public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug target/97054] New: [r10-3559 Regression] Runtime segfault with attached test code
@ 2020-09-15 4:07 skpgkp2 at gmail dot com
2020-09-15 4:32 ` [Bug target/97054] " hjl.tools at gmail dot com
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: skpgkp2 at gmail dot com @ 2020-09-15 4:07 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97054
Bug ID: 97054
Summary: [r10-3559 Regression] Runtime segfault with attached
test code
Product: gcc
Version: 11.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: target
Assignee: unassigned at gcc dot gnu.org
Reporter: skpgkp2 at gmail dot com
CC: crazylht at gmail dot com, hjl.tools at gmail dot com
Target Milestone: ---
Created attachment 49218
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=49218&action=edit
reproducer test case.
Test case attached.
How to reproduce:
$g++ -fno-strict-aliasing -msse4.2 -mfpmath=sse -gdwarf-2 -Wall
-Wwrite-strings -fPIC -Wformat-security -fstack-protector-strong -O2
-Wfatal-errors -Wformat -Werror -Wundef repro.cc && ./a.out
Segmentation fault (core dumped)
(gdb) run
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /local/skpandey/gccwork/toolwork/a.out
Program received signal SIGSEGV, Segmentation fault.
0x00000000004011b0 in p2_ep_REBIND_IPC () at repro.cc:55
55 cur_pro->pc_RIP.i64 = code_lin_to_log(cur_pro,
int2linaddr(cur_pro, ipc));
(gdb) disass
Dump of assembler code for function p2_ep_REBIND_IPC():
0x0000000000401180 <+0>: push %r15
0x0000000000401182 <+2>: push %r12
0x0000000000401184 <+4>: mov %rbp,%r12
0x0000000000401187 <+7>: mov %r12,%rdi
0x000000000040118a <+10>: sub $0x18,%rsp
0x000000000040118e <+14>: mov $0x4040a0,%r15
0x0000000000401195 <+21>: mov 0x10(%rbp),%rbp
0x0000000000401199 <+25>: mov (%r15),%rsi
0x000000000040119c <+28>: mov %rbp,0x8(%rsp)
0x00000000004011a1 <+33>: mov %rsi,0x30(%r12)
0x00000000004011a6 <+38>: mov %rsi,0x8(%r12)
0x00000000004011ab <+43>: callq 0x401150 <int2linaddr(processor_t*,
p2_icode_t const*)>
=> 0x00000000004011b0 <+48>: movq $0x0,0x10(%rbp)
0x00000000004011b8 <+56>: mov %rbp,%rdi
0x00000000004011bb <+59>: callq 0x401160 <turbo_clear(processor*)>
0x00000000004011c0 <+64>: mov %rbp,%rdi
0x00000000004011c3 <+67>: mov 0x8(%rsp),%rbp
0x00000000004011c8 <+72>: mov %rbp,%rsi
0x00000000004011cb <+75>: callq 0x401170
<x86_log_to_icode_exec(processor_t*, la_t)>
0x00000000004011d0 <+80>: addq $0x4,(%r15)
0x00000000004011d4 <+84>: xor %edx,%edx
0x00000000004011d6 <+86>: mov %rax,0x30(%r12)
0x00000000004011db <+91>: subl $0x1,0x4(%rbp)
0x00000000004011df <+95>: mov 0x4(%rbp),%eax
0x00000000004011e2 <+98>: test %eax,%eax
0x00000000004011e4 <+100>: movsbl 0x0(%rbp),%eax
0x00000000004011e8 <+104>: setle %dl
0x00000000004011eb <+107>: or %eax,%edx
0x00000000004011ed <+109>: jne 0x4011f5 <p2_ep_REBIND_IPC()+117>
0x00000000004011ef <+111>: mov (%r15),%rax
0x00000000004011f2 <+114>: mov (%rax),%r13d
0x00000000004011f5 <+117>: add $0x18,%rsp
0x00000000004011f9 <+121>: xor %eax,%eax
0x00000000004011fb <+123>: pop %r12
0x00000000004011fd <+125>: pop %r15
0x00000000004011ff <+127>: retq
End of assembler dump.
Configured with: ../../gcc/configure
--prefix=/local/skpandey/gccwork/toolwork/gcc-bisect-master/master/r10-3559/usr
--enable-clocale=gnu --with-system-zlib --with-demangler-in-ld
--with-fpmath=sse --disable-libsanitizer --enable-languages=c,c++,fortran
--enable-cet --without-isl --enable-libmpx --disable-bootstrap
1bcb4c4faa4bd6b1c917c75b100d618faf9e628c is the first bad commit
commit 1bcb4c4faa4bd6b1c917c75b100d618faf9e628c
Author: Richard Sandiford <richard.sandiford@arm.com>
Date: Wed Oct 2 07:37:10 2019 +0000
[LRA] Don't make eliminable registers live (PR91957)
One effect of https://gcc.gnu.org/ml/gcc-patches/2019-09/msg00802.html
was to strengthen the sanity check in lra_assigns so that it checks
whether reg_renumber is consistent with the whole conflict set.
This duly tripped on csky for a pseudo that had been allocated
to the eliminated frame pointer. (csky doesn't have a separate
hard frame pointer.)
lra-lives uses:
/* Set of hard regs (except eliminable ones) currently live. */
static HARD_REG_SET hard_regs_live;
to track the set of live directly-referenced hard registers, and it
correctly implements the exclusion when setting up the initial set:
hard_regs_live &= ~eliminable_regset;
But later calls to make_hard_regno_live and make_hard_regno_dead
would process eliminable registers like other registers, recording
conflicts for them and potentially making them live. (Note that
after r266086, make_hard_regno_dead adds conflicts for registers
that are already marked dead.) I think this would have had the
effect of pessimising targets without a separate hard frame pointer.
2019-10-02 Richard Sandiford <richard.sandiford@arm.com>
gcc/
PR middle-end/91957
* lra-lives.c (make_hard_regno_dead): Don't record conflicts for
eliminable registers.
(make_hard_regno_live): Likewise, and don't make them live.
From-SVN: r276440
gcc/ChangeLog | 7 +++++++
gcc/lra-lives.c | 6 +++++-
2 files changed, 12 insertions(+), 1 deletion(-)
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug target/97054] [r10-3559 Regression] Runtime segfault with attached test code
2020-09-15 4:07 [Bug target/97054] New: [r10-3559 Regression] Runtime segfault with attached test code skpgkp2 at gmail dot com
@ 2020-09-15 4:32 ` hjl.tools at gmail dot com
2020-09-15 11:35 ` [Bug middle-end/97054] [10/11 Regression] Runtime segfault with attached test code since r10-3559 hjl.tools at gmail dot com
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: hjl.tools at gmail dot com @ 2020-09-15 4:32 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97054
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
CC| |richard.sandiford at arm dot com
Ever confirmed|0 |1
Version|11.0 |10.2.0
Last reconfirmed| |2020-09-15
Target Milestone|--- |10.3
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/97054] [10/11 Regression] Runtime segfault with attached test code since r10-3559
2020-09-15 4:07 [Bug target/97054] New: [r10-3559 Regression] Runtime segfault with attached test code skpgkp2 at gmail dot com
2020-09-15 4:32 ` [Bug target/97054] " hjl.tools at gmail dot com
@ 2020-09-15 11:35 ` hjl.tools at gmail dot com
2020-09-15 13:26 ` hjl.tools at gmail dot com
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: hjl.tools at gmail dot com @ 2020-09-15 11:35 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97054
--- Comment #1 from H.J. Lu <hjl.tools at gmail dot com> ---
Created attachment 49220
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=49220&action=edit
A patch
I am testing this.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/97054] [10/11 Regression] Runtime segfault with attached test code since r10-3559
2020-09-15 4:07 [Bug target/97054] New: [r10-3559 Regression] Runtime segfault with attached test code skpgkp2 at gmail dot com
2020-09-15 4:32 ` [Bug target/97054] " hjl.tools at gmail dot com
2020-09-15 11:35 ` [Bug middle-end/97054] [10/11 Regression] Runtime segfault with attached test code since r10-3559 hjl.tools at gmail dot com
@ 2020-09-15 13:26 ` hjl.tools at gmail dot com
2020-09-18 17:14 ` hjl.tools at gmail dot com
2020-09-29 14:14 ` hjl.tools at gmail dot com
4 siblings, 0 replies; 6+ messages in thread
From: hjl.tools at gmail dot com @ 2020-09-15 13:26 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97054
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |vmakarov at redhat dot com
Keywords| |patch
--- Comment #2 from H.J. Lu <hjl.tools at gmail dot com> ---
A patch is posted at
https://gcc.gnu.org/pipermail/gcc-patches/2020-September/553968.html
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/97054] [10/11 Regression] Runtime segfault with attached test code since r10-3559
2020-09-15 4:07 [Bug target/97054] New: [r10-3559 Regression] Runtime segfault with attached test code skpgkp2 at gmail dot com
` (2 preceding siblings ...)
2020-09-15 13:26 ` hjl.tools at gmail dot com
@ 2020-09-18 17:14 ` hjl.tools at gmail dot com
2020-09-29 14:14 ` hjl.tools at gmail dot com
4 siblings, 0 replies; 6+ messages in thread
From: hjl.tools at gmail dot com @ 2020-09-18 17:14 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97054
--- Comment #3 from H.J. Lu <hjl.tools at gmail dot com> ---
Fixed in GCC 11 by
commit 3c7c5f1d4a4b8328fb4c07483cdbfe4ea7762155
Author: Richard Sandiford <richard.sandiford@arm.com>
Date: Fri Sep 18 16:55:45 2020 +0100
ira: Fix elimination for global hard FPs [PR91957]
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug middle-end/97054] [10/11 Regression] Runtime segfault with attached test code since r10-3559
2020-09-15 4:07 [Bug target/97054] New: [r10-3559 Regression] Runtime segfault with attached test code skpgkp2 at gmail dot com
` (3 preceding siblings ...)
2020-09-18 17:14 ` hjl.tools at gmail dot com
@ 2020-09-29 14:14 ` hjl.tools at gmail dot com
4 siblings, 0 replies; 6+ messages in thread
From: hjl.tools at gmail dot com @ 2020-09-29 14:14 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97054
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #4 from H.J. Lu <hjl.tools at gmail dot com> ---
Fixed for GCC 10.3 by
commit 6959f60cb276ad530917c2d039d9edc19fefa216
Author: Richard Sandiford <richard.sandiford@arm.com>
Date: Fri Sep 18 16:55:45 2020 +0100
ira: Fix elimination for global hard FPs [PR97054]
If the hard frame pointer is being used as a global register,
we should skip the usual handling for eliminations. As the
comment says, the register cannot in that case be eliminated
(or eliminated to) and is already marked live where appropriate.
Doing this removes the duplicate error for gcc.target/i386/pr82673.c.
The “cannot be used in 'asm' here” message is meant to be for asm
statements rather than register asms, and the function that the
error is reported against doesn't use asm.
gcc/
2020-09-18 Richard Sandiford <richard.sandiford@arm.com>
PR middle-end/97054
* ira.c (ira_setup_eliminable_regset): Skip the special elimination
handling of the hard frame pointer if the hard frame pointer is
fixed.
gcc/testsuite/
2020-09-18 H.J. Lu <hjl.tools@gmail.com>
Richard Sandiford <richard.sandiford@arm.com>
PR middle-end/97054
* g++.target/i386/pr97054.C: New test.
* gcc.target/i386/pr82673.c: Remove redundant extra message.
(cherry picked from commit 3c7c5f1d4a4b8328fb4c07483cdbfe4ea7762155)
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-09-29 14:14 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-15 4:07 [Bug target/97054] New: [r10-3559 Regression] Runtime segfault with attached test code skpgkp2 at gmail dot com
2020-09-15 4:32 ` [Bug target/97054] " hjl.tools at gmail dot com
2020-09-15 11:35 ` [Bug middle-end/97054] [10/11 Regression] Runtime segfault with attached test code since r10-3559 hjl.tools at gmail dot com
2020-09-15 13:26 ` hjl.tools at gmail dot com
2020-09-18 17:14 ` hjl.tools at gmail dot com
2020-09-29 14:14 ` hjl.tools at gmail dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).