https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646
--- Comment #22 from Martin Jambor <jamborm at gcc dot gnu.org> --- (In reply to Jan Hubicka from comment #18) > Jakub: There is indeed aliasing issue, but with -fno-strict-aliasing the bug > is the same. > > Apparently this is ipa-prop bug, because ipa-prop does not track size of > accesses and thus it does not know there is a mismatch. The value produced > is thus not INT_MAX as intended but 255. This is Martin's area. ipa-prop does not track accesses or their sizes, inlining predicate conditions do. Anyway, I checked the two places where access sizes need to be checked (i.e. ipcp_modif_dom_walker::before_dom_children in ipa-prop.c and evaluate_conditions_for_known_args in ipa-inline-analysis.c) and they actually are checked, with one exception causing this bug. The exception is evaluating IS_NOT_CONSTANT and CHANGED types of conditions in evaluate_conditions_for_known_args, which does not check access size for them because the size is not even tracked for them (for normal conditions, size is the size of the stored value to compare with). I suppose the easiest fix is to overload the value field to store the size of the access for these two codes and then add the missing check.
