http://gcc.gnu.org/bugzilla/show_bug.cgi?id=61009
Bug ID: 61009
Summary: Incorrect jump threading in dom
Product: gcc
Version: 4.10.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: tejohnson at google dot com
Created attachment 32709
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=32709&action=edit
t.C
We ran into a runtime failure that was tracked down to the jump threading
performed during the dom1 pass. I reproduced it with trunk (updated to
r209902).
I've attached a reduced test case. Build with:
g++ -fno-tree-vrp -O2 -std=c++11 -fno-strict-aliasing t.C -S
Unfortunately it isn't runnable, but the problem is apparent in the resulting
dumps/assembly.
The code initially looks like:
for (int j = 0; j < NKF ; ++j) {
int field_idx = idxs[j];
int cmp = doCmp(row_offset, field_idx);
fprintf (stderr, "cmp=%d\n",cmp);
if (cmp == 0) {
continue;
}
if (cmp > 0) {
is_different = true;
break;
} else {
fprintf (stderr, "Incorrect\n");
return false;
}
}
But after dom1 jump threading it looks something like:
for (int j = 0; j < NKF ; ++j) {
int field_idx = idxs[j];
int cmp = doCmp(row_offset, field_idx);
fprintf (stderr, "cmp=%d\n",cmp);
if (cmp == 0) {
goto L1
}
if (cmp > 0) {
is_different = true;
break;
} else {
ERROR:
fprintf (stderr, "Incorrect\n");
return false;
}
L1:
++j;
if (j >= NKF)
break;
field_idx = idxs[j];
cmp = doCmp(row_offset, field_idx);
fprintf (stderr, "cmp=%d\n",cmp);
if (cmp == 0) {
goto L1
}
goto ERROR
}
Notice that after threading, the duplicated code wrongly simplifies away the
check of "cmp > 0".
I've also attached the dom1 dump. The problematic jump thread is this one:
Registering jump thread: (14, 12) incoming edge; (12, 4) joiner; (4, 5)
nocopy;
Since some of these blocks (12 and 14) were created by the earlier dom
optimizations, I modified tree-ssa-threadupdate.c to dump the cfg when entering
thread_through_all_blocks. The attached dump includes that extra dump.
