From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 5641 invoked by alias); 29 Feb 2012 09:44:37 -0000 Received: (qmail 5632 invoked by uid 22791); 29 Feb 2012 09:44:36 -0000 X-SWARE-Spam-Status: No, hits=-2.8 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 X-Spam-Check-By: sourceware.org Received: from localhost (HELO gcc.gnu.org) (127.0.0.1) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 29 Feb 2012 09:44:21 +0000 From: "jakub at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug tree-optimization/52430] New: [4.4 Regression] firefox miscompilation Date: Wed, 29 Feb 2012 09:47:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: tree-optimization X-Bugzilla-Keywords: wrong-code X-Bugzilla-Severity: normal X-Bugzilla-Who: jakub at gcc dot gnu.org X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Message-ID: X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org X-SW-Source: 2012-02/txt/msg02772.txt.bz2 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52430 Bug #: 52430 Summary: [4.4 Regression] firefox miscompilation Classification: Unclassified Product: gcc Version: 4.4.6 Status: UNCONFIRMED Keywords: wrong-code Severity: normal Priority: P3 Component: tree-optimization AssignedTo: unassigned@gcc.gnu.org ReportedBy: jakub@gcc.gnu.org CC: hubicka@gcc.gnu.org, jamborm@gcc.gnu.org The following file is miscompiled on x86_64-linux with -quiet -fPIC -fno-rtti -pedantic -fno-exceptions -fstack-protector --param ssp-buffer-size=4 -m64 -mtune=generic -fpermissive -fno-exceptions -fno-strict-aliasing -fshort-wchar -ffunction-sections -fdata-sections -Os -freorder-blocks -fomit-frame-pointer -fpreprocessed dombindings.ii It was "fixed" or fixed for real, not clear, by a huge http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=147852 commit which I think is unlikely backportable, at least not in full. The problem seems to be in IPA-CP/IPA-* decisions, the growStorageBy method is called in several places in this TU with constant 1, so IPA-CP decides to clone things, but in the end clones just calculateNewCapacity (with implied lengthInc=1), but doesn't clone growStorageBy, eventhough the call to calculateNewCapacity from it call the clone that assumes lengthInc is 1. For that TU this isn't a problem, but growStorageBy is public linkonce function, and when mixing it with other TUs that call growStorageBy with other parameters, if this one wins, they ignore their last parameter and grow just by 1 instead of the desired amount. but ends up actually cloning just