NetBSD Problem Report #11292

Received: (qmail 3504 invoked from network); 23 Oct 2000 07:50:43 -0000
Message-Id: <200010230750.e9N7ohh07830@chuq.com>
Date: Mon, 23 Oct 2000 00:50:43 -0700 (PDT)
From: Chuck Silvers <chuq@chuq.com>
Reply-To: Chuck Silvers <chuq@chuq.com>
To: gnats-bugs@gnats.netbsd.org
Subject: gcc mips optimizer bug with ffs()
X-Send-Pr-Version: 3.95

>Number:         11292
>Category:       toolchain
>Synopsis:       gcc mips optimizer bug with ffs()
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    thorpej
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Oct 23 07:51:00 +0000 2000
>Closed-Date:    Sun Jul 07 16:26:43 +0000 2002
>Last-Modified:  Sun Jul 07 16:26:43 +0000 2002
>Originator:     Chuck Silvers
>Release:        1.4.2 and later
>Organization:
myself
>Environment:

gcc version egcs-2.91.60 19981201 (egcs-1.1.1 release)

and

gcc version egcs-2.91.66 19990314 (egcs-1.1.2 release)


>Description:

the versions of gcc listed above mis-optimize the ffs() function
in certain cases.

compile this test program with and without -O2 and note the different output:

% cat ffs-bug.c
#include <stdio.h>

int a, b, c;

void bug(int *ap, int *bp, int *cp);


void
bug(int *ap, int *bp, int *cp)
{
        *bp = *ap;
        *cp = ffs(*bp);
}

int
main(int argc, char **argv)
{
        a = 8;
        bug(&a, &b, &c);
        printf("%d %d %d\n", a, b, c);
        exit(0);
}

% cc -o ffs-bug ffs-bug.c 
% cc ./ffs-bug 
8 8 4
% cc -O2 -o ffs-bug ffs-bug.c
% ./ffs-bug
8 0 4
% 


dissembling the .o file, we see these instructions for bug():

00000000 <bug>:
...
   c:   8c830000        lw      $v1,0($a0)
  10:   00001021        move    $v0,$zero
  14:   10600004        beqz    $v1,28 <bug+0x28>
  18:   30670001        andi    $a3,$v1,0x1
  1c:   24420001        addiu   $v0,$v0,1
  20:   10e0fffd        beqz    $a3,18 <bug+0x18>
  24:   00031842        srl     $v1,$v1,0x1
  28:   aca30000        sw      $v1,0($a1)
  2c:   03e00008        jr      $ra
  30:   acc20000        sw      $v0,0($a2)


the optimizer has moved the store for "*bp = *ap" after
the inline-expansion of ffs(), which clobbers the register
containing the desired value, so *bp will always be set to zero.


>How-To-Repeat:
	see above example.

>Fix:
	dunno.
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: thorpej 
State-Changed-When: Fri May 10 15:19:48 PDT 2002 
State-Changed-Why:  
Is this still a problem with GCC 2.95.3? 


Responsible-Changed-From-To: port-mips-maintainer->thorpej 
Responsible-Changed-By: thorpej 
Responsible-Changed-When: Fri May 10 15:19:48 PDT 2002 
Responsible-Changed-Why:  
I will handle this PR. 
State-Changed-From-To: feedback->closed 
State-Changed-By: chs 
State-Changed-When: Sun Jul 7 09:25:52 PDT 2002 
State-Changed-Why:  
simonb reports this is fixed with gcc 2.95.3. 
>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.