gcc-15 bugs, pile 1
About 4 months have passed since gcc-14.1.0
release. Around the same
time gcc-15
development has started and a few major changes were
merged into the master
development branch.
summary
This time I waited to collect about 20 bug reports I encountered:
c++/114933
:mcfgthread-1.6.1
type check failure. Ended up beingmcfgthread
bug caused by strongergcc
checks.tree-optimization/114872
:sagemath
SIGSEGV
ed due to broken assumptions aroundsetjmp()
/longjmp()
. Not agcc
bug either.target/115115
:highway-1.0.7
test suite expected too specific_mm_cvttps_epi32()
semantics. Agcc-12
regression!target/115146
:highway-1.0.7
test suite exposedgcc-15
bug in vectoringbswap16()
-like code.tree-optimization/115227
:libepoxy
,p11-kit
anddoxygen
can’t fit in RAM of 32-bitgcc
due to memory leak in value range propagation subsystem.target/115397
:numpy
ICE for-m32
:gcc
code generator generated a constant pool memory reference and crashed in instruction selection.c++/115403
:highway
build failure due to wrong scope handling of#pragma GCC target
bygcc
.tree-optimization/115602
:liblapack-3.12.0
ICE inslp
pass.gcc
generated a self-reference cycle after applying code sub-expression elimination.bootstrap/115655
:gcc
bootstrap failure on-Werror=unused-function
.libstdc++/115797
:gcc
failed to compileextern "C" { #include <math.h> }
code.<math.h>
was fixed to survive such imports.middle-end/115863
: wrong code onzlib
when handling saturated logic. A bug in truncation handling.rtl-optimization/115916
: wrong code onhighway
. Bad arithmetic shiftubsan
-related fix ingcc
’s own code.middle-end/115961
: wrong code onllvm
, bad bit field truncation handling for sub-byte bitfield sizes. Saturated truncation arithmetics handling was applied too broadly.tree-optimization/115991
: ICE onlinux-6.10
. Caused by too broad acceptance of sub-register use in an instruction. ENded up selecting invalid instructions.rtl-optimization/116037
:python3
hang up due to an-fext-dce
bug.rtl-optimization/116200
: crash duringgcc
bootstrap, wrong code onlibgcrypt
. A bug inRTL
constant pool handling.rtl-optimization/116353
: ICE onglibc-2.39
. AnotherRTL
bug wheregcc
instruction selector was presented with invalid value reference.middle-end/116411
: ICE onreadline-8.2p13
. Conditional operation was incorrectly optimized for some of built-in functions used in branches.tree-optimization/116412
: ICE onopenblas-0.3.28
. Similar to the above: conditional operation was incorrectly optimized for complex types.
fun bug
The zlib
bug is probably the most
unusual one. Due to a typo in newly introduced set of optimizations
gcc
managed to convert a > b ? b : a
type of expressions into an
equivalent of b > a ? b : a
. But it only does it for b = INT_MAX
type of arguments (case of saturation).
As a result it only broke zlib
test suite as it specifically tests for
out of range access to cause SIGSEGV
. For well-behaved inputs it never
caused any problems. The gcc
fix
was trivial:
--- a/gcc/config/i386/i386.md
+++ b/gcc/config/i386/i386.md
@@ -9990,7 +9990,7 @@
rtx sat = force_reg (DImode, GEN_INT (GET_MODE_MASK (<MODE>mode)));
rtx dst;
- emit_insn (gen_cmpdi_1 (op1, sat));
+ emit_insn (gen_cmpdi_1 (sat, op1));
if (TARGET_CMOVE)
{@@ -10026,7 +10026,7 @@
rtx sat = force_reg (SImode, GEN_INT (GET_MODE_MASK (<MODE>mode)));
rtx dst;
- emit_insn (gen_cmpsi_1 (op1, sat));
+ emit_insn (gen_cmpsi_1 (sat, op1));
if (TARGET_CMOVE)
{@@ -10062,7 +10062,7 @@
rtx sat = force_reg (HImode, GEN_INT (GET_MODE_MASK (QImode)));
rtx dst;
- emit_insn (gen_cmphi_1 (op1, sat));
+ emit_insn (gen_cmphi_1 (sat, op1));
if (TARGET_CMOVE) {
We swap argument order to restore original intent.
histograms
Where did most gcc
bugs come from?
tree-optimization
: 4rtl-optimization
: 4middle-end
: 3target
: 3c++
: 1bootstrap
: 1libstdc++
: 1
As usual tree-optimization
is at the top of subsystem causing troubles.
But this time rtl-optimization
got close to it as well.
highway
managed to yield us 4 new bugs while llvm
got us just one
new bug.
parting words
gcc-15
got a few very nice optimizations (and bugs) related to
saturated truncation, zero/sign-extension elimination, constant folding
in RTL
.
I saw at least 5 bugs related to wrong code generation (I’m also
slowly reducing another one in the background). middl-end
ones
were easy to reduce and explore, RTL
ones were very elusive.
The most disruptive change is probably a removal of #include <cstdint>
from one of libstdc++
headers. That requires quite a few upstream
fixes to add missing headers (cppdap
,
woff2
,
graphite
,
glslang
,
widelands
,
wesnoth
and many others).
Have fun!