Launchpad has imported 2 comments from the remote bug at http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59744.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2014-01-10T00:30:27+00:00 Michael Hudson-Doyle wrote: Hi, This slightly strangely written program (it's distilled down from frame_offset_overflow in the gcc source itself) should print "bigger" if the first argument is bigger than 10 (or negative, but let's ignore that please): #include <stdlib.h> #include <stdio.h> int a[2] = { 10, 20 }; int is_bigger (long offset, int index) { unsigned long size = -offset; if (size > a[index]) { printf("bigger\n"); return 1; } return 0; } int main (int argc, char** argv) { long v; v = atol(argv[1]); is_bigger(-v, 0); return 0; } When compiled at -O1 or above (and with inlining disabled at -O2 and above), though, it bungles the 0 case: (t-doko)mwhudson@arm64:~$ gcc-4.9 -O3 test.c -o test -fno-inline -Wall (t-doko)mwhudson@arm64:~$ ./test 1 (t-doko)mwhudson@arm64:~$ ./test 11 bigger (t-doko)mwhudson@arm64:~$ ./test 0 bigger (t-doko)mwhudson@arm64:~$ gcc-4.9 -O0 test.c -o test -Wall (t-doko)mwhudson@arm64:~$ ./test 1 (t-doko)mwhudson@arm64:~$ ./test 11 bigger (t-doko)mwhudson@arm64:~$ ./test 0 (t-doko)mwhudson@arm64:~$ What's going on? Here's the disassembly of is_bigger (at O3): 0000000000400608 <is_bigger>: 400608: b0000082 adrp x2, 411000 <_GLOBAL_OFFSET_TABLE_+0x28> 40060c: 91010042 add x2, x2, #0x40 400610: a9bf7bfd stp x29, x30, [sp,#-16]! 400614: 52800003 mov w3, #0x0 // #0 400618: 910003fd mov x29, sp 40061c: b8a1d841 ldrsw x1, [x2,w1,sxtw #2] 400620: ab00003f cmn x1, x0 400624: 540000a2 b.cs 400638 <is_bigger+0x30> 400628: 90000000 adrp x0, 400000 <_init-0x3f8> 40062c: 911b6000 add x0, x0, #0x6d8 400630: 97ffff90 bl 400470 <puts@plt> 400634: 52800023 mov w3, #0x1 // #1 400638: 2a0303e0 mov w0, w3 40063c: a8c17bfd ldp x29, x30, [sp],#16 400640: d65f03c0 ret Basically it seems that the condition "-offset > val" is being compiled as "val + offset does not overflow", which is not valid for offset == 0. Reply at: https://bugs.launchpad.net/gcc-linaro/+bug/1267761/comments/0 ------------------------------------------------------------------------ On 2014-01-10T01:00:19+00:00 Pinskia wrote: (insn 14 13 15 2 (set (reg:CC_SWP 66 cc) (compare:CC_SWP (neg:DI (reg:DI 0 x0 [ offset ])) (reg:DI 1 x1 [orig:85 D.3895 ] [85]))) t7.c:11 114 {*compare_negdi} (expr_list:REG_DEAD (reg:DI 1 x1 [orig:85 D.3895 ] [85]) (expr_list:REG_DEAD (reg:DI 0 x0 [ offset ]) (nil)))) --- CUT --- Here is a testcase that fails at -O1 and above without any arguments. int a[2] = { 10, 20 }; int is_bigger (long, int) __attribute__((noinline,noclone)); int is_bigger (long offset, int index) { unsigned long size = -offset; if (size > a[index]) return 1; return 0; } int main (int argc, char** argv) { long v; if (is_bigger(0, 0)) __builtin_abort (); if (!is_bigger(1, 0)) __builtin_abort (); if (is_bigger(-10, 0)) __builtin_abort (); if (!is_bigger(10, 0)) __builtin_abort (); return 0; } Reply at: https://bugs.launchpad.net/gcc-linaro/+bug/1267761/comments/1 ** Changed in: gcc Status: Unknown => Confirmed ** Changed in: gcc Importance: Unknown => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1267761 Title: miscompilation of unsigned comparison on aarch64 To manage notifications about this bug go to: https://bugs.launchpad.net/gcc/+bug/1267761/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs