* [Bug debug/51746] Segfault in cselib_preserved_value_p
2012-01-03 21:49 [Bug debug/51746] New: Segfault in cselib_preserved_value_p rmansfield at qnx dot com
@ 2012-01-04 10:40 ` jakub at gcc dot gnu.org
2012-01-04 10:42 ` [Bug debug/51746] [4.7 Regression] " jakub at gcc dot gnu.org
` (8 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: jakub at gcc dot gnu.org @ 2012-01-04 10:40 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51746
--- Comment #1 from Jakub Jelinek <jakub at gcc dot gnu.org> 2012-01-04 10:40:35 UTC ---
Looks latent before to me.
The issue is that when cselib_process_insn for
(insn 56 51 60 4 (cond_exec (eq (reg:CC 24 cc)
(const_int 0 [0]))
(set (mem:QI (plus:SI (reg:SI 1 r1 [orig:169 ivtmp.6 ] [169])
(const_int -1 [0xffffffffffffffff])) [0 MEM[base: 0B,
index: ivtmp.6_13, offset: 4294967295B]+0 S1 A8])
(reg:QI 2 r2 [176]))) pr51746.i:16 3031 {*p *arm_movqi_insn}
(nil))
is called, initially when doing cselib_lookup on the r1 - 1, we get value
18:18,
but still during processing of that insn htab_expand is called on the cselib
hash table, as it reached the 3/4 fullness limit. After this expand we don't
find VALUE 18:18 for r1 - 1 anymore and instead create VALUE 27:8168 (8168 is
the hash value of r1 - 1 at that point). But that means cselib_lookup on
(mem:QI (value 27:8168)) in add_stores fails, because the desired value that
was created earlier on for (mem:QI (r1 - 1)) is in value 18:18's addr_list, not
in 27:8168's addr_list and add_stores calls cselib_lookup with create=0.
It seems most of the places in var-tracking.c that call cselib_lookup with
create=0 allow it to return NULL, but not this spot. So the easiest fix is
just handle the oval == NULL case. And we can think about some improvements if
it would be possible to improve this case somehow. E.g. if cselib_find_slot
in cselib_lookup_1 succeeeds, but returns a value with e->hash != hash, perhaps
we could insert a cselib_val with the desired hash and make it
cselib_add_permanent_equiv to the actual value found? Perhaps not 4.7
material...
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug debug/51746] [4.7 Regression] Segfault in cselib_preserved_value_p
2012-01-03 21:49 [Bug debug/51746] New: Segfault in cselib_preserved_value_p rmansfield at qnx dot com
2012-01-04 10:40 ` [Bug debug/51746] " jakub at gcc dot gnu.org
@ 2012-01-04 10:42 ` jakub at gcc dot gnu.org
2012-01-04 10:46 ` jakub at gcc dot gnu.org
` (7 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: jakub at gcc dot gnu.org @ 2012-01-04 10:42 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51746
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Last reconfirmed| |2012-01-04
Target Milestone|--- |4.7.0
Summary|Segfault in |[4.7 Regression] Segfault
|cselib_preserved_value_p |in cselib_preserved_value_p
Ever Confirmed|0 |1
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug debug/51746] [4.7 Regression] Segfault in cselib_preserved_value_p
2012-01-03 21:49 [Bug debug/51746] New: Segfault in cselib_preserved_value_p rmansfield at qnx dot com
2012-01-04 10:40 ` [Bug debug/51746] " jakub at gcc dot gnu.org
2012-01-04 10:42 ` [Bug debug/51746] [4.7 Regression] " jakub at gcc dot gnu.org
@ 2012-01-04 10:46 ` jakub at gcc dot gnu.org
2012-01-04 13:54 ` rguenth at gcc dot gnu.org
` (6 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: jakub at gcc dot gnu.org @ 2012-01-04 10:46 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51746
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
AssignedTo|unassigned at gcc dot |jakub at gcc dot gnu.org
|gnu.org |
--- Comment #2 from Jakub Jelinek <jakub at gcc dot gnu.org> 2012-01-04 10:46:39 UTC ---
Created attachment 26236
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=26236
gcc47-pr51746.patch
Untested fix.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug debug/51746] [4.7 Regression] Segfault in cselib_preserved_value_p
2012-01-03 21:49 [Bug debug/51746] New: Segfault in cselib_preserved_value_p rmansfield at qnx dot com
` (2 preceding siblings ...)
2012-01-04 10:46 ` jakub at gcc dot gnu.org
@ 2012-01-04 13:54 ` rguenth at gcc dot gnu.org
2012-01-05 0:17 ` aoliva at gcc dot gnu.org
` (5 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: rguenth at gcc dot gnu.org @ 2012-01-04 13:54 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51746
Richard Guenther <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P3 |P1
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug debug/51746] [4.7 Regression] Segfault in cselib_preserved_value_p
2012-01-03 21:49 [Bug debug/51746] New: Segfault in cselib_preserved_value_p rmansfield at qnx dot com
` (3 preceding siblings ...)
2012-01-04 13:54 ` rguenth at gcc dot gnu.org
@ 2012-01-05 0:17 ` aoliva at gcc dot gnu.org
2012-01-05 0:30 ` jakub at gcc dot gnu.org
` (4 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: aoliva at gcc dot gnu.org @ 2012-01-05 0:17 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51746
--- Comment #3 from Alexandre Oliva <aoliva at gcc dot gnu.org> 2012-01-05 00:17:27 UTC ---
Thanks, Jakub, the patch is fine, I've just verified that it fixes the problem.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug debug/51746] [4.7 Regression] Segfault in cselib_preserved_value_p
2012-01-03 21:49 [Bug debug/51746] New: Segfault in cselib_preserved_value_p rmansfield at qnx dot com
` (4 preceding siblings ...)
2012-01-05 0:17 ` aoliva at gcc dot gnu.org
@ 2012-01-05 0:30 ` jakub at gcc dot gnu.org
2012-01-05 0:31 ` [Bug debug/51746] " jakub at gcc dot gnu.org
` (3 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: jakub at gcc dot gnu.org @ 2012-01-05 0:30 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51746
--- Comment #4 from Jakub Jelinek <jakub at gcc dot gnu.org> 2012-01-05 00:29:16 UTC ---
Author: jakub
Date: Thu Jan 5 00:29:13 2012
New Revision: 182897
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=182897
Log:
PR debug/51746
* var-tracking.c (add_stores): For COND_EXEC allow oval to be NULL.
Modified:
trunk/gcc/ChangeLog
trunk/gcc/var-tracking.c
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug debug/51746] Segfault in cselib_preserved_value_p
2012-01-03 21:49 [Bug debug/51746] New: Segfault in cselib_preserved_value_p rmansfield at qnx dot com
` (5 preceding siblings ...)
2012-01-05 0:30 ` jakub at gcc dot gnu.org
@ 2012-01-05 0:31 ` jakub at gcc dot gnu.org
2012-01-05 0:58 ` aoliva at gcc dot gnu.org
` (2 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: jakub at gcc dot gnu.org @ 2012-01-05 0:31 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51746
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P1 |P2
Summary|[4.7 Regression] Segfault |Segfault in
|in cselib_preserved_value_p |cselib_preserved_value_p
--- Comment #5 from Jakub Jelinek <jakub at gcc dot gnu.org> 2012-01-05 00:31:22 UTC ---
Fixed, keeping the bug open just so that we can consider improving the case
where cselib hashtable grows for 4.8+.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug debug/51746] Segfault in cselib_preserved_value_p
2012-01-03 21:49 [Bug debug/51746] New: Segfault in cselib_preserved_value_p rmansfield at qnx dot com
` (6 preceding siblings ...)
2012-01-05 0:31 ` [Bug debug/51746] " jakub at gcc dot gnu.org
@ 2012-01-05 0:58 ` aoliva at gcc dot gnu.org
2012-01-06 20:21 ` aoliva at gcc dot gnu.org
2012-01-06 22:57 ` aoliva at gcc dot gnu.org
9 siblings, 0 replies; 11+ messages in thread
From: aoliva at gcc dot gnu.org @ 2012-01-05 0:58 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51746
--- Comment #6 from Alexandre Oliva <aoliva at gcc dot gnu.org> 2012-01-05 00:58:13 UTC ---
I've now realized the reason we fail to find the (plus:si (reg:si r1)
(const_int -1)) is that reverse_op miscomputes the hash of value 22, because
we're looking up an expr containing a VALUE, and cselib_hash_rtx doesn't handle
that properly. Getting it to support VALUEs as part of expressions, lookup
succeeds and we reuse the value, as expected. Here's the patch I'm testing:
diff --git a/gcc/cselib.c b/gcc/cselib.c
index eeb88e6..ab9c458 100644
--- a/gcc/cselib.c
+++ b/gcc/cselib.c
@@ -1035,6 +1035,10 @@ cselib_hash_rtx (rtx x, int create, enum machine_mode
mem
switch (code)
{
+ case VALUE:
+ e = CSELIB_VAL_PTR (x);
+ return e->hash;
+
case MEM:
case REG:
e = cselib_lookup (x, GET_MODE (x), create, memmode);
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug debug/51746] Segfault in cselib_preserved_value_p
2012-01-03 21:49 [Bug debug/51746] New: Segfault in cselib_preserved_value_p rmansfield at qnx dot com
` (7 preceding siblings ...)
2012-01-05 0:58 ` aoliva at gcc dot gnu.org
@ 2012-01-06 20:21 ` aoliva at gcc dot gnu.org
2012-01-06 22:57 ` aoliva at gcc dot gnu.org
9 siblings, 0 replies; 11+ messages in thread
From: aoliva at gcc dot gnu.org @ 2012-01-06 20:21 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51746
--- Comment #7 from Alexandre Oliva <aoliva at gcc dot gnu.org> 2012-01-06 20:21:00 UTC ---
Author: aoliva
Date: Fri Jan 6 20:20:55 2012
New Revision: 182963
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=182963
Log:
PR debug/51746
* cselib.c (cselib_hash_rtx): Hash incoming VALUEs too.
Modified:
trunk/gcc/ChangeLog
trunk/gcc/cselib.c
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug debug/51746] Segfault in cselib_preserved_value_p
2012-01-03 21:49 [Bug debug/51746] New: Segfault in cselib_preserved_value_p rmansfield at qnx dot com
` (8 preceding siblings ...)
2012-01-06 20:21 ` aoliva at gcc dot gnu.org
@ 2012-01-06 22:57 ` aoliva at gcc dot gnu.org
9 siblings, 0 replies; 11+ messages in thread
From: aoliva at gcc dot gnu.org @ 2012-01-06 22:57 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51746
Alexandre Oliva <aoliva at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |FIXED
--- Comment #8 from Alexandre Oliva <aoliva at gcc dot gnu.org> 2012-01-06 22:57:38 UTC ---
Fixed
^ permalink raw reply [flat|nested] 11+ messages in thread