From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id A291A3858C54; Wed, 24 May 2023 07:21:47 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A291A3858C54 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1684912907; bh=qqnXp3855bQIYtOtV1FRG0KflzwZKDwz/mV30qawkjA=; h=From:To:Subject:Date:In-Reply-To:References:From; b=SyCAuAiQBzT42qkO9ESbdHeafNJDpBtTmBkjkgDz9+yZBCO8/xdcw8KHdRSY6r6pv VepWmWmRPzRebCzU65oSNyYrkEWYNED1Yeon2kGPuP8KNg1wicJHj5kkAPPFBWb+n6 Qdg8FNowGKw9LvokyGvn2ai0umCpzkRutOCigkNI= From: "gjl at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug rtl-optimization/101188] [AVR] Miscompilation and function pointers Date: Wed, 24 May 2023 07:21:47 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: rtl-optimization X-Bugzilla-Version: 11.1.0 X-Bugzilla-Keywords: ra, wrong-code X-Bugzilla-Severity: normal X-Bugzilla-Who: gjl at gcc dot gnu.org X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cf_reconfirmed_on component cc keywords Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D101188 Georg-Johann Lay changed: What |Removed |Added ---------------------------------------------------------------------------- Last reconfirmed|2021-06-25 00:00:00 |2023-5-24 Component|target |rtl-optimization CC| |vmakarov at gcc dot gnu.org Keywords| |ra --- Comment #3 from Georg-Johann Lay --- With the test case from comment #2 $ avr-gcc fail1.c -save-temps -dp -dumpbase "" -mmcu=3Datmega128 -c -Os -da typedef __UINT8_TYPE__ uint8_t; typedef __UINT16_TYPE__ uint16_t; typedef __UINT32_TYPE__ uint32_t; typedef uint8_t (*fn1)(void *a); typedef void (*fn2)(void *a, const uint32_t *arg); struct S { uint8_t buffer[64]; uint16_t n; fn2 f2; void *a; fn1 f1; }; volatile uint16_t x; void foo (uint16_t); void __attribute__((noinline)) testfn (struct S *self) { uint32_t arg; foo (self->n); self->n++; self->f2 (self->a, &arg); self->buffer[0] =3D self->f1 (self->a); } For all what I can tell, this looks like a bug in the register allocator, n= ot a backend issue. Allow me to CC Vladimir. With current master 14.0.0 20230523 the .postreload dump shows that insn 14 uses HI:30, and insn 17 continues using HI:30. But for insn 15, reload provides scratch QI:31 which shreds the value in HI:30: (insn 14 13 44 2 (set (mem:HI (reg:HI 30 r30) [1 self_10(D)->n+0 S2 A8]) (reg:HI 24 r24 [56])) "fail1.c":28:12 101 {*movhi_split} (nil)) (insn 44 14 15 2 (set (reg/f:HI 14 r14 [58]) (reg/v/f:HI 16 r16 [orig:51 self ] [51])) "fail1.c":29:5 101 {*movhi_split} (nil)) (insn 15 44 16 2 (parallel [ (set (reg/f:HI 14 r14 [58]) (plus:HI (reg/f:HI 14 r14 [58]) (const_int 68 [0x44]))) (clobber (reg:QI 31 r31)) ]) "fail1.c":29:5 175 {addhi3_clobber} (nil)) (note 16 15 17 2 NOTE_INSN_DELETED) >>> Where is insn 45 ??? (insn 17 16 18 2 (set (reg/f:HI 30 r30 [60]) (plus:HI (reg/f:HI 30 r30 [60]) (const_int 2 [0x2]))) "fail1.c":29:9 165 {*addhi3_split} (nil)) In the .reload dump however, there is a move insn 45 that restores HI:30 af= ter the addhi3_clobber: ... (note 16 15 45 2 NOTE_INSN_DELETED) (insn 45 16 17 2 (set (reg/f:HI 30 r30 [60]) (reg/v/f:HI 16 r16 [orig:51 self ] [51])) "fail1.c":28:9 101 {*movhi_split} (nil)) (insn 17 45 18 2 (parallel [ (set (reg/f:HI 30 r30 [60]) (plus:HI (reg/f:HI 30 r30 [60]) (const_int 66 [0x42]))) (clobber (scratch:QI)) ]) "fail1.c":28:9 175 {addhi3_clobber} (nil))=