
  2023-12-16  0:38 ` cvs-commit at gcc dot gnu.org
@ 2023-12-17 13:55 ` cvs-commit at gcc dot gnu.org
  8 siblings, 0 replies; 10+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-12-17 13:55 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112845

--- Comment #8 from GCC Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-11 branch has been updated by Jakub Jelinek
<jakub@gcc.gnu.org>:

https://gcc.gnu.org/g:6156cbb74dabb98899f8f481bda4ae969ac22d53

commit r11-11154-g6156cbb74dabb98899f8f481bda4ae969ac22d53
Author: Jakub Jelinek <jakub@redhat.com>
Date:   Tue Dec 5 13:17:57 2023 +0100

    i386: Fix -fcf-protection -Os ICE due to movabsq peephole2 [PR112845]

    The following testcase ICEs in the movabsq $(i32 << shift), r64 peephole2
    I've added a while back to use smaller code than movabsq if possible.
    If i32 is 0xfa1e0ff3 and shift is not divisible by 8, then it creates
    an invalid insn (as 0xfa1e0ff3 CONST_INT is not allowed as
    x86_64_immediate_operand nor x86_64_zext_immediate_operand), the peephole2
    even triggers on it again and again (this time with shift 0) until it gives
    up.

    The following patch fixes that.  As ix86_endbr_immediate_operand needs a
    CONST_INT and it is hopefully rare, I chose to use FAIL rather than
handling
    it in the condition (where I'd probably need to call ctz_hwi again etc.).

    2023-12-05  Jakub Jelinek  <jakub@redhat.com>

            PR target/112845
            * config/i386/i386.md (movabsq $(i32 << shift), r64 peephole2):
FAIL
            if the new immediate is ix86_endbr_immediate_operand.

    (cherry picked from commit e0786ca9a18c50ad08c40936b228e325193664b8)

^ permalink raw reply	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2023-12-17 13:55 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-12-04 14:04 [Bug target/112845] New: ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c iamanonymous.cs at gmail dot com
2023-12-04 15:35 ` [Bug target/112845] [11/12/13/14 Regression] ICE: in extract_insn, at recog.cc:2804 with -Os -fcf-protection -c since r8-3504 jakub at gcc dot gnu.org
2023-12-04 15:38 ` jakub at gcc dot gnu.org
2023-12-04 15:38 ` jakub at gcc dot gnu.org
2023-12-05 12:18 ` cvs-commit at gcc dot gnu.org
2023-12-05 12:19 ` [Bug target/112845] [11/12/13 " jakub at gcc dot gnu.org
2023-12-05 16:33 ` cvs-commit at gcc dot gnu.org
2023-12-05 17:02 ` [Bug target/112845] [11/12 " jakub at gcc dot gnu.org
2023-12-16  0:38 ` cvs-commit at gcc dot gnu.org
2023-12-17 13:55 ` cvs-commit at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).