http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53053
Bug #: 53053
Summary: code-gen (missing loop-termination test) bug
introduced between April 18 and April 19th
Classification: Unclassified
Product: gcc
Version: 4.8.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
AssignedTo: unassig...@gcc.gnu.org
ReportedBy: j...@meyering.net
Background, gcc-compiled emacs (bzr trunk) began to segfault
differently when compiled with yesterday's gcc-trunk.
Given this function from emacs' dispnew.c,
(LAST_AREA is an enum with value 3)
static __attribute__((noinline)) void
swap_glyph_pointers (struct glyph_row *a, struct glyph_row *b)
{
unsigned int i;
unsigned hash_tem = a->hash;
for (i = 0; i < LAST_AREA + 1; ++i)
{
struct glyph *temp = a->glyphs[i];
short used_tem = a->used[i];
a->glyphs[i] = b->glyphs[i];
b->glyphs[i] = temp;
a->used[i] = b->used[i];
b->used[i] = used_tem;
}
a->hash = b->hash;
b->hash = hash_tem;
}
*** FAILURE: using yesterday's gcc
Compiling dispnew with -O1 or less there is no problem.
Compiling just dispnew.c with -O2 (all the rest is compiled with -ggdb3)
via make CFLAGS='-O2 -ggdb3' CC=/p/p/gcc-2012-04-19.16h18/bin/gcc
* currently-generated code, "i" increases until segfault:
0000000000000120 <swap_glyph_pointers>:
120: 31 c0 xor %eax,%eax
122: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
128: 48 8b 0c 87 mov (%rdi,%rax,4),%rcx
12c: 4c 8b 04 86 mov (%rsi,%rax,4),%r8
130: 0f b7 54 07 20 movzwl 0x20(%rdi,%rax,1),%edx
135: 4c 89 04 87 mov %r8,(%rdi,%rax,4)
139: 48 89 0c 86 mov %rcx,(%rsi,%rax,4)
13d: 0f b7 4c 06 20 movzwl 0x20(%rsi,%rax,1),%ecx
142: 66 89 4c 07 20 mov %cx,0x20(%rdi,%rax,1)
147: 66 89 54 06 20 mov %dx,0x20(%rsi,%rax,1)
14c: 48 83 c0 02 add $0x2,%rax
150: eb d6 jmp 128 <swap_glyph_pointers+0x8>
152: 66 66 66 66 66 2e 0f data32 data32 data32 data32 nopw
%cs:0x0(%rax,%rax,1)
159: 1f 84 00 00 00 00 00
*** SUCCESS: using gcc from Wed April 18
Compiling the same file with gcc built from a snapshot a day earlier,
make CFLAGS='-O2 -ggdb3' CC=/p/p/gcc-2012-04-18.15h00/bin/gcc
* code generated by svn/trunk of gcc-2012-04-18.15h00 (UTC),
This loop terminates normally.
0000000000000120 <swap_glyph_pointers>:
120: 44 8b 4f 4c mov 0x4c(%rdi),%r9d
124: 31 c0 xor %eax,%eax
126: 48 8b 0c 87 mov (%rdi,%rax,4),%rcx
12a: 4c 8b 04 86 mov (%rsi,%rax,4),%r8
12e: 0f b7 54 07 20 movzwl 0x20(%rdi,%rax,1),%edx
133: 4c 89 04 87 mov %r8,(%rdi,%rax,4)
137: 48 89 0c 86 mov %rcx,(%rsi,%rax,4)
13b: 0f b7 4c 06 20 movzwl 0x20(%rsi,%rax,1),%ecx
140: 66 89 4c 07 20 mov %cx,0x20(%rdi,%rax,1)
145: 66 89 54 06 20 mov %dx,0x20(%rsi,%rax,1)
14a: 48 83 c0 02 add $0x2,%rax
14e: 48 83 f8 08 cmp $0x8,%rax
152: 75 d2 jne 126 <swap_glyph_pointers+0x6>
154: 8b 46 4c mov 0x4c(%rsi),%eax
157: 89 47 4c mov %eax,0x4c(%rdi)
15a: 44 89 4e 4c mov %r9d,0x4c(%rsi)
15e: c3 retq
15f: 90 nop
