From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 9926 invoked by alias); 4 Aug 2014 12:00:20 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org Received: (qmail 9816 invoked by uid 48); 4 Aug 2014 12:00:11 -0000 From: "rguenth at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug tree-optimization/62006] Bad code generation with -O3 (possibly due to -ftree-partial-pre) Date: Mon, 04 Aug 2014 12:00:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: tree-optimization X-Bugzilla-Version: 4.9.1 X-Bugzilla-Keywords: wrong-code X-Bugzilla-Severity: normal X-Bugzilla-Who: rguenth at gcc dot gnu.org X-Bugzilla-Status: ASSIGNED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: rguenth at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2014-08/txt/msg00184.txt.bz2 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62006 --- Comment #3 from Richard Biener --- It looks ok what PRE does (it's not really a partial partial redundancy but a full redundndancy). The bug also reproduces with -O2 -ftree-partial-pre. Disabling loop optimizations and cddce2 hides the bug. With PPRE enabled CDDCE2 removes the stores to D.46421.diff (again I see nothing wrong with doing that). Btw, this all happens in _M_range_initialize. (-fno-strict-aliasing fixes the bug as well). Note that I see stores as OffPtrBase to automatic objects: - MEM[(struct OffPtrBase *)&D.46421].diff = _70; and loads from OffPtr via this: _16 = &MEM[(struct OffPtr *)this_4(D)].D.43564; or remaining stores: MEM[(struct OffPtrBase *)this_4(D) + 16B].diff = iftmp.15_41; I also see: _74 = (sizetype) _47; iftmp.10_75 = &D.46429.D.43564 + _74; __last.3_77 = (long int) iftmp.10_75; __first.4_78 = (long int) &D.46430.D.43564; _79 = __last.3_77 - __first.4_78; which effectively subtracts two unrelated addresses of automatic objects (boooo - undefined behavior!) I think the testcase is simply bogus. Can you explain what the "fancy" pointers do? Disabling points-to analysis also "fixes" the testcase. Note that with points-to analysis you cannot reach any other object with offsetting the address of an object.