public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c++/54899] New: -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults
@ 2012-10-11 10:29 phiren at gmail dot com
2012-10-11 10:38 ` [Bug c++/54899] " zsojka at seznam dot cz
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: phiren at gmail dot com @ 2012-10-11 10:29 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54899
Bug #: 54899
Summary: -fpredictive-commoning and -ftree-vectorize
optimizations generate a nonsensical binary which
segfaults
Classification: Unclassified
Product: gcc
Version: 4.7.2
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c++
AssignedTo: unassigned@gcc.gnu.org
ReportedBy: phiren@gmail.com
Created attachment 28423
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=28423
minimal(ish) testcase which reproduces the bug.
When this code is compiled with -O3 (or even just -O1 with
-fpredictive-commoning and -ftree-vectorize) gcc generates code which segfaults
when run.
The original code was deep inside a template metaprogramming math library. I
don't have much experience with templates so I only managed to trim the minimal
testcase down to 60 lines. Templates may or may not be needed to trigger the
bug, it may be possible to completely factor them out.
Version info:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-unknown-linux-gnu/4.7.2/lto-wrapper
Target: x86_64-unknown-linux-gnu
Configured with: /build/src/gcc-4.7.2/configure --prefix=/usr --libdir=/usr/lib
--libexecdir=/usr/lib --mandir=/usr/share/man --infodir=/usr/share/info
--with-bugurl=https://bugs.archlinux.org/
--enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++ --enable-shared
--enable-threads=posix --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions --enable-clocale=gnu --disable-libstdcxx-pch
--enable-libstdcxx-time --enable-gnu-unique-object --enable-linker-build-id
--with-ppl --enable-cloog-backend=isl --disable-ppl-version-check
--disable-cloog-version-check --enable-lto --enable-gold --enable-ld=default
--enable-plugin --with-plugin-ld=ld.gold --with-linker-hash-style=gnu
--disable-multilib --disable-libssp --disable-build-with-cxx
--disable-build-poststage1-with-cxx --enable-checking=release
Thread model: posix
gcc version 4.7.2 (GCC)
Command line which triggers the bug:
gcc bug2.ii -o bug -O3 && ./bug
(no compiler output, ./bug will segfault when run)
Looking at the assembly output when disabling predictive commoning there are
only 3 changes and if it wasn't for an off-by-0x800000000 error they would be
functionally identical.
-O3 -fno-predictive-commoning:
movsd (%rdi), %xmm1
movsd 24(%rdi), %xmm2
movhpd 8(%rdi), %xmm1
movhpd 32(%rdi), %xmm2
movapd %xmm1, %xmm0
movsd 16(%rdi), %xmm1
<snip>
-O3:
movsd (%rdi), %xmm1
movabsq $34359738384, %rax <-- Inserted
movsd 24(%rdi), %xmm2
movhpd 8(%rdi), %xmm1
movhpd 32(%rdi), %xmm2
movapd %xmm1, %xmm0
movsd (%rdi,%rax), %xmm1 <-- Changed
<snip>
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug c++/54899] -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults
2012-10-11 10:29 [Bug c++/54899] New: -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults phiren at gmail dot com
@ 2012-10-11 10:38 ` zsojka at seznam dot cz
2012-10-11 10:47 ` zsojka at seznam dot cz
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: zsojka at seznam dot cz @ 2012-10-11 10:38 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54899
Zdenek Sojka <zsojka at seznam dot cz> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |zsojka at seznam dot cz
--- Comment #1 from Zdenek Sojka <zsojka at seznam dot cz> 2012-10-11 10:37:59 UTC ---
bug2.ii:57
Thing thing(Vec<>(0.0, 1.0, 0.0), Vec<>(0.0, 1.0, 1.0));
bug2.ii:33
inline VecBinaryExpr(const Vec<>& e1, const Vec<>& e2) : Exp1(e1), Exp2(e2)
{}
bug2.ii:31
const Vec<>& Exp1;
const Vec<>& Exp2;
References to temporaries are taken and stored. Life of temporaries ends after
the return from call to the contructor, thus (Exp1, Exp2) are referencing dead
objects.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug c++/54899] -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults
2012-10-11 10:29 [Bug c++/54899] New: -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults phiren at gmail dot com
2012-10-11 10:38 ` [Bug c++/54899] " zsojka at seznam dot cz
@ 2012-10-11 10:47 ` zsojka at seznam dot cz
2012-10-11 13:58 ` [Bug tree-optimization/54899] [4.7 Regression] " rguenth at gcc dot gnu.org
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: zsojka at seznam dot cz @ 2012-10-11 10:47 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54899
--- Comment #2 from Zdenek Sojka <zsojka at seznam dot cz> 2012-10-11 10:47:09 UTC ---
(In reply to comment #1)
> bug2.ii:57
> Thing thing(Vec<>(0.0, 1.0, 0.0), Vec<>(0.0, 1.0, 1.0));
> bug2.ii:33
> inline VecBinaryExpr(const Vec<>& e1, const Vec<>& e2) : Exp1(e1), Exp2(e2)
> {}
> bug2.ii:31
> const Vec<>& Exp1;
> const Vec<>& Exp2;
>
Sorry, I was in a hurry and mistaked Thing and VecBinaryExpr.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug tree-optimization/54899] [4.7 Regression] -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults
2012-10-11 10:29 [Bug c++/54899] New: -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults phiren at gmail dot com
2012-10-11 10:38 ` [Bug c++/54899] " zsojka at seznam dot cz
2012-10-11 10:47 ` zsojka at seznam dot cz
@ 2012-10-11 13:58 ` rguenth at gcc dot gnu.org
2013-04-03 9:44 ` rguenth at gcc dot gnu.org
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2012-10-11 13:58 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54899
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Known to work| |4.6.4, 4.8.0
Keywords| |wrong-code
Last reconfirmed| |2012-10-11
Component|c++ |tree-optimization
Ever Confirmed|0 |1
Summary|-fpredictive-commoning and |[4.7 Regression]
|-ftree-vectorize |-fpredictive-commoning and
|optimizations generate a |-ftree-vectorize
|nonsensical binary which |optimizations generate a
|segfaults |nonsensical binary which
| |segfaults
Target Milestone|--- |4.7.3
Known to fail| |4.7.2
--- Comment #3 from Richard Biener <rguenth at gcc dot gnu.org> 2012-10-11 13:57:50 UTC ---
predcom introduces
D.2600_40 = MEM[(const double &)D.2413_2].mData[4294967295];
D.2601_38 = MEM[(const double &)D.2413_2].mData[0];
D.2602_19 = MEM[(const double &)D.2413_2].mData[1];
this is mData[-1], a reconstructed array access, D.2413_2 is &this_1(D)->b.
Not sure how predcom arrives at this ... on trunk there is no predcom
performed and Instead the base is this_1(D) + 24.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug tree-optimization/54899] [4.7 Regression] -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults
2012-10-11 10:29 [Bug c++/54899] New: -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults phiren at gmail dot com
` (2 preceding siblings ...)
2012-10-11 13:58 ` [Bug tree-optimization/54899] [4.7 Regression] " rguenth at gcc dot gnu.org
@ 2013-04-03 9:44 ` rguenth at gcc dot gnu.org
2013-04-11 8:00 ` rguenth at gcc dot gnu.org
2014-06-12 13:18 ` rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2013-04-03 9:44 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54899
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P3 |P2
CC| |rguenth at gcc dot gnu.org
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug tree-optimization/54899] [4.7 Regression] -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults
2012-10-11 10:29 [Bug c++/54899] New: -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults phiren at gmail dot com
` (3 preceding siblings ...)
2013-04-03 9:44 ` rguenth at gcc dot gnu.org
@ 2013-04-11 8:00 ` rguenth at gcc dot gnu.org
2014-06-12 13:18 ` rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2013-04-11 8:00 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54899
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|4.7.3 |4.7.4
--- Comment #4 from Richard Biener <rguenth at gcc dot gnu.org> 2013-04-11 07:59:47 UTC ---
GCC 4.7.3 is being released, adjusting target milestone.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug tree-optimization/54899] [4.7 Regression] -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults
2012-10-11 10:29 [Bug c++/54899] New: -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults phiren at gmail dot com
` (4 preceding siblings ...)
2013-04-11 8:00 ` rguenth at gcc dot gnu.org
@ 2014-06-12 13:18 ` rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2014-06-12 13:18 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=54899
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
Target Milestone|4.7.4 |4.8.0
Known to fail| |4.7.4
--- Comment #5 from Richard Biener <rguenth at gcc dot gnu.org> ---
Fixed in 4.8.0.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2014-06-12 13:18 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-10-11 10:29 [Bug c++/54899] New: -fpredictive-commoning and -ftree-vectorize optimizations generate a nonsensical binary which segfaults phiren at gmail dot com
2012-10-11 10:38 ` [Bug c++/54899] " zsojka at seznam dot cz
2012-10-11 10:47 ` zsojka at seznam dot cz
2012-10-11 13:58 ` [Bug tree-optimization/54899] [4.7 Regression] " rguenth at gcc dot gnu.org
2013-04-03 9:44 ` rguenth at gcc dot gnu.org
2013-04-11 8:00 ` rguenth at gcc dot gnu.org
2014-06-12 13:18 ` rguenth at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).