https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115527
--- Comment #6 from qinzhao at gcc dot gnu.org ---
This is a bug in gimple-fold.cc, when folding __builtin_clear_padding.
The problematic code is in the routine "clear_padding_type" when the TYPE is
ARRAY_TYPE.
/* For sufficiently large array of more than one elements,
emit a runtime loop to keep code size manageable. */
After emitting the loop to clear the padding for the array. the data structure
"buf"'s field "size" is not updated correctly to reflect the already done
padding clearing for the whole object.
As a result, the padding clearing after this array field is done incorrectly.
the following patch fixed the issue:
diff --git a/gcc/gimple-fold.cc b/gcc/gimple-fold.cc
index 7c534d56bf1..2b2bebf56f4 100644
--- a/gcc/gimple-fold.cc
+++ b/gcc/gimple-fold.cc
@@ -4815,6 +4815,7 @@ clear_padding_type (clear_padding_struct *buf, tree type,
unsigned int prev_align = buf->align;
HOST_WIDE_INT off = buf->off + buf->size;
HOST_WIDE_INT prev_sz = buf->sz;
+ HOST_WIDE_INT prev_size = buf->size;
clear_padding_flush (buf, true);
tree elttype = TREE_TYPE (type);
buf->base = create_tmp_var (build_pointer_type (elttype));
@@ -4835,8 +4836,8 @@ clear_padding_type (clear_padding_struct *buf, tree type,
buf->base = base;
buf->sz = prev_sz;
buf->align = prev_align;
- buf->size = off % UNITS_PER_WORD;
- buf->off = off - buf->size;
+ buf->size = prev_size + nelts * fldsz;
+ buf->off = 0;
memset (buf->buf, 0, buf->size);
break;
}
