Bug 45687 - [4.6 Regression] possible wrong code bug
Summary: [4.6 Regression] possible wrong code bug
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: middle-end (show other bugs)
Version: 4.6.0
: P1 normal
Target Milestone: 4.6.0
Assignee: Not yet assigned to anyone
URL:
Keywords: wrong-code
Depends on:
Blocks:
 
Reported: 2010-09-16 06:22 UTC by John Regehr
Modified: 2010-10-26 13:43 UTC (History)
6 users (show)

See Also:
Host: x86_64-unknown-linux-gnu
Target: x86_64-unknown-linux-gnu
Build: x86_64-unknown-linux-gnu
Known to work:
Known to fail:
Last reconfirmed: 2010-09-16 08:13:07

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Regehr 2010-09-16 06:22:34 UTC 
I don't think there's anything wrong with the testcase.  The -O2 result is wrong.

[regehr@gamow ~]$ current-gcc -v

Using built-in specs.
COLLECT_GCC=current-gcc
COLLECT_LTO_WRAPPER=/uusoc/exports/scratch/regehr/z/compiler-install/gcc-r164319-install/bin/../libexec/gcc/x86_64-unknown-linux-gnu/4.6.0/lto-wrapper
Target: x86_64-unknown-linux-gnu
Configured with: ../configure --with-libelf=/usr/local --enable-lto --prefix=/home/regehr/z/compiler-install/gcc-r164319-install --program-prefix=r164319- --enable-languages=c,c++
Thread model: posix
gcc version 4.6.0 20100915 (experimental) (GCC) 

[regehr@gamow ~]$ current-gcc -O1 small.c -o small
[regehr@gamow ~]$ ./small 
1
[regehr@gamow ~]$ current-gcc -O2 small.c -o small
[regehr@gamow ~]$ ./small 
0
[regehr@gamow ~]$ cat small.c

int printf(const char *format, ...);

static int g_7;
static int *volatile g_6 = &g_7;

static int func_53(int *p_58)
{
    return *p_58;
}

int main(void)
{
    *g_6 = 1;
    printf("%d\n", func_53(&g_7));
    return 0;
}
Comment 1 Jakub Jelinek 2010-09-16 08:13:07 UTC 
Broken by
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=164135
Comment 2 Jakub Jelinek 2010-09-16 08:27:23 UTC 
Seems ipa_modify_call_arguments creates incorrect MEM_REF here.
base is correctly ADDR_EXPR of a, with int * type for the ADDR_EXPR, but
offset has int ** type instead of int *.  At RTL level this results in alias set 3 being used for the memory read (int *) instead of 2 (int).
Comment 3 Jakub Jelinek 2010-09-16 08:55:35 UTC 
--- ipa-prop.c.jj 2010-09-14 15:24:45.000000000 +0200
+++ ipa-prop.c 2010-09-16 10:47:14.000000000 +0200
@@ -2185,7 +2185,8 @@ ipa_modify_call_arguments (struct cgraph
 
   if (TREE_CODE (base) == ADDR_EXPR
       && DECL_P (TREE_OPERAND (base, 0)))
-    off = build_int_cst (reference_alias_ptr_type (base),
+    off = build_int_cst (reference_alias_ptr_type (TREE_OPERAND (base,
+                                                                 0)),
                          adj->offset / BITS_PER_UNIT);
   else if (TREE_CODE (base) != ADDR_EXPR
    && POINTER_TYPE_P (TREE_TYPE (base)))

seems to fix this, but even the else { } block a few lines below looks very questionable.  In particular, the
              if (TREE_CODE (base) == ADDR_EXPR)
                base = TREE_OPERAND (base, 0);  
without remembering anywhere whether it was ADDR_EXPR or not and so what level of indirection we need.
Comment 4 ian@gcc.gnu.org 2010-10-26 13:39:41 UTC 
Author: ian
Date: Tue Oct 26 13:39:37 2010
New Revision: 165964

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=165964
Log:
gcc/:
	PR middle-end/45687
	* ipa-prop.c (ipa_modify_call_arguments): Correct type of MEM_REF
	offset.
gcc/testsuite:
	* gcc.c-torture/execute/20101025-1.c: New test.

Added:
    trunk/gcc/testsuite/gcc.c-torture/execute/20101025-1.c
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/ipa-prop.c
    trunk/gcc/testsuite/ChangeLog
Comment 5 Ian Lance Taylor 2010-10-26 13:43:31 UTC 
Fixed.  Thanks for finding it.