https://gcc.gnu.org/bugzilla/show_bug.cgi?id=122809
Bug ID: 122809
Summary: bad code gen regression (maybe dangerious and
unoptimal)
Product: gcc
Version: 15.2.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: iphonefishiphonefish14 at gmail dot com
Target Milestone: ---
Created attachment 62881
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=62881&action=edit
gcc -O3 -save-temps -c cb.c
bug occurs on gcc 15.1 and 15.2 and 15.2.1 on -O2 and -O3. does not occur on
gcc 14 and below. Tested on gcc compilers on an unknown system and my gcc
compiler on arch linux.
Code gen is unoptimal and possibly clobbering the stack.
$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-pc-linux-gnu/15.2.1/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /build/gcc/src/gcc/configure
--enable-languages=ada,c,c++,d,fortran,go,lto,m2,objc,obj-c++,rust,cobol
--enable-bootstrap --prefix=/usr --libdir=/usr/lib --libexecdir=/usr/lib
--mandir=/usr/share/man --infodir=/usr/share/info
--with-bugurl=https://gitlab.archlinux.org/archlinux/packaging/packages/gcc/-/issues
--with-build-config=bootstrap-lto --with-linker-hash-style=gnu
--with-system-zlib --enable-__cxa_atexit --enable-cet=auto
--enable-checking=release --enable-clocale=gnu --enable-default-pie
--enable-default-ssp --enable-gnu-indirect-function --enable-gnu-unique-object
--enable-libstdcxx-backtrace --enable-link-serialization=1
--enable-linker-build-id --enable-lto --enable-multilib --enable-plugin
--enable-shared --enable-threads=posix --disable-libssp --disable-libstdcxx-pch
--disable-werror
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 15.2.1 20251112 (GCC)
attached is the .i file. below is the writeup for the bug for those interested
but not needed to read.
bug occurs on gcc 15.1 and 15.2 on -O2 and -O3. does not occur on gcc 14 and
below.
#include <stdlib.h>
#include <string.h>
typedef struct a
{
char* b;
} a;
void c(a* t)
{
if(t->b)
free(t->b);
t->b = NULL;
}
produces bad gen on gcc 15 (also note possible stack clobber?) . anything less
produces good code.
bad gen:
c:
mov rax, rdi
mov rdi, QWORD PTR [rdi]
test rdi, rdi
je .L7
sub rsp, 24
mov QWORD PTR [rsp+8], rax
call free
mov rax, QWORD PTR [rsp+8]
mov QWORD PTR [rax], 0
add rsp, 24
ret
.L7:
mov QWORD PTR [rax], 0
ret
gcc 14 and below
c:
push rbx
mov rbx, rdi
mov rdi, QWORD PTR [rdi]
test rdi, rdi
je .L2
call free
.L2:
mov QWORD PTR [rbx], 0
pop rbx
ret
here is the full debug output infomation
$ gcc -O3 -fverbose-asm -S -o - cb.c
.file "cb.c"
# GNU C23 (GCC) version 15.2.1 20251112 (x86_64-pc-linux-gnu)
# compiled by GNU C version 15.2.1 20251112, GMP version 6.3.0, MPFR version
4.2.2, MPC version 1.3.1, isl version isl-0.27-GMP
# GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072
# options passed: -mtune=generic -march=x86-64 -O3
.text
.p2align 4
.globl c
.type c, @function
c:
.LFB11:
.cfi_startproc
movq %rdi, %rax # t, t
# cb.c:11: if(t->b)
movq (%rdi), %rdi # t_4(D)->b, _1
# cb.c:11: if(t->b)
testq %rdi, %rdi # _1
je .L7 #,
# cb.c:10: {
subq $24, %rsp #,
.cfi_def_cfa_offset 32
movq %rax, 8(%rsp) # t, %sfp
# cb.c:12: free(t->b);
call free@PLT #
movq 8(%rsp), %rax # %sfp, t
# cb.c:13: t->b = NULL;
movq $0, (%rax) #, t_4(D)->b
# cb.c:14: }
addq $24, %rsp #,
.cfi_def_cfa_offset 8
ret
.p2align 4,,10
.p2align 3
.L7:
# cb.c:13: t->b = NULL;
movq $0, (%rax) #, t_4(D)->b
ret
.cfi_endproc
.LFE11:
.size c, .-c
.ident "GCC: (GNU) 15.2.1 20251112"
.section .note.GNU-stack,"",@progbits
$
