Bug 58941 - [4.7 Regression] value modification on zero-length array optimized away
[4.7 Regression] value modification on zero-length array optimized away
Status: RESOLVED FIXED
Product: gcc
Classification: Unclassified
Component: middle-end
4.6.3
: P3 major
: 4.7.4
Assigned To: Richard Biener
: alias, wrong-code
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-10-31 14:08 UTC by Thomas Moschcau
Modified: 2014-03-18 11:01 UTC (History)
0 users

See Also:
Host:
Target:
Build:
Known to work: 4.3.4, 4.8.3, 4.9.0
Known to fail: 4.7.3, 4.8.2
Last reconfirmed: 2013-11-04 00:00:00


Attachments
preprocessed example source file (69.24 KB, text/plain)
2013-10-31 14:08 UTC, Thomas Moschcau
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Moschcau 2013-10-31 14:08:18 UTC
Created attachment 31122 [details]
preprocessed example source file

Hello,
on mips32 with gcc4.6.3, I get unexpected results when writing to a buffer via a pointer to a zero-sized array. 
Below is an example to produce the error.
Find additional info from gcc further below.
Thanks, Thomas

#include <stdio.h>
#include <stdlib.h>

typedef struct {
    int msgLength;
    unsigned char data[1000];
} SMsg;

typedef struct {
    int dummy;
    int d[0];  // using d[] would fix it
} SData;

int condition = 3;

void checkData( SMsg* pMsg );

void runBug( void )
{
    SMsg msg; // generic message

    SData *pData = (SData*)(msg.data); // pointer to specific payload
    unsigned int i = 0; // no bug with signed int
    for ( i = 0; i < 1; i++ ) // bug does not appear without this loop
    {
        pData->d[i] = 0;
        if(condition & 1)
        {    
            pData->d[i] |= 0x55;
            // d[0] is now 0x55
        }
        if(condition & 2)
        {    
            pData->d[i] |= 0xaa;
            // d[0] should now be 0xff but is 0xaa
        }
    }
    checkData( &msg );
}

void checkData( SMsg* pMsg )
{
    SData *pData = (SData*)(pMsg->data);
    if (pData->d[0] != 0xff)
    {
        printf("ERROR d[0]=0x%x, but should be 0x%x|0x%x\n", 
                (unsigned int)pData->d[0], 0x55, 0xaa );
        exit(255);
    }
}

int main( void )
{
    runBug();
    return 0;
}

--------------------------------------------------------------
/tmp/tlc/usr/bin/mips-linux-gcc -v -fno-strict-aliasing -O2 -Wall -Wextra -g -fwrapv -save-temps  -o test_gccbug test.c
Using built-in specs.
COLLECT_GCC=/tmp/tlc/usr/bin/mips-linux-gcc
COLLECT_LTO_WRAPPER=/tmp/tlc/usr/bin/../libexec/gcc/mips-buildroot-linux-uclibc/4.6.3/lto-wrapper
Target: mips-buildroot-linux-uclibc
Configured with: /vol/cm/perforce/workspace/tmoschca_luzifer_buildroot/bld_mips32/buildroot-2013.02/output/toolchain/gcc-4.6.3/configure --prefix=/vol/cm/perforce/workspace/tmoschca_luzifer_buildroot/bld_mips32/buildroot-2013.02/output/host/usr --build=x86_64-unknown-linux-gnu --host=x86_64-unknown-linux-gnu --target=mips-buildroot-linux-uclibc --enable-languages=c,c++ --with-sysroot=/vol/cm/perforce/workspace/tmoschca_luzifer_buildroot/bld_mips32/buildroot-2013.02/output/host/usr/mips-buildroot-linux-uclibc/sysroot --with-build-time-tools=/vol/cm/perforce/workspace/tmoschca_luzifer_buildroot/bld_mips32/buildroot-2013.02/output/host/usr/mips-buildroot-linux-uclibc/bin --disable-__cxa_atexit --enable-target-optspace --disable-libgomp --with-gnu-ld --disable-libssp --disable-multilib --enable-tls --enable-shared --with-gmp=/vol/cm/perforce/workspace/tmoschca_luzifer_buildroot/bld_mips32/buildroot-2013.02/output/host/usr --with-mpfr=/vol/cm/perforce/workspace/tmoschca_luzifer_buildroot/bld_mips32/buildroot-2013.02/output/host/usr --with-mpc=/vol/cm/perforce/workspace/tmoschca_luzifer_buildroot/bld_mips32/buildroot-2013.02/output/host/usr --disable-nls --enable-threads --disable-decimal-float --with-float=soft --with-abi=32 --with-tune=mips32 --with-pkgversion='Buildroot 2013.02' --with-bugurl=http://bugs.buildroot.net/
Thread model: posix
gcc version 4.6.3 (Buildroot 2013.02)
COLLECT_GCC_OPTIONS='-v' '-fno-strict-aliasing' '-O2' '-Wall' '-Wextra' '-g' '-fwrapv' '-save-temps' '-o' 'test_gccbug' '-mtune=mips32' '-mabi=32' '-msoft-float' '-mllsc' '-mno-synci' '-mno-shared'
 /tmp/tlc/usr/bin/../libexec/gcc/mips-buildroot-linux-uclibc/4.6.3/cc1 -E -quiet -v -iprefix /tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/ -isysroot /tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot test.c -mtune=mips32 -mabi=32 -msoft-float -mllsc -mno-synci -mno-shared -Wall -Wextra -fno-strict-aliasing -fwrapv -g -fworking-directory -O2 -fpch-preprocess -o test.i
ignoring duplicate directory "/tmp/tlc/usr/bin/../lib/gcc/../../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/include"
ignoring nonexistent directory "/tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot/usr/local/include"
ignoring duplicate directory "/tmp/tlc/usr/bin/../lib/gcc/../../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/include-fixed"
ignoring duplicate directory "/tmp/tlc/usr/bin/../lib/gcc/../../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/../../../../mips-buildroot-linux-uclibc/include"
#include "..." search starts here:
#include <...> search starts here:
 /tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/include
 /tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/include-fixed
 /tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/../../../../mips-buildroot-linux-uclibc/include
 /tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot/usr/include
End of search list.
COLLECT_GCC_OPTIONS='-v' '-fno-strict-aliasing' '-O2' '-Wall' '-Wextra' '-g' '-fwrapv' '-save-temps' '-o' 'test_gccbug' '-mtune=mips32' '-mabi=32' '-msoft-float' '-mllsc' '-mno-synci' '-mno-shared'
 /tmp/tlc/usr/bin/../libexec/gcc/mips-buildroot-linux-uclibc/4.6.3/cc1 -fpreprocessed test.i -quiet -dumpbase test.c -mtune=mips32 -mabi=32 -msoft-float -mllsc -mno-synci -mno-shared -auxbase test -g -O2 -Wall -Wextra -version -fno-strict-aliasing -fwrapv -o test.s
GNU C (Buildroot 2013.02) version 4.6.3 (mips-buildroot-linux-uclibc)
        compiled by GNU C version 4.1.2 20080704 (Red Hat 4.1.2-52), GMP version 5.1.0, MPFR version 3.1.1-p2, MPC version 1.0.1
GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072
GNU C (Buildroot 2013.02) version 4.6.3 (mips-buildroot-linux-uclibc)
        compiled by GNU C version 4.1.2 20080704 (Red Hat 4.1.2-52), GMP version 5.1.0, MPFR version 3.1.1-p2, MPC version 1.0.1
GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072
Compiler executable checksum: 5822c094c058915fedc3c193375772d1
COLLECT_GCC_OPTIONS='-v' '-fno-strict-aliasing' '-O2' '-Wall' '-Wextra' '-g' '-fwrapv' '-save-temps' '-o' 'test_gccbug' '-mtune=mips32' '-mabi=32' '-msoft-float' '-mllsc' '-mno-synci' '-mno-shared'
 /tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/../../../../mips-buildroot-linux-uclibc/bin/as -EB -O2 -g -no-mdebug -mabi=32 -mno-shared -mtune=mips32 -KPIC -o test.o test.s
COMPILER_PATH=/tmp/tlc/usr/bin/../libexec/gcc/mips-buildroot-linux-uclibc/4.6.3/:/tmp/tlc/usr/bin/../libexec/gcc/:/tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/../../../../mips-buildroot-linux-uclibc/bin/
LIBRARY_PATH=/tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/:/tmp/tlc/usr/bin/../lib/gcc/:/tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/../../../../mips-buildroot-linux-uclibc/lib/:/tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot/lib/:/tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot/usr/lib/
COLLECT_GCC_OPTIONS='-v' '-fno-strict-aliasing' '-O2' '-Wall' '-Wextra' '-g' '-fwrapv' '-save-temps' '-o' 'test_gccbug' '-mtune=mips32' '-mabi=32' '-msoft-float' '-mllsc' '-mno-synci' '-mno-shared'
 /tmp/tlc/usr/bin/../libexec/gcc/mips-buildroot-linux-uclibc/4.6.3/collect2 --sysroot=/tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot --eh-frame-hdr -EB -dynamic-linker /lib/ld-uClibc.so.0 -o test_gccbug /tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot/usr/lib/crt1.o /tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot/usr/lib/crti.o /tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/crtbegin.o -L/tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3 -L/tmp/tlc/usr/bin/../lib/gcc -L/tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/../../../../mips-buildroot-linux-uclibc/lib -L/tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot/lib -L/tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot/usr/lib test.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /tmp/tlc/usr/bin/../lib/gcc/mips-buildroot-linux-uclibc/4.6.3/crtend.o /tmp/tlc/usr/bin/../mips-buildroot-linux-uclibc/sysroot/usr/lib/crtn.o
Comment 1 Richard Biener 2013-11-04 14:14:37 UTC
Confirmed, mine.
Comment 2 Richard Biener 2013-11-05 13:24:16 UTC
Author: rguenth
Date: Tue Nov  5 13:24:13 2013
New Revision: 204391

URL: http://gcc.gnu.org/viewcvs?rev=204391&root=gcc&view=rev
Log:
2013-11-05  Richard Biener  <rguenther@suse.de>

	PR middle-end/58941
	* tree-dfa.c (get_ref_base_and_extent): Merge common code
	in MEM_REF and TARGET_MEM_REF handling.  Make sure to
	process trailing array detection before diving into the
	view-converted object (and possibly apply some extra offset).

	* gcc.dg/torture/pr58941.c: New testcase.

Added:
    trunk/gcc/testsuite/gcc.dg/torture/pr58941.c
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/testsuite/ChangeLog
    trunk/gcc/tree-dfa.c
Comment 3 Richard Biener 2013-11-05 13:24:59 UTC
Fixed on trunk sofar.
Comment 4 Richard Biener 2013-11-19 09:22:46 UTC
Author: rguenth
Date: Tue Nov 19 09:22:45 2013
New Revision: 205011

URL: http://gcc.gnu.org/viewcvs?rev=205011&root=gcc&view=rev
Log:
2013-11-19  Richard Biener  <rguenther@suse.de>

	Backport from mainline
	2013-11-05  Richard Biener  <rguenther@suse.de>

	PR middle-end/58941
	* tree-dfa.c (get_ref_base_and_extent): Merge common code
	in MEM_REF and TARGET_MEM_REF handling.  Make sure to
	process trailing array detection before diving into the
	view-converted object (and possibly apply some extra offset).

	* gcc.dg/torture/pr58941.c: New testcase.

Added:
    branches/gcc-4_8-branch/gcc/testsuite/gcc.dg/torture/pr58941.c
Modified:
    branches/gcc-4_8-branch/gcc/ChangeLog
    branches/gcc-4_8-branch/gcc/testsuite/ChangeLog
    branches/gcc-4_8-branch/gcc/tree-dfa.c
Comment 5 Richard Biener 2013-11-19 09:25:45 UTC
And 4.8.3.
Comment 6 Thomas Moschcau 2013-11-27 08:25:33 UTC
(In reply to Richard Biener from comment #5)
> And 4.8.3.

Hello Richard,
will there also be a fix for gcc 4.6.x?
Kind Regards
Thomas
Comment 7 rguenther@suse.de 2013-11-27 08:48:22 UTC
On Wed, 27 Nov 2013, thomas.moschcau at web dot de wrote:

> http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58941
> 
> --- Comment #6 from Thomas Moschcau <thomas.moschcau at web dot de> ---
> (In reply to Richard Biener from comment #5)
> > And 4.8.3.
> 
> Hello Richard,
> will there also be a fix for gcc 4.6.x?

No, gcc 4.6 is no longer maintained.
Comment 8 Richard Biener 2014-03-18 10:58:54 UTC
Author: rguenth
Date: Tue Mar 18 10:58:22 2014
New Revision: 208640

URL: http://gcc.gnu.org/viewcvs?rev=208640&root=gcc&view=rev
Log:
2014-03-18  Richard Biener  <rguenther@suse.de>

	Backport from mainline
	2013-11-05  Richard Biener  <rguenther@suse.de>

	PR middle-end/58941
	* tree-dfa.c (get_ref_base_and_extent): Merge common code
	in MEM_REF and TARGET_MEM_REF handling.  Make sure to
	process trailing array detection before diving into the
	view-converted object (and possibly apply some extra offset).

	* gcc.dg/torture/pr58941.c: New testcase.

	2012-05-07  Eric Botcazou  <ebotcazou@adacore.com>

	* tree-dfa.c (get_ref_base_and_extent) <ARRAY_REF>: Do the offset
	computation using the precision of the index type.

	2012-05-31  Eric Botcazou  <ebotcazou@adacore.com>

	* tree-dfa.c (get_ref_base_and_extent): Compute the offset using
	double ints throughout.

Added:
    branches/gcc-4_7-branch/gcc/testsuite/gcc.dg/torture/pr58941.c
Modified:
    branches/gcc-4_7-branch/gcc/ChangeLog
    branches/gcc-4_7-branch/gcc/testsuite/ChangeLog
    branches/gcc-4_7-branch/gcc/tree-dfa.c
Comment 9 Richard Biener 2014-03-18 11:01:14 UTC
Fixed.