public inbox for gcc-prs@sourceware.org
help / color / mirror / Atom feed
* c/7677: Gcc 3.2 generate the wrong target machine code, TOO, making the target crash
@ 2002-08-21 8:36 lium
0 siblings, 0 replies; 3+ messages in thread
From: lium @ 2002-08-21 8:36 UTC (permalink / raw)
To: gcc-gnats; +Cc: wxf
>Number: 7677
>Category: c
>Synopsis: Gcc 3.2 generate the wrong target machine code, TOO, making the target crash
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: unassigned
>State: open
>Class: wrong-code
>Submitter-Id: net
>Arrival-Date: Wed Aug 21 06:46:02 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Start network, int.
>Release: GCC v3.2
>Organization:
>Environment:
Host: x86-cygwin
Target: ARM7TDMI
>Description:
the Gcc generate wrong target machine code, which cause unexpected error. and the target machine code was logical error.
you can get the detail from my attached file.
the following is the file:
/* begin of module */
/*
* hi,
* i'm a programmer for a embedded system project,
* i am using the gcc as the compiler. my host is x86, and target machine
* is ARM.
* the follwing is my bug report. would you tell me is it a bug, and if it
* was a bug, how can i avoid facing it.
* thanks in advanced.
*
* BTW, i upgrade to Gcc v3.2, but i faced the same bug.
*
* GCC BUG REPORT
* when i complid the following source code,
* the gcc complier will generate a big bug,
* which may cause the local variable len get a invalid value.
* it is terrible for me.
* i found it when i disassemble the obj file.
* So, you can disamble the .o file and you will touch the bug.
* the following is the example disassemble
.text:00000000 EXPORT test
.text:00000000 test
.text:00000000 MOV R12, SP
.text:00000004 STMFD SP!, {R4-R7,R11,R12,LR,PC}
.text:00000008 LDR R7, [R0,#0x6C]
.text:0000000C CMP R7, #0
.text:00000010 SUB R11, R12, #4
.text:00000014 MOV R6, R0
.text:00000018 BEQ loc_0_88
.text:0000001C
.text:0000001C loc_0_1C ; CODE XREF: test+84j
.text:0000001C LDR R4, [R7,#4]
.text:00000020 MOV R1, R6
.text:00000024 MOV R0, R4
.text:00000028 BL get_tcp_header
.text:0000002C LDR R5, [R6,#4]
.text:00000030 LDRB R1, [R0,#0xC]
.text:00000034 LDRB R2, [R0,#0xD]
.text:00000038 CMP R5, #0
.text:0000003C MOV LR, R1,LSR#4
.text:00000040 MOV R12, LR,LSL#2
//// error machine code /////
.text:00000044 ANDS LR, R2, #3
.text:00000048 MOVNE LR, #1
.text:0000004C LDREQ R2, =bytes
.text:00000050 LDR R1, [R4,#0x10]
.text:00000054 LDREQB R3, [R2]
.text:00000058 LDRNE R3, [R5,#8]
.text:0000005C RSB R3, R3, R1
.text:00000060 RSB R2, R12, R3
.text:00000064 LDR R1, [R0,#4]
.text:00000068 SUB R3, R2, #0x14
.text:0000006C LDR R2, [R6,#0xBC]
.text:00000070 ADD R12, R1, R3
.text:00000074 SUB R0, R2, #0x1E
.text:00000078 ADD R1, R12, LR
.text:0000007C BL haha
.text:00000080 CMP R0, #0
.text:00000084 BEQ loc_0_1C
.text:00000088
.text:00000088 loc_0_88 ; CODE XREF: test+18j
.text:00000088 MOV R0, #0
.text:0000008C LDMDB R11, {R4-R7,R11,SP,PC}
.text:0000008C ; End of function test
* thanks in advanced.
*/
/*
* host: cygwin x86
*/
/*
* target machine: ARM7TDMI
*/
/*
* gcc version shown by command 'arm-elf-gcc -v':
*
*******************************************************************************************************
Reading specs from /usr/local/cross-gcc/arm-elf-gcc.3.2//lib/gcc-lib/arm-elf/3.2/specs
Configured with: ./configure --prefix=/usr/local/cross-gcc/arm-elf-gcc.3.2/ --target=arm-elf --with-
newlib --enable-multilib --with-gnu-as --with-gnu-ld
Thread model: single
gcc version 3.2
*******************************************************************************************************
*/
/* compiling command */
/* arm-elf-gcc -c -nostdinc -O3 -fno-builtin -fno-inline-functions -fsigned-char -Wa,--EB -mbig-endian -pipe -Wall -Wpointer-arith -Wstrict-prototypes -Wno-format */
/* the following is the source code which will touch the big bug */
typedef struct ele_ {
struct ele_ *next;
void *data;
} ele;
typedef struct queue_{
struct queue_ *next;
void *qhead;
void *qtail;
unsigned long size;
}queue;
typedef struct options_{
struct options_ *next;
void *data;
unsigned long pad_len;
}options;
#define QUEUECOUNT 10
typedef struct ch_control_ {
struct ch_control_ *next;
options *option;
unsigned long tiemout;
unsigned window_size;
unsigned send_window_size;
unsigned segment_size;
queue q[QUEUECOUNT];
unsigned int ch_inited;
unsigned int nak;
}ch_control;
typedef struct tcp_hdr_type_ {
unsigned short sport;
unsigned short dport;
unsigned long snumber;
unsigned long acknumber;
unsigned dataoffset: 4;
unsigned reserved: 6;
unsigned urg: 1;
unsigned ack: 1;
unsigned psh: 1;
unsigned rst: 1;
unsigned syn: 1;
unsigned fin: 1;
unsigned short window;
unsigned short checksum;
unsigned short urgentpointer;
unsigned char data[4];
}tcp_hdr_type;
typedef struct packet_type_{
struct packet_type_ *next;
unsigned char *datastart;
unsigned char *network_start;
unsigned char *transport_start;
unsigned int length;
}packet_type;
typedef int boolean;
unsigned char bytes;
#define MINBYTES 20
#define HEADERLENGTH(opt) (((opt) ? (opt)->pad_len + MINBYTES : (MINBYTES + bytes)))
extern ch_control *get_tcp_header(packet_type *, ch_control *);
extern int haha(int, int, int);
int test(ch_control *cc)
{
packet_type *packet;
packet_type *header;
tcp_hdr_type *tp;
int del, len;
ele *element, *next_element;
boolean snext, get, noe, diu;
len = 0;
snext = 0;
get = 0;
noe = 0;
diu = 0;
element = (ele *)cc->q[5].qhead;
header = element ? element->data:0;
if (element)
noe = 1;
while (element) {
next_element = element->next;
packet = (packet_type *)element->data;
tp = get_tcp_header(packet, cc);
del = (tp->syn || tp->fin)? 1:0;
len = packet->length - HEADERLENGTH(cc->option) - (tp->dataoffset << 2);
if (haha(cc->nak - 30,
tp->snumber + len + del, cc->nak)) {
break;
return 1;
}
}
return 0;
}
/* end of module */
>How-To-Repeat:
compile the file, and then read the target machie code file.
>Fix:
UP side down the two comparation instruction which cause the error.
>Release-Note:
>Audit-Trail:
>Unformatted:
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: c/7677: Gcc 3.2 generate the wrong target machine code, TOO, making the target crash
@ 2002-09-21 4:09 rearnsha
0 siblings, 0 replies; 3+ messages in thread
From: rearnsha @ 2002-09-21 4:09 UTC (permalink / raw)
To: gcc-bugs, gcc-prs, lium, nobody, rearnsha, wxf
Synopsis: Gcc 3.2 generate the wrong target machine code, TOO, making the target crash
Responsible-Changed-From-To: unassigned->rearnsha
Responsible-Changed-By: rearnsha
Responsible-Changed-When: Sat Sep 21 04:09:40 2002
Responsible-Changed-Why:
.
State-Changed-From-To: open->closed
State-Changed-By: rearnsha
State-Changed-When: Sat Sep 21 04:09:40 2002
State-Changed-Why:
This does indeed appear to have been fixed now.
http://gcc.gnu.org/cgi-bin/gnatsweb.pl?cmd=view%20audit-trail&database=gcc&pr=7677
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: c/7677: Gcc 3.2 generate the wrong target machine code, TOO, making the target crash
@ 2002-09-20 13:26 Daniel Jacobowitz
0 siblings, 0 replies; 3+ messages in thread
From: Daniel Jacobowitz @ 2002-09-20 13:26 UTC (permalink / raw)
To: nobody; +Cc: gcc-prs
The following reply was made to PR c/7677; it has been noted by GNATS.
From: Daniel Jacobowitz <drow@mvista.com>
To: lium@i-net.com.cn, gcc-gnats@gcc.gnu.org, gcc-bugs@gcc.gnu.org,
wxf@start.com.cn
Cc: Richard Earnshaw <rearnsha@arm.com>
Subject: Re: c/7677: Gcc 3.2 generate the wrong target machine code, TOO, making the target crash
Date: Fri, 20 Sep 2002 16:25:20 -0400
I believe this bug is fixed on the GCC 3.2 branch now, by the same patch
that fixed optimization/7967.
--
Daniel Jacobowitz
MontaVista Software Debian GNU/Linux Developer
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2002-09-21 11:09 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2002-08-21 8:36 c/7677: Gcc 3.2 generate the wrong target machine code, TOO, making the target crash lium
2002-09-20 13:26 Daniel Jacobowitz
2002-09-21 4:09 rearnsha
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).