https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121638
Bug ID: 121638
Summary: wrong code at -O3 with "-fno-tree-vrp
-fno-tree-scev-cprop" on x86_64-linux-gnu
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: zhendong.su at inf dot ethz.ch
Target Milestone: ---
Compiler Explorer: https://godbolt.org/z/Pqv5EPccK
Note:
- works: 15.2 and earlier
- fails: trunk
- -fno-tree-slsr and -fno-ivopts do not make it disappear
[802] % gcctk -v
Using built-in specs.
COLLECT_GCC=gcctk
COLLECT_LTO_WRAPPER=/local/home/suz/suz-local/software/local/gcc-trunk/bin/../libexec/gcc/x86_64-pc-linux-gnu/16.0.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: ../gcc-trunk/configure --disable-bootstrap
--enable-checking=yes --prefix=/local/suz-local/software/local/gcc-trunk
--enable-sanitizers --enable-languages=c,c++ --disable-werror --enable-multilib
Thread model: posix
Supported LTO compression algorithms: zlib
gcc version 16.0.0 20250821 (experimental) (GCC)
[803] %
[803] % gcctk -O3 small.c; ./a.out
[804] %
[804] % gcctk -O3 -fno-tree-vrp -fno-tree-scev-cprop small.c
[805] % ./a.out
Segmentation fault
[806] %
[806] % cat small.c
void *malloc(unsigned long size);
void free(void *ptr);
int a, b, f, j, i, *m, n, o, p = 1, q;
int c() {
int d = 0, *e = malloc(16 * sizeof 0);
a = 0;
for (; a < 16; a++)
e[d++] = a;
if (d != 16)
return 1;
a = 0;
for (; a < d; ++a)
;
free(e);
return 0;
}
unsigned g[] = {7, 4, 2044508324, 0, 1, 7, 1, 8, 6, 9, 0, 2, 2, 3, 1,
200000000};
int k(int l, int r[]) {
for (; q < l; q++) {
o = p ^ g[(p ^ r[q]) & 15];
p = o;
}
return o;
}
int main() {
f = c();
n = k(7, (int[]){j, 1, f, 0, 1, 0, i});
if (n <= 2000000000)
m[b] = 1;
return 0;
}
