https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91185
Bug ID: 91185
Summary: -Og miscompiles code causing runtime segfault
Product: gcc
Version: 7.4.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: regression
Assignee: unassigned at gcc dot gnu.org
Reporter: david.bolvansky at gmail dot com
Target Milestone: ---
tVar *eval(tVar *op)
{
if (unlikely(op == NULL))
return NULL;
tVar *a = op->offset + frame_stack.top->frame->local;
switch (op->offset)
{
case CONSTANT:
return op;
default:
{
if (likely(a->initialized))
return a;
else
abort();
}
}
}
GCC 7.4 -Og
eval(tVar*):
test rdi, rdi
je .L4
mov rax, QWORD PTR frame_stack[rip]
mov rsi, QWORD PTR [rax]
mov edx, DWORD PTR [rdi+16]
movsx rax, edx
lea rcx, [rax+rax*2]
lea rax, [0+rcx*8]
lea rax, [rsi+16+rax]
cmp edx, -1
je .L5
cmp BYTE PTR [rax], 0
je .L9
.L1:
rep ret
.L9:
sub rsp, 8
call abort
.L4:
mov eax, 0
ret
.L5:
mov rax, rdi
jmp .L1
frame_stack:
.zero 16
GCC 7.4 -O1
eval(tVar*):
test rdi, rdi
je .L2
mov eax, DWORD PTR [rdi+16]
cmp eax, -1
je .L2
mov rdx, QWORD PTR frame_stack[rip]
mov rdx, QWORD PTR [rdx]
cdqe
lea rax, [rax+rax*2]
lea rdi, [rdx+16+rax*8]
cmp BYTE PTR [rdi], 0
je .L7
.L2:
mov rax, rdi
ret
.L7:
sub rsp, 8
call abort
frame_stack:
.zero 16
It seems -Og places the check
cmp edx, -1
je .L5
too late -> SEGFAULT
I have a segfault with GCC 7,8,9 on Intel Haswell. Looking at godbolt's output
for GCC 6.4, it is seems to be buggy too.
Godbolt: https://godbolt.org/z/m2yzDA
