http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48576
--- Comment #5 from Mikael Pettersson <mikpe at it dot uu.se> 2011-04-16 19:28:54 UTC --- It started with r146817: Author: matz Date: Sun Apr 26 19:35:04 2009 New Revision: 146817 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=146817 Log: gcc/ Expand from SSA. ... Diffing the assembly code from r146816 and r146817 shows the error: --- pr48576.s-r146816 2011-04-16 21:06:24.000000000 +0200 +++ pr48576.s-r146817 2011-04-16 21:06:03.000000000 +0200 ... bl my_realloc sub r3, fp, #4096 - str r0, [r3, #-44] - str r6, [r0, r5, asl #2] - cmp r4, #1 + str r0, [r3, #-48] + ldr r3, [r3, #-44] + ldr r2, [r3, #-48] + str r4, [r2, r3, asl #2] + cmp r9, #1 ble .L16 ... We wish to save the return value of my_realloc() and immediately make a store with it as an array base pointer and another value as index. Starting with r146817 both values are considered spilled and get reloaded. Both reloads need an intermediate pointer into the frame to reach their locations. The reload of the index value clobbers the intermediate frame pointer needed for the reload of the array base, causing that reload to read an incorrect location.