This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Aliasing bug
- From: Andrew Stubbs <ams at codesourcery dot com>
- To: gcc at gcc dot gnu dot org
- Date: Thu, 02 Jul 2009 14:21:34 +0100
- Subject: Aliasing bug
Hi all,
I'm fairly sure I have found an aliasing bug in GCC, although I could be
wrong. I've reproduced it in both 4.4 and mainline.
Consider this testcase, aliasing.c:
extern void *foo;
extern inline short **
f1 (void)
{
union
{
void **v;
short **s;
} u;
u.v = (&foo);
if (*u.s == 0) *u.s = (short *)42;
return u.s;
}
const short *a, *b;
int
f ()
{
a = *f1();
b = *f1();
}
The (not very useful) testcase initialises foo to 42, if necessary, and
then sets both 'a' and 'b' to equal foo. There should be no way that 'a'
and 'b' can ever be set to zero.
Compile the code as follows:
sh-linux-gnu-gcc -c aliasing.c -O2 -fdump-tree-all
The dump file aliasing.c.133t.optimized (the last tree dump) then contains:
f ()
{
void * foo.3;
short int * D.1982;
short int * * D.1973;
<bb 2>:
foo.3_10 = foo;
D.1982_26 = (short int *) foo.3_10;
if (D.1982_26 == 0B)
goto <bb 3>;
else
goto <bb 5>;
<bb 3>:
D.1973_13 = (short int * *) &foo;
*D.1973_13 = 42B;
a = 0B;
<bb 4>:
b = D.1982_26;
return;
<bb 5>:
a = D.1982_26;
goto <bb 4>;
}
This is the state of the code after the tree optimisations. Both 'a' and
'b' are set to the initial value of foo, before it was initialised. Not
only that, but 'a' is explicitly set to zero.
This problem goes away if -fno-strict-aliasing is used.
Is this a compiler bug? Or have I got something wrong in my code?
Thanks
Andrew