* [Bug rtl-optimization/64294] invalid code, zero check gets optimized away
2014-12-12 22:25 [Bug rtl-optimization/64294] New: invalid code, zero check gets optimized away gcc at breakpoint dot cc
@ 2014-12-12 22:43 ` schwab@linux-m68k.org
2014-12-12 22:54 ` gcc at breakpoint dot cc
` (8 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: schwab@linux-m68k.org @ 2014-12-12 22:43 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64294
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution|--- |INVALID
--- Comment #1 from Andreas Schwab <schwab@linux-m68k.org> ---
This condition is true if backsize == 0:
if(!((bufsz) > 0 && (backsize) > 0 && (size_t)(backsize) <=
(size_t)(bufsz) && (ddst) >= (buf) && ((ddst) + (backsize)) <= ((buf) +
(bufsz)) && ((ddst) + (backsize)) > (buf) && (ddst) < ((buf) + (bufsz))) ||
!((bufsz) > 0 && (backsize) > 0 && (size_t)(backsize) <= (size_t)(bufsz) &&
(ddst+backbytes) >= (buf) && ((ddst+backbytes) + (backsize)) <= ((buf) +
(bufsz)) && ((ddst+backbytes) + (backsize)) > (buf) && (ddst+backbytes) <
((buf) + (bufsz)))) {
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug rtl-optimization/64294] invalid code, zero check gets optimized away
2014-12-12 22:25 [Bug rtl-optimization/64294] New: invalid code, zero check gets optimized away gcc at breakpoint dot cc
2014-12-12 22:43 ` [Bug rtl-optimization/64294] " schwab@linux-m68k.org
@ 2014-12-12 22:54 ` gcc at breakpoint dot cc
2014-12-13 20:58 ` gcc at breakpoint dot cc
` (7 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: gcc at breakpoint dot cc @ 2014-12-12 22:54 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64294
--- Comment #2 from Sebastian Andrzej Siewior <gcc at breakpoint dot cc> ---
It seems exit(0) is dropped with -O1 -ftree-vrp.
(In reply to Andreas Schwab from comment #1)
> This condition is true if backsize == 0:
Ehm, yes. The Code is:
--
printf("bufsz: %u backsize: %d\n", bufsz, backsize);
if(!CLI_ISCONTAINED(buf, bufsz, ddst, backsize) || !CLI_ISCONTAINED(buf, bufsz,
ddst+backbytes, back size)) {
free(usects);
return 1;
}
asm volatile("labele:");
--
So I would expect that it leaves the function but I see a segfault in the while
loop later on and according the printf, backsize was 0.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug rtl-optimization/64294] invalid code, zero check gets optimized away
2014-12-12 22:25 [Bug rtl-optimization/64294] New: invalid code, zero check gets optimized away gcc at breakpoint dot cc
2014-12-12 22:43 ` [Bug rtl-optimization/64294] " schwab@linux-m68k.org
2014-12-12 22:54 ` gcc at breakpoint dot cc
@ 2014-12-13 20:58 ` gcc at breakpoint dot cc
2014-12-13 20:59 ` gcc at breakpoint dot cc
` (6 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: gcc at breakpoint dot cc @ 2014-12-13 20:58 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64294
Sebastian Andrzej Siewior <gcc at breakpoint dot cc> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #34272|0 |1
is obsolete| |
--- Comment #3 from Sebastian Andrzej Siewior <gcc at breakpoint dot cc> ---
Created attachment 34275
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=34275&action=edit
tc-macro version
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug rtl-optimization/64294] invalid code, zero check gets optimized away
2014-12-12 22:25 [Bug rtl-optimization/64294] New: invalid code, zero check gets optimized away gcc at breakpoint dot cc
` (2 preceding siblings ...)
2014-12-13 20:58 ` gcc at breakpoint dot cc
@ 2014-12-13 20:59 ` gcc at breakpoint dot cc
2014-12-13 21:12 ` gcc at breakpoint dot cc
` (5 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: gcc at breakpoint dot cc @ 2014-12-13 20:59 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64294
--- Comment #4 from Sebastian Andrzej Siewior <gcc at breakpoint dot cc> ---
Created attachment 34276
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=34276&action=edit
tc-static function
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug rtl-optimization/64294] invalid code, zero check gets optimized away
2014-12-12 22:25 [Bug rtl-optimization/64294] New: invalid code, zero check gets optimized away gcc at breakpoint dot cc
` (3 preceding siblings ...)
2014-12-13 20:59 ` gcc at breakpoint dot cc
@ 2014-12-13 21:12 ` gcc at breakpoint dot cc
2014-12-20 11:53 ` mikpelinux at gmail dot com
` (4 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: gcc at breakpoint dot cc @ 2014-12-13 21:12 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64294
Sebastian Andrzej Siewior <gcc at breakpoint dot cc> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |UNCONFIRMED
Resolution|INVALID |---
--- Comment #5 from Sebastian Andrzej Siewior <gcc at breakpoint dot cc> ---
I re-open it. This time I attached the whole .i twice:
- "macro" contains the second CLI_ISCONTAINED() invocation as a macro
- "static" contains the second CLI_ISCONTAINED() as a static function
The first one (macro) segfaults, the second one (static) works as a expected.
The only obvious change I made in the static version is that the size argument
is not signed but unsigned. Changing the type of sb_size to signed int results
in the segfault again.
I saw this problem with gcc-4.8 and 4.9. gcc 4.7 seems not to miss compile it.
Comparing the disassemble between those two .i I see:
- macro
+ static
<label>:
- 8b 44 24 44 mov 0x44(%esp),%eax
- 89 c1 mov %eax,%ecx
+ 8b 44 24 20 mov 0x20(%esp),%eax
+ 85 c0 test %eax,%eax
+ 0f 84 8c fb ff ff je 3f0 <petite_inflate2x_1to9+0x3f0>
+ 8b 4c 24 58 mov 0x58(%esp),%ecx
+ 8b 44 24 20 mov 0x20(%esp),%eax
For me as a no-compiler guy it looks like the zero check has been removed
because for
some reason the size argument has to be != 0.
I'm not sure if this is related but #26763 fixed a problem with the same macro.
Sebastian
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug rtl-optimization/64294] invalid code, zero check gets optimized away
2014-12-12 22:25 [Bug rtl-optimization/64294] New: invalid code, zero check gets optimized away gcc at breakpoint dot cc
` (4 preceding siblings ...)
2014-12-13 21:12 ` gcc at breakpoint dot cc
@ 2014-12-20 11:53 ` mikpelinux at gmail dot com
2014-12-20 14:30 ` gcc at breakpoint dot cc
` (3 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: mikpelinux at gmail dot com @ 2014-12-20 11:53 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64294
--- Comment #7 from Mikael Pettersson <mikpelinux at gmail dot com> ---
The testcases don't build due to linkage errors. Please submit a
self-contained and preferably minimized testcase.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug rtl-optimization/64294] invalid code, zero check gets optimized away
2014-12-12 22:25 [Bug rtl-optimization/64294] New: invalid code, zero check gets optimized away gcc at breakpoint dot cc
` (5 preceding siblings ...)
2014-12-20 11:53 ` mikpelinux at gmail dot com
@ 2014-12-20 14:30 ` gcc at breakpoint dot cc
2014-12-20 14:35 ` gcc at breakpoint dot cc
` (2 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: gcc at breakpoint dot cc @ 2014-12-20 14:30 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64294
--- Comment #8 from Sebastian Andrzej Siewior <gcc at breakpoint dot cc> ---
Created attachment 34305
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=34305&action=edit
self-contained complete TC
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug rtl-optimization/64294] invalid code, zero check gets optimized away
2014-12-12 22:25 [Bug rtl-optimization/64294] New: invalid code, zero check gets optimized away gcc at breakpoint dot cc
` (6 preceding siblings ...)
2014-12-20 14:30 ` gcc at breakpoint dot cc
@ 2014-12-20 14:35 ` gcc at breakpoint dot cc
2014-12-20 15:24 ` mikpelinux at gmail dot com
2014-12-20 21:21 ` gcc at breakpoint dot cc
9 siblings, 0 replies; 11+ messages in thread
From: gcc at breakpoint dot cc @ 2014-12-20 14:35 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64294
--- Comment #9 from Sebastian Andrzej Siewior <gcc at breakpoint dot cc> ---
I added the complete function including its callers.
$ gcc -g -o petite petite.c -Wall -O2
$ ./petite
447=> 5
452=> 5
447=> 5
452=> 5
447=> 0
452=> 0
Segmentation fault
---
$ gcc -g -o petite petite.c -Wall -O1
$ ./petite
447=> -12
->1
----
As you see the value in line 447 is different in -O2 vs -O1. And with -O2 it
continues with 0 to start the loop.
I have to run now, maybe I have later some time to figure out why the value in
line 447 is different in -O2 vs -O1.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug rtl-optimization/64294] invalid code, zero check gets optimized away
2014-12-12 22:25 [Bug rtl-optimization/64294] New: invalid code, zero check gets optimized away gcc at breakpoint dot cc
` (7 preceding siblings ...)
2014-12-20 14:35 ` gcc at breakpoint dot cc
@ 2014-12-20 15:24 ` mikpelinux at gmail dot com
2014-12-20 21:21 ` gcc at breakpoint dot cc
9 siblings, 0 replies; 11+ messages in thread
From: mikpelinux at gmail dot com @ 2014-12-20 15:24 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64294
--- Comment #10 from Mikael Pettersson <mikpelinux at gmail dot com> ---
You're invoking undefined behaviour due to overflow in signed integer
arithmetic.
Running it after compiling with -fsanitize=undefined produces:
petite.c:391:28: runtime error: signed integer overflow: 2147483647 * 2 cannot
be represented in type 'int'
Fixing that in the following crude way:
--- petite.c 2014-12-20 16:02:59.786063515 +0100
+++ petite-fixed.c 2014-12-20 16:15:05.030889115 +0100
@@ -388,7 +388,7 @@
free(usects);
return 1;
}
- backbytes = backbytes*2 + oob;
+ backbytes = (int)((unsigned
int)backbytes*2 + (unsigned int)oob);
if ( (oob = doubledl(&ssrc,
&mydl, buf, bufsz)) == -1 ) {
free(usects);
return 1;
allows the testcase to work at -O2 and -O3.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug rtl-optimization/64294] invalid code, zero check gets optimized away
2014-12-12 22:25 [Bug rtl-optimization/64294] New: invalid code, zero check gets optimized away gcc at breakpoint dot cc
` (8 preceding siblings ...)
2014-12-20 15:24 ` mikpelinux at gmail dot com
@ 2014-12-20 21:21 ` gcc at breakpoint dot cc
9 siblings, 0 replies; 11+ messages in thread
From: gcc at breakpoint dot cc @ 2014-12-20 21:21 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64294
Sebastian Andrzej Siewior <gcc at breakpoint dot cc> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution|--- |INVALID
--- Comment #11 from Sebastian Andrzej Siewior <gcc at breakpoint dot cc> ---
(In reply to Mikael Pettersson from comment #10)
> You're invoking undefined behaviour due to overflow in signed integer
> arithmetic.
Sir, you made my day. So it is undefained behaviour and showed me even how to
catch those things. Thank you.
^ permalink raw reply [flat|nested] 11+ messages in thread