https://gcc.gnu.org/bugzilla/show_bug.cgi?id=124351
Bug ID: 124351
Summary: valgrind "Conditional jump or move depends on
uninitialised" in bitmap_bit_in_range_p with
-favoid-store-forwarding
Product: gcc
Version: 16.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: rtl-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: zsojka at seznam dot cz
Target Milestone: ---
Host: x86_64-pc-linux-gnu
Target: x86_64-pc-linux-gnu
Created attachment 63818
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=63818&action=edit
reduced testcase
The original problem is that the code generated with -masm=att and -masm=intel
differs:
$ x86_64-pc-linux-gnu-gcc -Og -favoid-store-forwarding
--param=store-forwarding-max-distance=289 -funswitch-loops testcase.c -c
-Wno-psabi
$ objdump -S testcase.o > att.S
$ x86_64-pc-linux-gnu-gcc -Og -favoid-store-forwarding
--param=store-forwarding-max-distance=289 -funswitch-loops testcase.c -c
-Wno-psabi -masm=intel
$ objdump -S testcase.o > intel.S
$ diff -u att.S intel.S
--- att.S 2026-03-03 20:27:12.097201050 +0100
+++ intel.S 2026-03-03 20:28:56.146806784 +0100
@@ -14,360 +14,417 @@
c: 53 push %rbx
d: 48 83 e4 c0 and $0xffffffffffffffc0,%rsp
11: 48 83 ec 48 sub $0x48,%rsp
- 15: 48 89 f9 mov %rdi,%rcx
- 18: 48 8b 35 00 00 00 00 mov 0x0(%rip),%rsi # 1f <foo+0x1f>
- 1f: 48 8b 3d 00 00 00 00 mov 0x0(%rip),%rdi # 26 <foo+0x26>
+ 15: 49 89 fd mov %rdi,%r13
+ 18: 48 8b 0d 00 00 00 00 mov 0x0(%rip),%rcx # 1f <foo+0x1f>
+ 1f: 48 8b 1d 00 00 00 00 mov 0x0(%rip),%rbx # 26 <foo+0x26>
26: b8 00 00 00 00 mov $0x0,%eax
2b: 48 83 7c c5 10 00 cmpq $0x0,0x10(%rbp,%rax,8)
- 31: 0f 84 17 05 00 00 je 54e <foo+0x54e>
+ 31: 0f 84 10 06 00 00 je 647 <foo+0x647>
...
This might be caused by the use of uninitialised value:
$ x86_64-pc-linux-gnu-gcc -Og -favoid-store-forwarding
--param=store-forwarding-max-distance=289 -funswitch-loops testcase.c -c
-Wno-psabi -wrapper valgrind,-q,--track-origins=yes
==8668== Conditional jump or move depends on uninitialised value(s)
==8668== at 0x2D327F0: bitmap_bit_in_range_p(simple_bitmap_def const*,
unsigned int, unsigned int, bool) (sbitmap.cc:356)
==8668== by 0x2D3409D: bitmap_all_bits_in_range_p(simple_bitmap_def const*,
unsigned int, unsigned int) (sbitmap.cc:390)
==8668== by 0x1638170: process_store_forwarding
(avoid-store-forwarding.cc:187)
==8668== by 0x1638170: (anonymous
namespace)::store_forwarding_analyzer::avoid_store_forwarding(basic_block_def*)
(avoid-store-forwarding.cc:677)
==8668== by 0x1639381: (anonymous
namespace)::pass_rtl_avoid_store_forwarding::execute(function*)
(avoid-store-forwarding.cc:729)
==8668== by 0x14E33EF: execute_one_pass(opt_pass*) (passes.cc:2656)
==8668== by 0x14E3CFF: execute_pass_list_1(opt_pass*) (passes.cc:2769)
==8668== by 0x14E3D11: execute_pass_list_1(opt_pass*) (passes.cc:2770)
==8668== by 0x14E3D38: execute_pass_list(function*, opt_pass*)
(passes.cc:2780)
==8668== by 0x105BFB8: expand (cgraphunit.cc:1874)
==8668== by 0x105BFB8: cgraph_node::expand() (cgraphunit.cc:1827)
==8668== by 0x105DE9A: expand_all_functions (cgraphunit.cc:2057)
==8668== by 0x105DE9A: symbol_table::compile() [clone .part.0]
(cgraphunit.cc:2435)
==8668== by 0x1060782: compile (cgraphunit.cc:2345)
==8668== by 0x1060782: symbol_table::finalize_compilation_unit()
(cgraphunit.cc:2626)
==8668== by 0x1644D22: compile_file() (toplev.cc:482)
==8668== Uninitialised value was created by a heap allocation
==8668== at 0x4849844: malloc (vg_replace_malloc.c:447)
==8668== by 0x2DD618B: xmalloc (xmalloc.c:149)
==8668== by 0x2D33D29: sbitmap_alloc(unsigned int) (sbitmap.cc:51)
==8668== by 0x1637BF7: auto_sbitmap (sbitmap.h:306)
==8668== by 0x1637BF7: process_store_forwarding
(avoid-store-forwarding.cc:179)
==8668== by 0x1637BF7: (anonymous
namespace)::store_forwarding_analyzer::avoid_store_forwarding(basic_block_def*)
(avoid-store-forwarding.cc:677)
==8668== by 0x1639381: (anonymous
namespace)::pass_rtl_avoid_store_forwarding::execute(function*)
(avoid-store-forwarding.cc:729)
==8668== by 0x14E33EF: execute_one_pass(opt_pass*) (passes.cc:2656)
==8668== by 0x14E3CFF: execute_pass_list_1(opt_pass*) (passes.cc:2769)
==8668== by 0x14E3D11: execute_pass_list_1(opt_pass*) (passes.cc:2770)
==8668== by 0x14E3D38: execute_pass_list(function*, opt_pass*)
(passes.cc:2780)
==8668== by 0x105BFB8: expand (cgraphunit.cc:1874)
==8668== by 0x105BFB8: cgraph_node::expand() (cgraphunit.cc:1827)
==8668== by 0x105DE9A: expand_all_functions (cgraphunit.cc:2057)
==8668== by 0x105DE9A: symbol_table::compile() [clone .part.0]
(cgraphunit.cc:2435)
==8668== by 0x1060782: compile (cgraphunit.cc:2345)
==8668== by 0x1060782: symbol_table::finalize_compilation_unit()
(cgraphunit.cc:2626)
==8668==
...
$ x86_64-pc-linux-gnu-gcc -v
Using built-in specs.
COLLECT_GCC=/repo/gcc-trunk/binary-latest-amd64/bin/x86_64-pc-linux-gnu-gcc
COLLECT_LTO_WRAPPER=/repo/gcc-trunk/binary-trunk-20260303154708-r16-7870-g41a533a85aaabe-checking-yes-rtl-df-extra-nobootstrap-amd64/bin/../libexec/gcc/x86_64-pc-linux-gnu/16.0.1/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /repo/gcc-trunk//configure --enable-languages=c,c++
--enable-valgrind-annotations --disable-nls --enable-checking=yes,rtl,df,extra
--disable-bootstrap --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu
--target=x86_64-pc-linux-gnu --with-ld=/usr/bin/x86_64-pc-linux-gnu-ld
--with-as=/usr/bin/x86_64-pc-linux-gnu-as --enable-libsanitizer
--disable-libstdcxx-pch
--prefix=/repo/gcc-trunk//binary-trunk-20260303154708-r16-7870-g41a533a85aaabe-checking-yes-rtl-df-extra-nobootstrap-amd64
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 16.0.1 20260303 (experimental) (GCC)
