From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugs-return-396109-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 25532 invoked by alias); 8 Jul 2012 11:41:12 -0000
Received: (qmail 25521 invoked by uid 22791); 8 Jul 2012 11:41:11 -0000
X-SWARE-Spam-Status: No, hits=-4.3 required=5.0	tests=ALL_TRUSTED,AWL,BAYES_00,KHOP_THREADED
X-Spam-Check-By: sourceware.org
Received: from localhost (HELO gcc.gnu.org) (127.0.0.1)    by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Sun, 08 Jul 2012 11:40:57 +0000
From: "olegendo at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug target/53886] Seg fault in sh_insn_length_adjustment
Date: Sun, 08 Jul 2012 11:41:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: target
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: olegendo at gcc dot gnu.org
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Changed-Fields: CC
Message-ID: <bug-53886-4-4dML6l5pdS@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-53886-4@http.gcc.gnu.org/bugzilla/>
References: <bug-53886-4@http.gcc.gnu.org/bugzilla/>
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
Content-Type: text/plain; charset="UTF-8"
MIME-Version: 1.0
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
X-SW-Source: 2012-07/txt/msg00695.txt.bz2

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886

Oleg Endo <olegendo at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |kkojima at gcc dot gnu.org

--- Comment #2 from Oleg Endo <olegendo at gcc dot gnu.org> 2012-07-08 11:40:56 UTC ---
I'm just guessing here, but this line

&& GET_CODE (PATTERN (NEXT_INSN (PREV_INSN (insn)))) != SEQUENCE

looks suspicious.  Most likely it's a nullptr access.
In sparc.c something similar is being done by the function
'int empty_delay_slot (rtx insn)'

Maybe the patch below could be a fix for the problem?
There are actually more places in sh.c where the usage of NEXT_INSN (PREV_INSN
(insn)) goes unchecked...

Kaz, what do you think?  Does this make any sense?


Index: gcc/config/sh/sh.c
===================================================================
--- gcc/config/sh/sh.c    (revision 189339)
+++ gcc/config/sh/sh.c    (working copy)
@@ -9652,6 +9652,15 @@
 #define IS_ASM_LOGICAL_LINE_SEPARATOR(C, STR) ((C) == ';')
 #endif

+static bool
+sequence_insn_p (rtx insn)
+{
+  if (PREV_INSN (insn) == NULL)
+    return false;
+
+  return GET_CODE (PATTERN (NEXT_INSN (PREV_INSN (insn)))) == SEQUENCE;
+}
+
 int
 sh_insn_length_adjustment (rtx insn)
 {
@@ -9662,7 +9671,7 @@
     && GET_CODE (PATTERN (insn)) != CLOBBER)
        || CALL_P (insn)
        || (JUMP_P (insn) && !JUMP_TABLE_DATA_P (insn)))
-      && GET_CODE (PATTERN (NEXT_INSN (PREV_INSN (insn)))) != SEQUENCE
+      && ! sequence_insn_p (insn)
       && get_attr_needs_delay_slot (insn) == NEEDS_DELAY_SLOT_YES)
     return 2;

@@ -9671,7 +9680,7 @@
   if (sh_cpu_attr == CPU_SH2E
       && JUMP_P (insn) && !JUMP_TABLE_DATA_P (insn)
       && get_attr_type (insn) == TYPE_CBRANCH
-      && GET_CODE (PATTERN (NEXT_INSN (PREV_INSN (insn)))) != SEQUENCE)
+      && ! sequence_insn_p (insn))
     return 2;

   /* sh-dsp parallel processing insn take four bytes instead of two.  */