http://gcc.gnu.org/PR20973

"gcc 4 (about RC1) miscompiles khtml, in fact something in CSS, which basically 
leads to all websites being misrendered.  I can't easily reduce the testcase, 
but have applied the whole preprocessed source of css/cssstyleselector.ii. 
 
It is to be compiled with g++ -O2 -fPIC -march=i586 -mtune=i686 
-fno-exceptions.  A more detailed analysis will follow, as we've found out 
some things already."

---

Subject: Bug 20973

CVSROOT:	/cvs/gcc
Module name:	gcc
Branch: 	gcc-4_0-branch
Changes by:	matz@gcc.gnu.org	2005-04-22 17:30:21

Modified files:
	gcc            : ChangeLog reload.c 

Log message:
	PR middle-end/20973
	* reload.c (push_reload, find_dummy_reload): Check for uninitialized
	pseudos.

Patches:
http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/ChangeLog.diff?cvsroot=gcc&only_with_tag=gcc-4_0-branch&r1=2.7592.2.177&r2=2.7592.2.178
http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/reload.c.diff?cvsroot=gcc&only_with_tag=gcc-4_0-branch&r1=1.268&r2=1.268.2.1

---

===================================================================
RCS file: /cvs/gcc/gcc/gcc/reload.c,v
retrieving revision 1.268
retrieving revision 1.268.2.1
diff -u -r1.268 -r1.268.2.1
--- gcc/gcc/reload.c	2005/02/24 22:06:06	1.268
+++ gcc/gcc/reload.c	2005/04/22 17:30:15	1.268.2.1
@@ -1520,7 +1520,7 @@
      But if there is no spilling in this block, that is OK.
      An explicitly used hard reg cannot be a spill reg.  */
 
-  if (rld[i].reg_rtx == 0 && in != 0)
+  if (rld[i].reg_rtx == 0 && in != 0 && hard_regs_live_known)
     {
       rtx note;
       int regno;
@@ -1534,6 +1534,11 @@
 	    && REG_P (XEXP (note, 0))
 	    && (regno = REGNO (XEXP (note, 0))) < FIRST_PSEUDO_REGISTER
 	    && reg_mentioned_p (XEXP (note, 0), in)
+	    /* Check that we don't use a hardreg for an uninitialized
+	       pseudo.  See also find_dummy_reload().  */
+	    && (ORIGINAL_REGNO (XEXP (note, 0)) < FIRST_PSEUDO_REGISTER
+		|| ! bitmap_bit_p (ENTRY_BLOCK_PTR->global_live_at_end,
+				   ORIGINAL_REGNO (XEXP (note, 0))))
 	    && ! refers_to_regno_for_reload_p (regno,
 					       (regno
 						+ hard_regno_nregs[regno]
@@ -1997,7 +2002,17 @@
 				is a subreg, and in that case, out
 				has a real mode.  */
 			     (GET_MODE (out) != VOIDmode
-			      ? GET_MODE (out) : outmode)))
+			      ? GET_MODE (out) : outmode))
+        /* But only do all this if we can be sure, that this input
+           operand doesn't correspond with an uninitialized pseudoreg.
+           global can assign some hardreg to it, which is the same as
+	   a different pseudo also currently live (as it can ignore the
+	   conflict).  So we never must introduce writes to such hardregs,
+	   as they would clobber the other live pseudo using the same.
+	   See also PR20973.  */
+      && (ORIGINAL_REGNO (in) < FIRST_PSEUDO_REGISTER
+          || ! bitmap_bit_p (ENTRY_BLOCK_PTR->global_live_at_end,
+			     ORIGINAL_REGNO (in))))
     {
       unsigned int regno = REGNO (in) + in_offset;
       unsigned int nwords = hard_regno_nregs[regno][inmode];