subject:"\[Bug tree\-optimization\/68853\] \[6 Regression\] gcc\-6 miscompiles Chromium v8 garbage collector"

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2016-01-11 Thread pinskia at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

--- Comment #11 from Andrew Pinski  ---
*** Bug 69234 has been marked as a duplicate of this bug. ***

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2016-01-11 Thread trippels at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

Markus Trippelsdorf  changed:

   What|Removed |Added

 CC||abe_skolnik at yahoo dot com

--- Comment #10 from Markus Trippelsdorf  ---
*** Bug 69234 has been marked as a duplicate of this bug. ***

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2015-12-11 Thread trippels at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

Markus Trippelsdorf  changed:

   What|Removed |Added

 Status|UNCONFIRMED |NEW
   Last reconfirmed||2015-12-11
  Component|c++ |tree-optimization
 Ever confirmed|0   |1

--- Comment #1 from Markus Trippelsdorf  ---
-fno-tree-fre "fixes" the issue.

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2015-12-11 Thread trippels at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

--- Comment #2 from Markus Trippelsdorf  ---
g++ -MMD -MF
obj/third_party/WebKit/Source/core/layout/webcore_rendering.LayoutObject.o.d
-DV8_DEPRECATION_WARNINGS -DCLD_VERSION=2 -D_FILE_OFFSET_BITS=64 -DDISABLE_NACL
-DCHROMIUM_BUILD -DUI_COMPOSITOR_IMAGE_TRANSPORT -DUSE_AURA=1 -DUSE_ASH=1
-DUSE_PANGO=1 -DUSE_CAIRO=1 -DUSE_DEFAULT_RENDER_THEME=1 -DUSE_LIBJPEG_TURBO=1
-DUSE_X11=1 -DUSE_CLIPBOARD_AURAX11=1 -DENABLE_ONE_CLICK_SIGNIN
-DENABLE_WEBRTC=1 -DENABLE_MEDIA_ROUTER=1 -DUSE_PROPRIETARY_CODECS
-DENABLE_PEPPER_CDMS -DENABLE_CONFIGURATION_POLICY -DENABLE_NOTIFICATIONS
-DENABLE_HIDPI=1 -DENABLE_TOPCHROME_MD=1 -DUSE_UDEV -DDONT_EMBED_BUILD_METADATA
-DFIELDTRIAL_TESTING_ENABLED -DENABLE_TASK_MANAGER=1 -DENABLE_EXTENSIONS=1
-DENABLE_PDF=1 -DENABLE_PLUGINS=1 -DENABLE_SESSION_SERVICE=1 -DENABLE_THEMES=1
-DENABLE_AUTOFILL_DIALOG=1 -DENABLE_BACKGROUND=1 -DENABLE_PRINTING=1
-DENABLE_BASIC_PRINTING=1 -DENABLE_PRINT_PREVIEW=1 -DENABLE_SPELLCHECK=1
-DENABLE_CAPTIVE_PORTAL_DETECTION=1 -DENABLE_APP_LIST=1 -DENABLE_SETTINGS_APP=1
-DENABLE_SUPERVISED_USERS=1 -DENABLE_MDNS=1 -DENABLE_SERVICE_DISCOVERY=1
-DV8_USE_EXTERNAL_STARTUP_DATA -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD
-DSAFE_BROWSING_DB_LOCAL -DGL_GLEXT_PROTOTYPES -DBLINK_IMPLEMENTATION=1
-DINSIDE_BLINK -DENABLE_LAYOUT_UNIT_IN_INLINE_BOXES=0
-DWTF_USE_CONCATENATED_IMPULSE_RESPONSES=1 -DENABLE_INPUT_MULTIPLE_FIELDS_UI=1
-DENABLE_WEB_AUDIO=1 -DWTF_USE_WEBAUDIO_FFMPEG=1
-DWTF_USE_DEFAULT_RENDER_THEME=1 -DU_USING_ICU_NAMESPACE=0 -DU_ENABLE_DYLOAD=0
-DU_STATIC_IMPLEMENTATION -DSK_SUPPORT_GPU=1
-DSK_IGNORE_LINEONLY_AA_CONVEX_PATH_OPTS -DCHROME_PNG_WRITE_SUPPORT
-DPNG_USER_CONFIG -DLIBXML_STATIC -DLIBXSLT_STATIC -DUSE_LIBPCI=1
-DUSE_OPENSSL=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -D__STDC_CONSTANT_MACROS
-D__STDC_FORMAT_MACROS -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0
-D_FORTIFY_SOURCE=2 -Igen -I../.. -I../../skia/config
-I../../third_party/WebKit/Source -I../../third_party/khronos -I../../gpu
-Igen/angle -Igen/blink -I../../third_party/angle/include
-I../../third_party/ffmpeg -I../../third_party/icu/source/i18n
-I../../third_party/icu/source/common -I../../third_party/WebKit
-I../../third_party/skia/include/core -I../../third_party/skia/include/effects
-I../../third_party/skia/include/pdf -I../../third_party/skia/include/gpu
-I../../third_party/skia/include/lazy -I../../third_party/skia/include/pathops
-I../../third_party/skia/include/pipe -I../../third_party/skia/include/ports
-I../../third_party/skia/include/utils -I../../skia/ext
-I../../third_party/iccjpeg -I../../third_party/libpng
-I../../third_party/libwebp -I../../third_party/libxml/linux/include
-I../../third_party/libxml/src/include -I../../third_party/libxslt
-I../../third_party/npapi -I../../third_party/npapi/bindings
-I../../third_party/ots/include -I../../third_party/qcms/src
-I../../third_party/zlib -I../../v8/include -fstack-protector
--param=ssp-buffer-size=4 -pthread -fno-strict-aliasing -Wall
-Wno-unused-parameter -Wno-missing-field-initializers -fvisibility=hidden -pipe
-fPIC -Wno-unused-local-typedefs -fno-strict-aliasing -I/usr/include/freetype2
-I/usr/include/libpng16 -I/usr/include/harfbuzz -I/usr/include/freetype2
-I/usr/include/libpng16 -I/usr/include/harfbuzz -I/usr/include/glib-2.0
-I/usr/lib64/glib-2.0/include -m64 -march=x86-64 -O3 -fno-ident -fdata-sections
-ffunction-sections -funwind-tables -fno-exceptions -fno-rtti
-fno-threadsafe-statics -fvisibility-inlines-hidden -Wsign-compare
-Wno-c++0x-compat -std=gnu++11 -Wno-narrowing -Wno-literal-suffix -c
../../third_party/WebKit/Source/core/layout/LayoutObject.cpp -o
obj/third_party/WebKit/Source/core/layout/webcore_rendering.LayoutObject.o 

Also gets miscompiled:

Program received signal SIGSEGV, Segmentation fault.
0x58ad00a5 in blink::LayoutObject::isDescendantOf(blink::LayoutObject
const*) const ()
(gdb) bt
#0  0x58ad00a5 in
blink::LayoutObject::isDescendantOf(blink::LayoutObject const*) const ()
#1  0x58b60790 in
blink::CompositedLayerMapping::containingSquashedLayer(blink::LayoutObject
const*, unsigned int) ()
#2  0x58be0bf6 in
blink::CompositingLayerAssigner::assignLayersToBackingsInternal(blink::PaintLayer*,
blink::CompositingLayerAssigner::SquashingState&,
WTF::Vector&) ()
#3  0x58be0769 in
blink::CompositingLayerAssigner::assignLayersToBackingsInternal(blink::PaintLayer*,
blink::CompositingLayerAssigner::SquashingState&,
WTF::Vector&) ()
#4  0x58be0769 in
blink::CompositingLayerAssigner::assignLayersToBackingsInternal(blink::PaintLayer*,
blink::CompositingLayerAssigner::SquashingState&,
WTF::Vector&) ()
#5  0x58be0e11 in
blink::CompositingLayerAssigner::assign(blink::PaintLayer*,
WTF::Vector&) ()
#6  0x58b66758 in

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2015-12-11 Thread trippels at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

--- Comment #4 from Markus Trippelsdorf  ---
(In reply to Richard Biener from comment #3)
> Can you bisect it to the alias changes from Honza or is this older?

The first issue is older. At least a few weeks.
I don't have a powerful enough machine to bisect this and the 
compile farm machines cannot build Chromium, because of missing
libraries. 
(I've seen the second issue for the first time today.)

> Is this  part of chromium single-threaded?

If you start chromium with:
 google-chrome --no-sandbox --renderer-cmd-prefix='xterm -title renderer -e gdb
-ex run --args'
it will attach a debugger to every started thread.
The segfault happens in one of them.

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2015-12-11 Thread trippels at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

--- Comment #5 from Markus Trippelsdorf  ---
(In reply to Markus Trippelsdorf from comment #4)
> (In reply to Richard Biener from comment #3)
> > Can you bisect it to the alias changes from Honza or is this older?
> 
> The first issue is older. At least a few weeks.
> I don't have a powerful enough machine to bisect this and the 
> compile farm machines cannot build Chromium, because of missing
> libraries. 

OK. I will run a bisection just on that one object file...

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2015-12-11 Thread rguenth at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

Richard Biener  changed:

   What|Removed |Added

   Target Milestone|--- |6.0

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2015-12-11 Thread trippels at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

--- Comment #6 from Markus Trippelsdorf  ---
Created attachment 36995
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=36995=edit
unreduced testcase

Started with r226861.

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2015-12-11 Thread trippels at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

--- Comment #7 from Markus Trippelsdorf  ---
The while loop in:

 421 void IncrementalMarking::ActivateIncrementalWriteBarrier() {
 422   ActivateIncrementalWriteBarrier(heap_->old_space());
 423   ActivateIncrementalWriteBarrier(heap_->map_space());
 424   ActivateIncrementalWriteBarrier(heap_->code_space());
 425   ActivateIncrementalWriteBarrier(heap_->new_space());
 426
 427   LargePage* lop = heap_->lo_space()->first_page();
 428   while (lop->is_valid()) {
 429 SetOldSpacePageFlags(lop, true, is_compacting_);
 430 lop = lop->next_page();
 431   }
 432 }


Good:  Bad: 
.p2align 4,,10 .p2align 4,,10
.p2align 3 .p2align 3
.L2183:.L2176:
orq $12, 8(%rax)   orq $12, 8(%rax)
movq176(%rax), %raxmovq176(%rax), %rax
testq   %rax, %rax jmp .L2176
jne .L2183 
rep ret
.L2192:
rep ret

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2015-12-11 Thread rguenth at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

Richard Biener  changed:

   What|Removed |Added

 CC||rguenth at gcc dot gnu.org

--- Comment #3 from Richard Biener  ---
Can you bisect it to the alias changes from Honza or is this older?  Is this
part of chromium single-threaded?

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2015-12-11 Thread pinskia at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

Andrew Pinski  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID

--- Comment #8 from Andrew Pinski  ---
Calling a NULL object is undefined.  


  Address address() { return reinterpret_cast(this); }

  bool is_valid() { return address() !=
# 475 "../../v8/src/heap/spaces.h" 3 4
   __null
# 475 "../../v8/src/heap/spaces.h"
   ; }


That will always be true.  That is this can never be NULL.

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

2015-12-11 Thread trippels at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

--- Comment #9 from Markus Trippelsdorf  ---
Thanks Andrew.
Turned out the issue from comment 2 is similar.
Both issues are solved with -fno-delete-null-pointer-checks.
Maybe the chromium devs should add that flag to their default gcc flags...

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

[Bug tree-optimization/68853] [6 Regression] gcc-6 miscompiles Chromium v8 garbage collector

12 matches

Site Navigation

Mail list logo

Footer information