This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug tree-optimization/43879] -fipa-pta causes various miscompilations

From: "zsojka at seznam dot cz" <gcc-bugzilla at gcc dot gnu dot org>
To: gcc-bugs at gcc dot gnu dot org
Date: 2 May 2010 13:45:08 -0000
Subject: [Bug tree-optimization/43879] -fipa-pta causes various miscompilations
References: <bug-43879-14164@http.gcc.gnu.org/bugzilla/>
Reply-to: gcc-bugzilla at gcc dot gnu dot org


------- Comment #21 from zsojka at seznam dot cz  2010-05-02 13:45 -------
Created an attachment (id=20534)
 --> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=20534&action=view)
reduced testcase, from lto-section-out.c

Miscompiled function is lto-section-out.c:lto_output_fn_decl_index()
lto_output_fn_decl_index:
        mov     rax, rdi        # decl_state, decl_state
        lea     rcx, [rsp-12]   # tmp62,
        mov     rdi, rsi        # obs, obs
        lea     rsi, [rax+48]   # tmp63,
        jmp     lto_output_decl_index   #

tmp62 is &index, but it is allocated under the stack pointer. Later, when
lto_output_decl_index() executes "*this_index = index;", it overwrites
registers stored on stack:
lto_output_decl_index:
... # r15 is saved:
        mov     QWORD PTR [rsp-8], r15  #,
... # saved r15 is overwritten:
        mov     DWORD PTR [r15], ebx    # *this_index_24(D), index
... # wrong r15 is reloaded:
        mov     r15, QWORD PTR [rsp+80] #,

The testcase works only on x86_64, with command line:
$ gcc -O[2s] -fipa-pta pr43879-3.c
$ gcc -O1 -fipa-pta -foptimize-sibling-calls pr43879-3.c
$ ./a.out
Aborted


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=43879

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]