https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112415
--- Comment #29 from John David Anglin <danglin at gcc dot gnu.org> ---
The miscompilation is in compiler_visit_expr:
(gdb) r
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program:
/home/dave/debian/python3.11/python3.11-3.11.6/build-static/Programs/_freeze_module
importlib._bootstrap ../Lib/importlib/_bootstrap.py
Python/frozen_modules/importlib._bootstrap.h
warning: Unable to find libthread_db matching inferior's thread library, thread
debugging will not be available.
Breakpoint 2, compiler_jump_if (c=0xf8f02508, e=0x5763f8, next=0xfaeaa908,
cond=0) at ../Python/compile.c:2898
2898 {
(gdb) watch *0xfaea51b8
Watchpoint 3: *0xfaea51b8
(gdb) c
Continuing.
Watchpoint 3: *0xfaea51b8
Old value = -85046408
New value = 43
0x0019c688 in compiler_visit_expr (e=0x576308, c=0xf8f02508) at
../Python/compile.c:5968
5968 SET_LOC(c, e);
(gdb) bt
#0 0x0019c688 in compiler_visit_expr (e=0x576308, c=0xf8f02508)
at ../Python/compile.c:5968
#1 compiler_call_helper (c=0xf8f02508, n=0, args=<optimized out>,
keywords=0x0) at ../Python/compile.c:5138
#2 0x0019ec70 in compiler_visit_expr (e=<optimized out>, c=0xf8f02508)
at ../Python/compile.c:5969
#3 compiler_jump_if (c=0xf8f02508, e=<optimized out>, next=0x0,
cond=<optimized out>) at ../Python/compile.c:2988
#4 0x001a0770 in compiler_if (s=0x0, c=0x5763c0) at ../Python/compile.c:3090
#5 compiler_visit_stmt (c=0x5763c0, s=0x0) at ../Python/compile.c:4118
#6 0x001a1378 in compiler_for (s=0x0, c=0x5763c0) at ../Python/compile.c:3124
#7 compiler_visit_stmt (c=0x5763c0, s=0x0) at ../Python/compile.c:4114
#8 0x001a3170 in compiler_function (c=0x2, s=<optimized out>,
is_async=<optimized out>) at ../Python/compile.c:2670
#9 0x001a3438 in compiler_body (c=0x0, stmts=0x5763c0)
at ../Python/compile.c:2180
#10 0x001a5cdc in compiler_mod (mod=0x0, c=0xf8f02528)
at ../Python/compile.c:2197
#11 _PyAST_Compile (mod=0x0, filename=0xf8f02528, flags=<optimized out>,
optimize=<optimized out>, arena=<optimized out>) at ../Python/compile.c:581
#12 0x001dea00 in Py_CompileStringObject (optimize=0, flags=0x5763c0, start=0,
filename=0x2, str=0x0) at ../Python/pythonrun.c:1799
#13 Py_CompileStringExFlags (str=0x0, filename_str=<optimized out>, start=0,
--Type <RET> for more, q to quit, c to continue without paging--
flags=0x5763c0, optimize=<optimized out>) at ../Python/pythonrun.c:1812
#14 0x000167a4 in compile_and_marshal (text=0x0,
name=0x2 <error: Cannot access memory at address 0x2>)
at ../Programs/_freeze_module.c:125
#15 main (argc=0, argv=<optimized out>) at ../Programs/_freeze_module.c:230
(gdb) diass $pc-16,$pc+16
Undefined command: "diass". Try "help".
(gdb) disass $pc-16,$pc+16
Dump of assembler code from 0x19c678 to 0x19c698:
0x0019c678 <compiler_call_helper+576>: ldw 14(r25),ret1
0x0019c67c <compiler_call_helper+580>: ldw 18(r25),r31
0x0019c680 <compiler_call_helper+584>: ldw 1c(r25),ret0
0x0019c684 <compiler_call_helper+588>: stw r23,0(r22)
=> 0x0019c688 <compiler_call_helper+592>: stw ret1,0(r21)
0x0019c68c <compiler_call_helper+596>: stw r31,0(r20)
0x0019c690 <compiler_call_helper+600>: b,l 0x198d58
<compiler_visit_expr1>,rp
0x0019c694 <compiler_call_helper+604>: stw ret0,0(r19)
End of assembler dump.
The code at 0x0019c688 clobbers the value at c->u->u_ste:
(gdb) p/x $r21
$35 = 0xfaea51b8
(gdb) p/x *c
$36 = {c_filename = 0xfaed9480, c_st = 0xfaeafd10, c_future = 0xfaef7030,
c_flags = 0xf8f02544, c_optimize = 0x0, c_interactive = 0x0,
c_nestlevel = 0x2, c_const_cache = 0xfae81280, u = 0xfaea51b8,
c_stack = 0xfae57a88, c_arena = 0xfaec0c90}
(gdb) p/x *c->u
$37 = {u_ste = 0x2b, u_name = 0xfae7ff80, u_qualname = 0xfae7ff80,
u_scope_type = 0x2, u_consts = 0xfaeaa7f8, u_names = 0xfaeaa7d0,
u_varnames = 0xfaeaa780, u_cellvars = 0xfaeaa7a8, u_freevars = 0xfaeaa758,
u_private = 0x0, u_argcount = 0x2, u_posonlyargcount = 0x0,
u_kwonlyargcount = 0x0, u_blocks = 0xfaeaa908, u_curblock = 0xfaeaa868,
u_nfblocks = 0x1, u_fblock = {{fb_type = 0x1, fb_block = 0xfaeaa840,
fb_exit = 0xfaeaa8b8, fb_datum = 0x0}, {fb_type = 0x0, fb_block = 0x0,
fb_exit = 0x0, fb_datum = 0x0} <repeats 19 times>},
u_firstlineno = 0x28, u_lineno = 0x2b, u_col_offset = 0xb,
u_end_lineno = 0x2b, u_end_col_offset = 0x20,
u_need_new_implicit_block = 0x0}
(gdb) p/x $r23
$38 = 0x2b
#define SET_LOC(c, x) \
(c)->u->u_lineno = (x)->lineno; \
(c)->u->u_col_offset = (x)->col_offset; \
(c)->u->u_end_lineno = (x)->end_lineno; \
(c)->u->u_end_col_offset = (x)->end_col_offset;
(gdb) p/x *e
$40 = {kind = 0x18, v = {BoolOp = {op = 0xfaeb8b60, values = 0x1},
NamedExpr = {target = 0xfaeb8b60, value = 0x1}, BinOp = {
left = 0xfaeb8b60, op = 0x1, right = 0x0}, UnaryOp = {op = 0xfaeb8b60,
operand = 0x1}, Lambda = {args = 0xfaeb8b60, body = 0x1}, IfExp = {
test = 0xfaeb8b60, body = 0x1, orelse = 0x0}, Dict = {keys = 0xfaeb8b60,
values = 0x1}, Set = {elts = 0xfaeb8b60}, ListComp = {elt = 0xfaeb8b60,
generators = 0x1}, SetComp = {elt = 0xfaeb8b60, generators = 0x1},
DictComp = {key = 0xfaeb8b60, value = 0x1, generators = 0x0},
GeneratorExp = {elt = 0xfaeb8b60, generators = 0x1}, Await = {
value = 0xfaeb8b60}, Yield = {value = 0xfaeb8b60}, YieldFrom = {
value = 0xfaeb8b60}, Compare = {left = 0xfaeb8b60, ops = 0x1,
comparators = 0x0}, Call = {func = 0xfaeb8b60, args = 0x1,
keywords = 0x0}, FormattedValue = {value = 0xfaeb8b60, conversion = 0x1,
format_spec = 0x0}, JoinedStr = {values = 0xfaeb8b60}, Constant = {
value = 0xfaeb8b60, kind = 0x1}, Attribute = {value = 0xfaeb8b60,
attr = 0x1, ctx = 0x0}, Subscript = {value = 0xfaeb8b60, slice = 0x1,
ctx = 0x0}, Starred = {value = 0xfaeb8b60, ctx = 0x1}, Name = {
id = 0xfaeb8b60, ctx = 0x1}, List = {elts = 0xfaeb8b60, ctx = 0x1},
Tuple = {elts = 0xfaeb8b60, ctx = 0x1}, Slice = {lower = 0xfaeb8b60,
upper = 0x1, step = 0x0}}, lineno = 0x2b, col_offset = 0x18,
end_lineno = 0x2b, end_col_offset = 0x1f}
Seems like an offset issue.
