Bug 47228 - [4.6 Regression] wrong code with loop
Summary: [4.6 Regression] wrong code with loop
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: tree-optimization (show other bugs)
Version: 4.6.0
: P1 normal
Target Milestone: 4.6.0
Assignee: Martin Jambor
URL:
Keywords: wrong-code
Depends on:
Blocks:
 
Reported: 2011-01-09 05:28 UTC by John Regehr
Modified: 2011-02-02 17:57 UTC (History)
5 users (show)

See Also:
Host:
Target: i?86-pc-linux-gnu
Build:
Known to work:
Known to fail:
Last reconfirmed: 2011-01-26 00:09:23

Attachments
untested patch (708 bytes, patch)
2011-01-26 20:28 UTC, Martin Jambor 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Regehr 2011-01-09 05:28:37 UTC 
regehr@home:~/volatile/bugs/tmp343$ current-gcc -O1 small.c -o small
regehr@home:~/volatile/bugs/tmp343$ ./small 
Segmentation fault
regehr@home:~/volatile/bugs/tmp343$ current-gcc -v
Using built-in specs.
COLLECT_GCC=current-gcc
COLLECT_LTO_WRAPPER=/mnt/z/z/compiler-install/gcc-r168608-install/libexec/gcc/i686-pc-linux-gnu/4.6.0/lto-wrapper
Target: i686-pc-linux-gnu
Configured with: ../configure --with-libelf=/usr/local --enable-lto --prefix=/mnt/z/z/compiler-install/gcc-r168608-install --program-prefix=r168608- --enable-languages=c,c++
Thread model: posix
gcc version 4.6.0 20110109 (experimental) (GCC) 
regehr@home:~/volatile/bugs/tmp343$ cat small.c


struct S4 
{
  unsigned f0:24;
} __attribute__((__packed__));

struct S4 g_10 = {
  6210831
};

struct S4 func_2 (int x)
{
  struct S4 l_8[2] = {
    {0}, {0}
  };
  g_10 = l_8[1];
  for (; x<2; x++) {
    struct S4 tmp = {
      11936567
    };
    l_8[x] = tmp;
  }
  return g_10;
}

int main (void)
{
  func_2 (0);
  return 0;
}
Comment 1 Andrew Pinski 2011-01-26 00:09:23 UTC 
Confirmed, fails also with -O2 -fno-inline (or marking func_2 as noinline/noclone).

This is rather weird, the correct code (at the tree level even) is produced with -m64.
Comment 2 Jakub Jelinek 2011-01-26 07:19:27 UTC 
foo:
  subl    $16, %esp
  ... ! no other esp modifications
  movl    $11936567, 10(%esp,%ecx)        #, MEM[(struct S[2] *)D.1998_9]

overwrites part of the return value.
Comment 3 Jakub Jelinek 2011-01-26 07:58:28 UTC 
Caused by http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=164136
Comment 4 Jakub Jelinek 2011-01-26 08:28:31 UTC 
Yeah, clearly SRA fault, as it replaces
b[x_1] = c;
where both lhs and rhs is correctly type S, i.e. 3 byte packed BLKmode structure,
with MEM_REF store which is SImode 4 byte.
Comment 5 Martin Jambor 2011-01-26 18:28:17 UTC 
OK, let me have a look at it then...
Comment 6 Martin Jambor 2011-01-26 20:28:37 UTC 
Created attachment 23137 [details]
untested patch
Comment 7 Martin Jambor 2011-01-27 13:41:54 UTC 
Author: jamborm
Date: Thu Jan 27 13:41:51 2011
New Revision: 169331

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=169331
Log:
2011-01-27  Martin Jambor  <mjambor@suse.cz>

	PR tree-optimization/47228
	* tree-sra.c (sra_modify_assign): Use build_ref_for_model instead of
	build_ref_for_offset.

	* testsuite/gcc.dg/torture/pr47228.c: New test.


Added:
    trunk/gcc/testsuite/gcc.dg/torture/pr47228.c
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/testsuite/ChangeLog
    trunk/gcc/tree-sra.c
Comment 8 Martin Jambor 2011-01-27 13:42:22 UTC 
Fixed.
Comment 9 Diego Novillo 2011-02-02 17:57:08 UTC 
Author: dnovillo
Date: Wed Feb  2 17:57:01 2011
New Revision: 169648

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=169648
Log:
2011-01-27  Martin Jambor  <mjambor@suse.cz>

	PR tree-optimization/47228
	* tree-sra.c (sra_modify_assign): Use build_ref_for_model instead of
	build_ref_for_offset.

	* testsuite/gcc.dg/torture/pr47228.c: New test.

Added:
    branches/google/integration/gcc/testsuite/gcc.dg/torture/pr47228.c
Modified:
    branches/google/integration/gcc/ChangeLog
    branches/google/integration/gcc/testsuite/ChangeLog
    branches/google/integration/gcc/tree-sra.c