* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
@ 2012-07-08 11:33 ` olegendo at gcc dot gnu.org
2012-07-08 11:41 ` olegendo at gcc dot gnu.org
` (9 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: olegendo at gcc dot gnu.org @ 2012-07-08 11:33 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
Oleg Endo <olegendo at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |olegendo at gcc dot gnu.org
--- Comment #1 from Oleg Endo <olegendo at gcc dot gnu.org> 2012-07-08 11:33:19 UTC ---
Ryan, could you please provide the (reduced) source file in question so that we
could add this as a test case to the test suite?
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
2012-07-08 11:33 ` [Bug target/53886] " olegendo at gcc dot gnu.org
@ 2012-07-08 11:41 ` olegendo at gcc dot gnu.org
2012-07-08 11:52 ` rmansfield at qnx dot com
` (8 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: olegendo at gcc dot gnu.org @ 2012-07-08 11:41 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
Oleg Endo <olegendo at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kkojima at gcc dot gnu.org
--- Comment #2 from Oleg Endo <olegendo at gcc dot gnu.org> 2012-07-08 11:40:56 UTC ---
I'm just guessing here, but this line
&& GET_CODE (PATTERN (NEXT_INSN (PREV_INSN (insn)))) != SEQUENCE
looks suspicious. Most likely it's a nullptr access.
In sparc.c something similar is being done by the function
'int empty_delay_slot (rtx insn)'
Maybe the patch below could be a fix for the problem?
There are actually more places in sh.c where the usage of NEXT_INSN (PREV_INSN
(insn)) goes unchecked...
Kaz, what do you think? Does this make any sense?
Index: gcc/config/sh/sh.c
===================================================================
--- gcc/config/sh/sh.c (revision 189339)
+++ gcc/config/sh/sh.c (working copy)
@@ -9652,6 +9652,15 @@
#define IS_ASM_LOGICAL_LINE_SEPARATOR(C, STR) ((C) == ';')
#endif
+static bool
+sequence_insn_p (rtx insn)
+{
+ if (PREV_INSN (insn) == NULL)
+ return false;
+
+ return GET_CODE (PATTERN (NEXT_INSN (PREV_INSN (insn)))) == SEQUENCE;
+}
+
int
sh_insn_length_adjustment (rtx insn)
{
@@ -9662,7 +9671,7 @@
&& GET_CODE (PATTERN (insn)) != CLOBBER)
|| CALL_P (insn)
|| (JUMP_P (insn) && !JUMP_TABLE_DATA_P (insn)))
- && GET_CODE (PATTERN (NEXT_INSN (PREV_INSN (insn)))) != SEQUENCE
+ && ! sequence_insn_p (insn)
&& get_attr_needs_delay_slot (insn) == NEEDS_DELAY_SLOT_YES)
return 2;
@@ -9671,7 +9680,7 @@
if (sh_cpu_attr == CPU_SH2E
&& JUMP_P (insn) && !JUMP_TABLE_DATA_P (insn)
&& get_attr_type (insn) == TYPE_CBRANCH
- && GET_CODE (PATTERN (NEXT_INSN (PREV_INSN (insn)))) != SEQUENCE)
+ && ! sequence_insn_p (insn))
return 2;
/* sh-dsp parallel processing insn take four bytes instead of two. */
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
2012-07-08 11:33 ` [Bug target/53886] " olegendo at gcc dot gnu.org
2012-07-08 11:41 ` olegendo at gcc dot gnu.org
@ 2012-07-08 11:52 ` rmansfield at qnx dot com
2012-07-08 12:19 ` olegendo at gcc dot gnu.org
` (7 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: rmansfield at qnx dot com @ 2012-07-08 11:52 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
--- Comment #3 from Ryan Mansfield <rmansfield at qnx dot com> 2012-07-08 11:52:21 UTC ---
Created attachment 27763
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=27763
preprocessed src
Sorry, I had tried to attach it during the bug creation but I didn't notice it
didn't take.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
` (2 preceding siblings ...)
2012-07-08 11:52 ` rmansfield at qnx dot com
@ 2012-07-08 12:19 ` olegendo at gcc dot gnu.org
2012-07-08 12:23 ` olegendo at gcc dot gnu.org
` (6 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: olegendo at gcc dot gnu.org @ 2012-07-08 12:19 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
--- Comment #4 from Oleg Endo <olegendo at gcc dot gnu.org> 2012-07-08 12:19:09 UTC ---
(In reply to comment #3)
> Created attachment 27763 [details]
> preprocessed src
>
> Sorry, I had tried to attach it during the bug creation but I didn't notice it
> didn't take.
Thanks. I could reproduce the problem here. It seems to happen for
-Os and-m{2a|4*}.
The reason is the subexpression
PATTERN (NEXT_INSN (PREV_INSN (insn)))
can return nullptr in some cases like this.
The patch below fixes this particular crash, but I'm not sure whether it is
the right thing to do in this case.
Index: gcc/config/sh/sh.c
===================================================================
--- gcc/config/sh/sh.c (revision 189339)
+++ gcc/config/sh/sh.c (working copy)
@@ -9652,6 +9652,26 @@
#define IS_ASM_LOGICAL_LINE_SEPARATOR(C, STR) ((C) == ';')
#endif
+static bool
+sequence_insn_p (rtx insn)
+{
+ rtx prev,next,pat;
+
+ prev = PREV_INSN (insn);
+ if (prev == NULL)
+ return false;
+
+ next = NEXT_INSN (prev);
+ if (next == NULL)
+ return false;
+
+ pat = PATTERN (next);
+ if (pat == NULL)
+ return false;
+
+ return GET_CODE (pat) == SEQUENCE;
+}
+
int
sh_insn_length_adjustment (rtx insn)
{
@@ -9662,7 +9682,7 @@
&& GET_CODE (PATTERN (insn)) != CLOBBER)
|| CALL_P (insn)
|| (JUMP_P (insn) && !JUMP_TABLE_DATA_P (insn)))
- && GET_CODE (PATTERN (NEXT_INSN (PREV_INSN (insn)))) != SEQUENCE
+ && ! sequence_insn_p (insn)
&& get_attr_needs_delay_slot (insn) == NEEDS_DELAY_SLOT_YES)
return 2;
@@ -9671,7 +9691,7 @@
if (sh_cpu_attr == CPU_SH2E
&& JUMP_P (insn) && !JUMP_TABLE_DATA_P (insn)
&& get_attr_type (insn) == TYPE_CBRANCH
- && GET_CODE (PATTERN (NEXT_INSN (PREV_INSN (insn)))) != SEQUENCE)
+ && ! sequence_insn_p (insn))
return 2;
/* sh-dsp parallel processing insn take four bytes instead of two. */
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
` (3 preceding siblings ...)
2012-07-08 12:19 ` olegendo at gcc dot gnu.org
@ 2012-07-08 12:23 ` olegendo at gcc dot gnu.org
2012-07-08 13:41 ` kkojima at gcc dot gnu.org
` (5 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: olegendo at gcc dot gnu.org @ 2012-07-08 12:23 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
Oleg Endo <olegendo at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target|sh4-unknown-linux-gnu |sh*-*-*
Status|UNCONFIRMED |NEW
Last reconfirmed| |2012-07-08
Ever Confirmed|0 |1
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
` (4 preceding siblings ...)
2012-07-08 12:23 ` olegendo at gcc dot gnu.org
@ 2012-07-08 13:41 ` kkojima at gcc dot gnu.org
2012-07-08 13:45 ` olegendo at gcc dot gnu.org
` (4 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: kkojima at gcc dot gnu.org @ 2012-07-08 13:41 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
--- Comment #5 from Kazumoto Kojima <kkojima at gcc dot gnu.org> 2012-07-08 13:41:09 UTC ---
(In reply to comment #4)
> The patch below fixes this particular crash, but I'm not sure whether it is
> the right thing to do in this case.
Looks fine to me except that the line
>+ rtx prev,next,pat;
requires space after comma.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
` (5 preceding siblings ...)
2012-07-08 13:41 ` kkojima at gcc dot gnu.org
@ 2012-07-08 13:45 ` olegendo at gcc dot gnu.org
2012-07-08 13:59 ` kkojima at gcc dot gnu.org
` (3 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: olegendo at gcc dot gnu.org @ 2012-07-08 13:45 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
--- Comment #6 from Oleg Endo <olegendo at gcc dot gnu.org> 2012-07-08 13:45:28 UTC ---
(In reply to comment #5)
> (In reply to comment #4)
> > The patch below fixes this particular crash, but I'm not sure whether it is
> > the right thing to do in this case.
>
> Looks fine to me except that the line
>
> >+ rtx prev,next,pat;
>
> requires space after comma.
Ah yeah, sure. Thanks.
I'll submit the patch after testing then.
Maybe backport it to 4.7, too?
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
` (6 preceding siblings ...)
2012-07-08 13:45 ` olegendo at gcc dot gnu.org
@ 2012-07-08 13:59 ` kkojima at gcc dot gnu.org
2012-07-09 22:39 ` olegendo at gcc dot gnu.org
` (2 subsequent siblings)
10 siblings, 0 replies; 12+ messages in thread
From: kkojima at gcc dot gnu.org @ 2012-07-08 13:59 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
--- Comment #7 from Kazumoto Kojima <kkojima at gcc dot gnu.org> 2012-07-08 13:59:00 UTC ---
(In reply to comment #6)
> Maybe backport it to 4.7, too?
If it's a regression also on 4.7. The test case doesn't fail with 4.7.1
on my environment, though.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
` (7 preceding siblings ...)
2012-07-08 13:59 ` kkojima at gcc dot gnu.org
@ 2012-07-09 22:39 ` olegendo at gcc dot gnu.org
2012-07-10 22:08 ` olegendo at gcc dot gnu.org
2012-07-10 22:12 ` olegendo at gcc dot gnu.org
10 siblings, 0 replies; 12+ messages in thread
From: olegendo at gcc dot gnu.org @ 2012-07-09 22:39 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
--- Comment #8 from Oleg Endo <olegendo at gcc dot gnu.org> 2012-07-09 22:39:29 UTC ---
Author: olegendo
Date: Mon Jul 9 22:39:25 2012
New Revision: 189394
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=189394
Log:
PR target/53886
* config/sh/sh.c (sequence_insn_p): New function.
(find_barrier, sh_insn_length_adjustment): Use it.
Modified:
trunk/gcc/ChangeLog
trunk/gcc/config/sh/sh.c
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
` (8 preceding siblings ...)
2012-07-09 22:39 ` olegendo at gcc dot gnu.org
@ 2012-07-10 22:08 ` olegendo at gcc dot gnu.org
2012-07-10 22:12 ` olegendo at gcc dot gnu.org
10 siblings, 0 replies; 12+ messages in thread
From: olegendo at gcc dot gnu.org @ 2012-07-10 22:08 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
--- Comment #9 from Oleg Endo <olegendo at gcc dot gnu.org> 2012-07-10 22:07:36 UTC ---
Author: olegendo
Date: Tue Jul 10 22:07:29 2012
New Revision: 189417
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=189417
Log:
PR target/53886
* gcc.c-torture/compile/pr53886.c: New.
Added:
trunk/gcc/testsuite/gcc.c-torture/compile/pr53886.c
Modified:
trunk/gcc/testsuite/ChangeLog
^ permalink raw reply [flat|nested] 12+ messages in thread
* [Bug target/53886] Seg fault in sh_insn_length_adjustment
2012-07-07 16:41 [Bug target/53886] New: Seg fault in sh_insn_length_adjustment rmansfield at qnx dot com
` (9 preceding siblings ...)
2012-07-10 22:08 ` olegendo at gcc dot gnu.org
@ 2012-07-10 22:12 ` olegendo at gcc dot gnu.org
10 siblings, 0 replies; 12+ messages in thread
From: olegendo at gcc dot gnu.org @ 2012-07-10 22:12 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53886
Oleg Endo <olegendo at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #10 from Oleg Endo <olegendo at gcc dot gnu.org> 2012-07-10 22:12:08 UTC ---
Should be OK now.
^ permalink raw reply [flat|nested] 12+ messages in thread