[Bug c++/10966] New: g++-3.2 -O3 -freduce-all-givs generates incorrect code

thor@math.tu-berlin.de gcc-bugzilla@gcc.gnu.org
Sat May 24 14:04:00 GMT 2003


PLEASE REPLY TO gcc-bugzilla@gcc.gnu.org ONLY, *NOT* gcc-bugs@gcc.gnu.org.

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=10966

           Summary: g++-3.2 -O3 -freduce-all-givs generates incorrect code
           Product: gcc
           Version: 3.2.2
            Status: UNCONFIRMED
          Severity: critical
          Priority: P2
         Component: c++
        AssignedTo: unassigned@gcc.gnu.org
        ReportedBy: thor@math.tu-berlin.de
                CC: gcc-bugs@gcc.gnu.org
 GCC build triplet: i386-pc-linux-gnu
  GCC host triplet: i386-pc-linux-gnu
GCC target triplet: i386-pc-linux-gnu

(Sorry, this is the second report about the problem. The test code for the first
report was "successfully broken" due to a missing bracket that was eated when
snipping the source code).

Save the following lines as "buggy.hpp"
/* snip */
class GTIA { 
public:
  struct PMObject {
    char Graphics;
    PMObject(void)
    { }
    void Render(void *target);
  }     Player[4],Missile[4]; 
  char GractlShadow;
  void TriggerGTIAScanline(char *playfield,int pmdisplace,int width,bool fiddling);
};
/* snip */

Save the following code as "buggy.cpp"
/* snip */
#include "buggy.hpp"

int main(int,char **)
{
  class GTIA gtia;
  gtia.GractlShadow = 127;
  gtia.TriggerGTIAScanline(0,0,0,false);

  return 0;
}

void GTIA::PMObject::Render(void *)
{  
  return;
}

void GTIA::TriggerGTIAScanline(char *,int,int,bool)
{  
  struct PMObject *player,*missile;
  int i;
  
  if (GractlShadow & 0x01) {
    int mask,dmask,shift;
    for (i = 0,mask = 0x01,dmask = 0x03,shift = 6,missile = Missile;i < 4;i++) {
      missile->Graphics = 0;
      missile++;
      mask    <<= 1;
      dmask   <<= 2;
      shift    -= 2;
    }
  } /* <- this bracket was missing in the first report, sorry! */
  for(i=0,player=Player;i<4;i++) {
    player->Render(0);
    player++;
  }
  for(i=0,missile=Missile;i<4;i++) {
    missile->Render(0);
    missile++;
  }
}
/* snip */

Compile with

$ g++-3.2 -O3 -freduce-all-givs buggy.cpp

and execute the code with "a.out". The result is a segfault.

When checking the generated code, you'll discover that a register contents is
lost by the optimizer (namely, the pointer to missile). 

The bug does not appear with older versions of g++, and depends on the exact
option sequence. It will not appear without -freduce-all-givs



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.



More information about the Gcc-bugs mailing list