public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug rtl-optimization/48181] New: [4.5/4.6/4.7 Regression] wrong code with -O -fgcse --param ira-max-conflict-table-size=0
@ 2011-03-18 14:40 zsojka at seznam dot cz
  2011-03-18 14:51 ` [Bug rtl-optimization/48181] " rguenth at gcc dot gnu.org
                   ` (14 more replies)
  0 siblings, 15 replies; 16+ messages in thread
From: zsojka at seznam dot cz @ 2011-03-18 14:40 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48181

           Summary: [4.5/4.6/4.7 Regression] wrong code with -O -fgcse
                    --param ira-max-conflict-table-size=0
           Product: gcc
           Version: 4.7.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: rtl-optimization
        AssignedTo: unassigned@gcc.gnu.org
        ReportedBy: zsojka@seznam.cz
                CC: jakub@gcc.gnu.org
              Host: x86_64-pc-linux-gnu
            Target: x86_64-pc-linux-gnu


Created attachment 23705
  --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=23705
reduced testcase

Output:
$ gcc -O -fgcse --param ira-max-conflict-table-size=0 testcase.c
$ valgrind -q ./a.out 
==11903== Invalid read of size 8
==11903==    at 0x4C2B44C: memcpy (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==11903==    by 0x400602: foo (testcase.c:47)
==11903==    by 0x4006AA: main (testcase.c:65)
==11903==  Address 0x38 is not stack'd, malloc'd or (recently) free'd

The way it crashes is similiar to PR48156:
...
    lea    rcx, [rsp+128]    # tmp126,
    cmp    QWORD PTR [rsp+8], 0    # %sfp,
    jne    .L11    #,
    mov    esi, r14d    #, qsize
    mov    rdi, rcx    #, tmp126
    call    bar    #
.L11:
    mov    rdx, r12    #, D.2735
    mov    rsi, rcx    #, tmp126 # -fno-gcse: lea rsi, [rsp+128]
    lea    rdi, [rsp+64]    #,
    call    memcpy    #
    mov    rdx, r12    #, D.2735
    mov    rsi, rcx    #, tmp126 # -fno-gcse: lea rsi, [rsp+128]
    lea    rdi, [rsp+32]    #,
    call    memcpy    #
...

both calls to memcpy() read rcx to set its parameters, but rcx is not preserved
across function call (changes either by call to bar(), or by first memcpy())

Tested revisions:
r171088 - fail
4.6 r170095 - fail
4.5 r170095 - fail
4.4 r170095 - OK


^ permalink raw reply	[flat|nested] 16+ messages in thread
end of thread, other threads:[~2015-06-10  9:05 UTC | newest]

Thread overview: 16+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-03-18 14:40 [Bug rtl-optimization/48181] New: [4.5/4.6/4.7 Regression] wrong code with -O -fgcse --param ira-max-conflict-table-size=0 zsojka at seznam dot cz
2011-03-18 14:51 ` [Bug rtl-optimization/48181] " rguenth at gcc dot gnu.org
2011-03-22  0:54 ` steven at gcc dot gnu.org
2011-04-10 10:43 ` rguenth at gcc dot gnu.org
2011-04-28 15:00 ` rguenth at gcc dot gnu.org
2012-07-02 11:08 ` [Bug rtl-optimization/48181] [4.5/4.6/4.7/4.8 " rguenth at gcc dot gnu.org
2013-01-08 15:17 ` [Bug rtl-optimization/48181] [4.6/4.7/4.8 " jakub at gcc dot gnu.org
2013-01-16 22:49 ` steven at gcc dot gnu.org
2013-01-16 23:08 ` jakub at gcc dot gnu.org
2013-04-12 15:17 ` [Bug rtl-optimization/48181] [4.7/4.8/4.9 " jakub at gcc dot gnu.org
2014-06-12 13:47 ` [Bug rtl-optimization/48181] [4.7/4.8/4.9/4.10 " rguenth at gcc dot gnu.org
2014-12-19 13:29 ` [Bug rtl-optimization/48181] [4.8/4.9/5 " jakub at gcc dot gnu.org
2015-03-24 10:46 ` [Bug rtl-optimization/48181] [4.8/4.9 " steven at gcc dot gnu.org
2015-06-10  0:49 ` bernhard.kaindl at thalesgroup dot com
2015-06-10  1:28 ` bernhard.kaindl at thalesgroup dot com
2015-06-10  9:05 ` [Bug rtl-optimization/48181] " rguenth at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).