https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116098
Bug ID: 116098
Summary: _Bool value from tagged union is incorrect when built
with -O1
Product: gcc
Version: 14.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: laria at laria dot me
Target Milestone: ---
Created attachment 58762
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=58762&action=edit
preprocessed test-O1.i
I have encountered a weird behavior that seems like a bug in GCC to me.
I have a tagged union representing either a number (int) or a boolean (_Bool)
and a function that determines the "truthyness" of the value (true for all
numbers, the boolean value for booleans).
When I use this on a number and then negate the result, I get the wrong result,
when I compile this with -O1, but the expected result when compiling with -O0
or -O2.
Additionally when I return from main with `return res ? 0 : 1;`, I get neither
0
nor 1 as the exit code, but I instead get 3. (Also only with -O1).
======= BEGIN test-O1.c =======
int puts(const char *);
struct Value {
enum ValueType {
VALUE_BOOLEAN,
VALUE_NUM,
} type;
union {
_Bool boolean;
int num;
void *blank[2];
};
};
static struct Value s_value;
static _Bool s_b;
_Bool
truthy(void)
{
struct Value value = s_value;
if (s_b) s_b = 0;
// Will not reproduce when using an if or a ternary ?: instead.
switch (value.type) {
case VALUE_BOOLEAN:
return value.boolean;
default:
return 1;
}
}
int
main(void)
{
s_b = 0;
s_value = (struct Value) {
.type = VALUE_NUM,
// Seems to "work" with any value >= 2.
// Tweak this number to get different return exit codes.
.num = 2,
};
s_value = (struct Value) {
.type = VALUE_BOOLEAN,
.boolean = !truthy(), // truthy should be 1, so .boolean=0
};
_Bool b = truthy();
puts(b ? "true" : "false"); // Should print "false", prints "true" instead
return b ? 0 : 1; // Should return 1, returns 3 instead
}
======= END test-O1.c =======
As far as I can tell, I don't rely on any undefined behavior here. I only
retrieve the value from the union with the member I used to write to it the
last
time, which I make sure of using the stored tag / type.
The preprocessed *.i file for this is also attached.
The full compilation command is:
gcc -Wall -Werror -Wextra -pedantic -std=c11 -fno-strict-aliasing -fwrapv \
-fno-aggressive-loop-optimizations -O1 test-O1.c
There are no compiler warnings / errors. The compiler exits successfully.
I'm running GCC on x86_64; GNU/Linux (6.9.8-200.fc40.x86_64; Fedora 40)
Compiling with -fsanitize=undefined does not produce runtime errors, but the
bug
then goes away.
Strangely enough a slightly less reduced source shows the same behavior, but
now
it only happens with -O2, not with -O1/-O0:
======= BEGIN test-O2.c =======
int puts(const char *);
struct Value {
enum ValueType {
VALUE_BOOLEAN,
VALUE_NUM,
} type;
union {
_Bool boolean;
int num;
void *blank[2];
};
};
static struct Value s_value;
static _Bool s_b;
static void
val_set(struct Value value)
{
s_b = 0;
s_value = value;
}
static struct Value
val_get(void)
{
struct Value value = s_value;
if (s_b) s_b = 0;
return value;
}
static _Bool
truthy(void)
{
struct Value value = val_get();
// Will not reproduce when using an if or a ternary ?: instead.
switch (value.type) {
case VALUE_BOOLEAN:
return value.boolean;
default:
return 1;
}
}
int
main(void)
{
s_b = 0;
val_set((struct Value) {
.type = VALUE_NUM,
// Seems to "work" with any value >= 2.
// Tweak this number to get different return exit codes.
.num = 2,
});
_Bool b1 = truthy(); // truthy should be 1
val_set((struct Value) {
.type = VALUE_BOOLEAN,
.boolean = !b1, // SHould be 0
});
_Bool b2 = truthy();
puts(b2 ? "true" : "false"); // Should print "false", prints "true" instead
return b2 ? 0 : 1; // Should return 1, returns 3 instead
}
======= END test-O2.c =======
I have tested this with ...
- ... the GCC that came on my Fedora 40 system: 14.1.1 20240701
(Red Hat 14.1.1-7)
- ... GCC built from the release tarball: 14.1.0 (GCC)
- ... GCC built from the current git trunk (commit 679086172b84be):
15.0.0 20240724
All these versions show this behavior.
The bug however does *not* appear in gcc 13.3.1 20240522 (Red Hat 13.3.1-1) on.
-------------------------
Here are the gcc -v outputs:
14.1.1 installed on my system (Fedora 40):
Using built-in specs.
COLLECT_GCC=/usr/bin/gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/14/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none:amdgcn-amdhsa
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-redhat-linux
Configured with: ../configure --enable-bootstrap
--enable-languages=c,c++,fortran,objc,obj-c++,ada,go,d,m2,lto --prefix=/usr
--mandir=/usr/share/man --infodir=/usr/share/info
--with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared
--enable-threads=posix --enable-checking=release --enable-multilib
--with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions
--enable-gnu-unique-object --enable-linker-build-id
--with-gcc-major-version-only --enable-libstdcxx-backtrace
--with-libstdcxx-zoneinfo=/usr/share/zoneinfo --with-linker-hash-style=gnu
--enable-plugin --enable-initfini-array
--with-isl=/builddir/build/BUILD/gcc-14.1.1-20240701/obj-x86_64-redhat-linux/isl-install
--enable-offload-targets=nvptx-none,amdgcn-amdhsa --enable-offload-defaulted
--without-cuda-driver --enable-gnu-indirect-function --enable-cet
--with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux
--with-build-config=bootstrap-lto --enable-link-serialization=1
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 14.1.1 20240701 (Red Hat 14.1.1-7) (GCC)
GCC 14.1.0 built from source
Using built-in specs.
COLLECT_GCC=/home/laria/local/gcc/usr/local/bin/gcc
COLLECT_LTO_WRAPPER=/home/laria/local/gcc/usr/local/bin/../libexec/gcc/x86_64-pc-linux-gnu/14.1.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: ./configure --disable-multilib
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 14.1.0 (GCC)
Current (well, yesterday's :) ) git trunk
(679086172b84be18c55fdbb9cda7e97806e7c083)
Using built-in specs.
COLLECT_GCC=/home/laria/src/gcc/build/install/usr/local/bin/gcc
COLLECT_LTO_WRAPPER=/home/laria/src/gcc/build/install/usr/local/bin/../libexec/gcc/x86_64-pc-linux-gnu/15.0.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: ../configure --disable-multilib --enable-languages=c
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 15.0.0 20240724 (experimental) (GCC)
