From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugs-return-378816-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 11634 invoked by alias); 5 Jan 2012 10:00:53 -0000
Received: (qmail 11623 invoked by uid 22791); 5 Jan 2012 10:00:52 -0000
X-SWARE-Spam-Status: No, hits=-2.9 required=5.0	tests=ALL_TRUSTED,AWL,BAYES_00
X-Spam-Check-By: sourceware.org
Received: from localhost (HELO gcc.gnu.org) (127.0.0.1)    by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Thu, 05 Jan 2012 10:00:39 +0000
From: "rguenth at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug tree-optimization/51759] [4.5 Regression] miscompile writes past end of bitfield
Date: Thu, 05 Jan 2012 10:00:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: tree-optimization
X-Bugzilla-Keywords: wrong-code
X-Bugzilla-Severity: normal
X-Bugzilla-Who: rguenth at gcc dot gnu.org
X-Bugzilla-Status: NEW
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: 4.5.4
X-Bugzilla-Changed-Fields: Status Known to work Keywords Last reconfirmed Component CC Ever Confirmed Summary Target Milestone
Message-ID: <bug-51759-4-3hJqFyH9sj@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-51759-4@http.gcc.gnu.org/bugzilla/>
References: <bug-51759-4@http.gcc.gnu.org/bugzilla/>
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
Content-Type: text/plain; charset="UTF-8"
MIME-Version: 1.0
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
X-SW-Source: 2012-01/txt/msg00491.txt.bz2

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51759

Richard Guenther <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |NEW
      Known to work|                            |4.4.6, 4.6.0
           Keywords|                            |wrong-code
   Last reconfirmed|                            |2012-01-05
          Component|c++                         |tree-optimization
                 CC|                            |jamborm at gcc dot gnu.org
     Ever Confirmed|0                           |1
            Summary|miscompile writes past end  |[4.5 Regression] miscompile
                   |of bitfield                 |writes past end of bitfield
   Target Milestone|---                         |4.5.4

--- Comment #3 from Richard Guenther <rguenth at gcc dot gnu.org> 2012-01-05 10:00:37 UTC ---
It's a bug in IPA-SRA that creates non-mode-size stores:

void llvm::Type::_ZN4llvm4Type15setSubclassDataEj.clone.1(unsigned int:24*,
unsigned int) (<unnamed-unsigned:24> * ISRA.6, unsigned int val)
{
...
<bb 2>:
  D.87358_2 = (<unnamed-unsigned:24>) val_1(D);
  *ISRA.6_8(D) = D.87358_2;

I think this has been fixed in 4.6 (not on the 4.5 branch though) which
no longer performs this substitution.  You can work around this using
-fno-ipa-sra.

The following is a simplified testcase:

extern "C" void abort (void);
struct S
{
  void __attribute__((noinline)) set(unsigned val)
    {
      data = val;
      if (data != val)
        abort ();
    }
  int pad0;
  unsigned pad1 : 8;
  unsigned data : 24;
  int pad2;
};
int main()
{
  S s;
  s.pad2 = -1;
  s.set(0);
  if (s.pad2 != -1)
    abort ();
}

Where 4.6 says:

Candidate (2069): this
! Disqualifying this - Encountered a bit-field access.

which hints at what needs backporting.

Martin?