From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id E8F653858D20; Sun, 20 Nov 2022 18:23:30 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org E8F653858D20 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1668968610; bh=aV3cxtsSHU0SDfq88DaHDQzEVQT+goaw3Sl+9HKg85M=; h=From:To:Subject:Date:In-Reply-To:References:From; b=sy1xfcV9V3dxFZRb+0BHA2u3DPmW4TmWIAzjI3ZQ4PZJ0rRBqfnjow8nDL8yn4akE djjZRE+152AH9oLWF/7OMibs70rETKsN2t55cZ5A1TseVS7EXeEuv+Uojph0z2fX1w nLwqJBIy/ZLM+yj9+F/S7stqACN9bN/iTG0echuU= From: "pinskia at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug ipa/107769] [12/13 Regression] -flto with -Os/-O2/-O3 emitted code with gcc 12.x segfaults via mutated global in .rodata Date: Sun, 20 Nov 2022 18:23:30 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: ipa X-Bugzilla-Version: 12.2.0 X-Bugzilla-Keywords: lto, wrong-code X-Bugzilla-Severity: normal X-Bugzilla-Who: pinskia at gcc dot gnu.org X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: 12.3 X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: short_desc everconfirmed cf_known_to_fail bug_status target_milestone cf_reconfirmed_on cf_known_to_work Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D107769 Andrew Pinski changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|-flto with -Os/-O2/-O3 |[12/13 Regression] -flto |emitted code with gcc 12.x |with -Os/-O2/-O3 emitted |segfaults via mutated |code with gcc 12.x |global in .rodata |segfaults via mutated | |global in .rodata Ever confirmed|0 |1 Known to fail| |12.1.0, 13.0 Status|UNCONFIRMED |NEW Target Milestone|--- |12.3 Last reconfirmed| |2022-11-20 Known to work| |11.1.0 --- Comment #1 from Andrew Pinski --- Confirmed, reduced further, removing malloc and changing srand into a funct= ion inside the TU (with noipa attribute): [[gnu::noipa]] void hjj (unsigned int lk) { (void)lk; } void nn(int i, int n); [[gnu::noinline]] int ll(void) { return 1; } void hh(int* dest, int src) { if (!ll() && !src) hjj(100); (*dest) =3D 1; } void gg(int* result, int x) { if (x >=3D 0) return; int xx; xx =3D *result; hh(result, ll()); if (xx >=3D *result) nn(xx, *result); } void nn(int i, int n) { int T8_; if (n < 0) __builtin_exit(0); T8_ =3D 0; gg(&T8_, i); __builtin_exit(0); } void kk(int* x, int i) { hh(x, ll()); if (i < 0 || i >=3D *x) nn(i,*x); } int g__r_1 =3D 0; int main() { kk(&g__r_1, 0); return 0; }=