https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97821
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |INVALID
Status|ASSIGNED |RESOLVED
--- Comment #12 from Richard Biener <rguenth at gcc dot gnu.org> ---
Hmm, cvise reduced it to the following for me - clearly invalid in this case
since 'av' is no longer live at h = *n.
res[];
pos, h;
*n;
**aq_ay = &n;
main() {
{ int av = *aq_ay = &av; }
h = *n;
res[pos] = h;
__builtin_puts(res);
}
OK, so the original testcase has
for (; m <= 1; m++) {
int av = 0, k, aw = e && u, ax = aw || ag;
int **ay = &n;
...
for (; t <= 1; t++)
*ay = an(&au, &av);
e++;
}
which effectively does
n = &av;
and in the loop following that
for (; r >= 0;)
for (; ag <= 5;) {
...
h = *n;
}
that's invalid since 'av' is no longer live here.
-fsanitize=address shows this:
=================================================================
==24252==ERROR: AddressSanitizer: stack-use-after-scope on address
0x7fffffffdd20 at pc 0x000000401827 bp 0x7fffffffdca0 sp 0x7fffffffdc98
READ of size 4 at 0x7fffffffdd20 thread T0
#0 0x401826 in aq /tmp/t.c:173
#1 0x401ba3 in main /tmp/t.c:200
#2 0x7ffff6e4029c in __libc_start_main (/lib64/libc.so.6+0x3529c)
#3 0x400859 in _start (/tmp/a.out+0x400859)
meh, I only tried -fsanitize=undefined sofar :/
The symptom (bad stack slot sharing) is exactly what you'd expect from such
an error.
