http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60183
Bug ID: 60183
Summary: [4.7/4.8/4.9 Regression] phiprop creates invalid code
Product: gcc
Version: 4.8.2
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: jakub at gcc dot gnu.org
On:
unsigned long c[32] = { 1 };
static void
foo (unsigned long *x, unsigned long *y)
{
int i;
unsigned long w = x[0];
for (i = 0; i < 8; i++)
{
w ^= *y++;
w += *y++;
w ^= *y++;
w += *y++;
}
x[1] = w;
}
__attribute__((noinline, noclone)) void
bar (unsigned long *x)
{
foo (x, c);
}
int
main ()
{
unsigned long a[2] = { 0, -1UL };
asm volatile ("" : : "r" (c) : "memory");
c[0] = 0;
bar (a);
if (a[1] != 0)
__builtin_abort ();
return 0;
}
at -O1 or higher phiprop causes invalid code to be generated, where the loop
body reads the next *y value into a SSA_NAME and in loop preheader it reads
c[0] into a SSA_NAME which is then used in a PHI on the loop header and the
result of the PHI is used instead of the first *y read. In this particular
case, I don't even see any advantages of doing that, but more importantly it
can read one past the end of the array. With -O{1,2,3} -fsanitize=address
this fails loudly, otherwise if you are unlucky enough and the variable is at
the end of some mmapped area, you could get a crash as well.
