[Bug rtl-optimization/80474] New: ipa-cp wrongly adding LO(symbol) twice

jan.smets at nokia dot com gcc-bugzilla@gcc.gnu.org
Thu Apr 20 14:45:00 GMT 2017 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80474

            Bug ID: 80474
           Summary: ipa-cp wrongly adding LO(symbol) twice
           Product: gcc
           Version: 6.3.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: rtl-optimization
          Assignee: unassigned at gcc dot gnu.org
          Reporter: jan.smets at nokia dot com
  Target Milestone: ---

On MIPS, O32
GCC 6.3.1 (does not happen on GCC5, but there it's not similarly optimized by
ipa-cp)

I wasn't yet successful at producing a minimized testcase.

A function is called and one of the arguments is a function pointer.
On mips the symbol is loaded in two steps, the HI and the LO part.
The LO part is an increment and is happening twice, resulting in a bogus
pointer being passed.


409     INITEVENT (PP_MASK_QX,   T01, OUTRESEG_DRAM_DATA_ECC_UNCORRECTABLE_0,
0,                                                        1,
"OUTRESEG_DRAM_DATA_ECC_UNCORRE      CTABLE_0",                 ERROR_EVENT,   
        &decay_ext_dram_unc_err, myFunce);
    0x04431644 <+11384>: beqz    t4,0x4431730 <InitEventNameTables+11620>
    0x04431648 <+11388>: addiu   s1,s1,-9260

t4 is zero, so branches to 0x4431730 


 # BLOCK 530 freq:156 seq:526
 # PRED: 543 [69.5%]
$L599:
 #(jump_insn 4608 4607 4691 (set (pc)
 #        (if_then_else (eq (reg:SI 12 $12 [orig:1564 _4488 ] [1564])
 #                (const_int 0 [0]))
 #            (label_ref 4678)
 #            (pc))) myfile.c:409 472 {*branch_equalitysi}
 #     (int_list:REG_BR_PROB 5000 (nil))
 # -> 4678)
    beq $12,$0,$L592     # 4608 *branch_equalitysi  [length = 4]
 #(insn 4691 4608 27788 (set (reg/f:SI 17 $17 [6100])
 #        (lo_sum:SI (reg/f:SI 17 $17 [6102])
 #            (symbol_ref:SI ("myFunce") [flags 0x3] <function_decl
0x7f8315a4ce00 myFunce>))) 300 {*lowsi}
 #     (expr_list:REG_EQUAL (symbol_ref:SI ("myFunce") [flags 0x3]
<function_decl 0x7f8315a4ce00 myFunce>)
 #        (nil)))
    addiu   $17,$17,%lo(myFunce)    # 4691 *lowsi  [length = 4]


s1 is now 0x442dbd4 , which is myFunce()

 7737    0x04431730 <+11620>: bnez    t2,0x4439a0c <InitEventNameTables+45120>
 7738    0x04431734 <+11624>: addiu   s1,s1,-9260

t2 is 0x2000, so branches to 0x4439a0c and changes s1 from 0x442dbd4 (correct)
to 0x442b7a8 (incorrect)


 # BLOCK 545 freq:78 seq:541
 # PRED: 530 [50.0%] 
$L592:
 #(jump_insn 4680 4679 15195 (set (pc)
 #        (if_then_else (ne (reg:SI 10 $10 [orig:456 prephitmp_915 ] [456]) 
 #                (const_int 0 [0]))
 #            (label_ref 15192) 
 #            (pc))) myfile.c:409 472 {*branch_equalitysi}
 #     (int_list:REG_BR_PROB 7002 (nil)) 
 # -> 15192) 
    bne $10,$0,$L601     # 4680 *branch_equalitysi  [length = 4]
 #(insn/s 15195 4680 4681 (set (reg/f:SI 17 $17 [6100])
 #        (lo_sum:SI (reg/f:SI 17 $17 [6102])
 #            (symbol_ref:SI ("myFunce") [flags 0x3] <function_decl
0x7f8315a4ce00 myFunce>))) 300 {*lowsi}
 #     (expr_list:REG_EQUAL (symbol_ref:SI ("myFunce") [flags 0x3]
<function_decl 0x7f8315a4ce00 myFunce>)
 #        (nil)))
    addiu   $17,$17,%lo(myFunce)    # 15195    *lowsi  [length = 4]

More information about the Gcc-bugs mailing list