https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102155
Bug ID: 102155
Summary: LIM fill_always_executed_in handles contains_call
incorrectly
Product: gcc
Version: 12.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: rguenth at gcc dot gnu.org
Target Milestone: ---
fill_always_executed_in walks loop bodies in dominator order
(get_loop_body_in_dom_order) but that does not run into BB3 before marking BB4
as always executed:
do
{
BB1:
if (x)
BB2:
if (y)
BB3:
bar();
BB4;
}
while (++i < n);
the dominator children of BB1 are BB2 and BB4, BB3 with the call to bar()
is only a dominator child of BB2.
Since LIM gives up on "unanalyzable" refs like calls a testcase that is
miscompiled is a bit difficult to construct - it requires a 'pure' (or const)
call but whether it's valid for those to exit the program could be subject
to discussion. The following uses a looping const function to show the
effect and the testcase segfaults with -O1+ while it runs into the infinite
loop at -O0. Note we'd technically need to set looping_const but there's
now way to do this and with just -fno-inline and letting IPA figure out
looping-const dominator children are ordered in a "lucky" way for
fill_sons_in_loop to compute an order that happens to work.
extern void abort (void);
int flag[32];
int __attribute__((noinline,const)) bar (int i) { if (i) return i; while (1); }
int __attribute__((noipa)) foo (int *p, int n)
{
int i = 0, res = 0;
do
{
if (!flag[i])
{
if (i % 3 == 0)
res += bar (i);
else
res++;
}
res += *p;
}
while (++i < n);
return res;
}
int main()
{
if (foo ((int *)0, 5) != 0)
abort ();
return 0;
}
