https://gcc.gnu.org/bugzilla/show_bug.cgi?id=123022
Bug ID: 123022
Summary: [16 Regression] [RISCV] [Miscompile] GCC - riscv64
target, miscompiles at -O3 since
4e2a2d6ad2d1bfe1269bc78da4251814505eb42e
Product: gcc
Version: 16.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: target
Assignee: unassigned at gcc dot gnu.org
Reporter: skothadiya at whileone dot in
Target Milestone: ---
Created attachment 63002
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=63002&action=edit
Attached reduced testcase
Description:
The C code involve multiple for loops with operations and usage of long, char,
unsigned & int variables compiles correctly on x86_64 and produces the expected
output. However, when compiled for the riscv64 architecture, the resulting
binary yields an incorrect value. The expected output is 3326195747, but the
program returns 18446744073709551615. This miscompilation occurs specifically
with optimization enabled at levels -O3.
Compiler flags:
-march=rv64gcv_zvl512b -mrvv-vector-bits=zvl -O3
Reproduction Steps:
1. Compile the test case with GCC for riscv64 using the -O3 flag.
2. Execute the compiled binary.
3. Observe the output.
COMMANDS:
/mnt/data1/sujayk/CIFUZZR/riscv-gnu-toolchain-build/bin/riscv64-unknown-linux-gnu-gcc
-march=rv64gcv_zvl512b -mrvv-vector-bits=zvl -O3 red.c -o user-config.out
-fsigned-char -fno-strict-aliasing -fwrapv -Wno-unknown-warning-option -Werror
-Wfatal-errors -Wall -Wformat -Wno-int-in-bool-context -Wno-dangling-pointer
-Wno-compare-distinct-pointer-types -Wno-overflow -Wuninitialized
-Warray-bounds -Wreturn-type -Wno-unused-function -Wno-unused-variable
-Wno-unused-but-set-variable -Wno-unused-value -Wno-address -Wno-bool-compare
-Wno-pointer-sign -Wno-bool-operation -Wno-tautological-compare
-Wno-self-assign -Wno-implicit-const-int-float-conversion
-Wno-constant-conversion -Wno-unused-value
-Wno-tautological-constant-out-of-range-compare -Wno-constant-logical-operand
-Wno-parentheses-equality -Wno-pointer-sign
QEMU_CPU=rv64,vlen=512,rvv_ta_all_1s=true,rvv_ma_all_1s=true,v=true,vext_spec=v1.0,zve32f=true,zve64f=true
timeout --verbose -k 0.1 4
/mnt/data1/sujayk/CIFUZZR/riscv-gnu-toolchain-build/bin/qemu-riscv64
user-config.out 1
//Expected Output: 3326195747
//Actual Output: 18446744073709551615
-- testcase (red.c) --
int printf(const char *, ...);
unsigned e[2][2];
long a;
char c[2];
int main() {
long long b;
c[1] = 3;
for (unsigned h=0; h<2; h++)
for (int i=c[0]; i<5; i+=5)
for (int j=0; j<219; j++)
a = c[h] ? e[h][h] + 3326195747 : 0;
b = a;
printf("%llu\n", b);
}
The issue is Found via fuzzer.
