https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61964
Richard Biener <rguenth at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |ASSIGNED Keywords| |wrong-code Last reconfirmed| |2014-07-31 CC| |tom at codesourcery dot com Assignee|unassigned at gcc dot gnu.org |rguenth at gcc dot gnu.org Ever confirmed|0 |1 Summary|[4.8 regression] krb5 |[4.8/4.9/4.10 regression] |database propagation enters |krb5 database propagation |infinite loop; reduced test |enters infinite loop; |case |reduced test case Target Milestone|--- |4.8.4 --- Comment #7 from Richard Biener <rguenth at gcc dot gnu.org> --- (In reply to Anders Kaseorg from comment #4) > Another bisect between 4.7 and 4.8 shows that the bug appeared with r189321 > (bug 52009). > > My test case has triggers the bug in more versions than Kerberos does: as > far as I can tell, Kerberos was unaffected until r192604. Thanks - that pin-points it. tail-merging concludes that <bb 3>: _11 = n_7->next; MEM[(struct head *)_10].first = _11; goto <bb 5>; and <bb 4>: _13 = n_7->next; _10->next = _13; are equivalent. But they are not - the stores are performed using different alias sets. Note that the actual miscompile happens during RTL instruction scheduling. In 4.9 and trunk tail-merging is faced with <bb 3>: _11 = n_7->next; MEM[(struct head *)&heads][k.1_8].first = _11; goto <bb 5>; <bb 4>: _13 = n_7->next; _10->next = _13; instead but I bet the issue is still there. So it simply does (on the 4.8 branch): case GIMPLE_ASSIGN: lhs1 = gimple_get_lhs (s1); lhs2 = gimple_get_lhs (s2); if (TREE_CODE (lhs1) != SSA_NAME && TREE_CODE (lhs2) != SSA_NAME) return (vn_valueize (gimple_vdef (s1)) == vn_valueize (gimple_vdef (s2))); which shows that we value-number the VDEFs the same. IMHO VDEF value-numbering is dangerous here. I have a patch.