This bug was found by Edwin's fuzzing efforts on RISC-V, though it
likely affects other targets.
In simplest terms when ext-dce converts an extension into a (possibly
simplified) subreg copy it may make an attached REG_EQUAL note invalid.
In the case Edwin found the note was an extension, but I don't think
that would necessarily always be the case. The note could have other
forms which potentially need invalidation. So the safest thing to do is
just remove any attached REG_EQUAL or REG_EQUIV note.
Note adjusting Edwin's testcase in the obvious way to avoid having to
interpret printf output for pass/fail status makes the bug go latent.
That's why no testcase is included with this patch.
Bootstrapped and regression tested on x86_64. Obviously also verified
it fixes the testcase Edwin filed.
This is a good candidate for cherry-picking to the gcc-15 release branch
after simmering on the trunk a bit.
Jeff
commit 34e1e5e33ec3eb475c0c8278800b6fc246a86763
Author: Jeff Law <j...@ventanamicro.com>
Date: Sun Jun 22 12:06:08 2025 -0600
[committed][PR rtl-optimization/120550] Drop REG_EQUAL note after ext-dce
transformation
This bug was found by Edwin's fuzzing efforts on RISC-V, though it likely
affects other targets.
In simplest terms when ext-dce converts an extension into a (possibly
simplified) subreg copy it may make an attached REG_EQUAL note invalid.
In the case Edwin found the note was an extension, but I don't think that
would
necessarily always be the case. The note could have other forms which
potentially need invalidation. So the safest thing to do is just remove any
attached REG_EQUAL or REG_EQUIV note.
Note adjusting Edwin's testcase in the obvious way to avoid having to
interpret
printf output for pass/fail status makes the bug go latent. That's why no
testcase is included with this patch.
Bootstrapped and regression tested on x86_64. Obviously also verified it
fixes
the testcase Edwin filed.
This is a good candidate for cherry-picking to the gcc-15 release branch
after
simmering on the trunk a bit.
PR rtl-optimization/120550
gcc/
* ext-dce.cc (ext_dce_try_optimize_insn): Drop REG_EQUAL/REG_EQUIV
notes on modified insns.
diff --git a/gcc/ext-dce.cc b/gcc/ext-dce.cc
index aa80c0483d6..b1d5ee4b36c 100644
--- a/gcc/ext-dce.cc
+++ b/gcc/ext-dce.cc
@@ -442,6 +442,11 @@ ext_dce_try_optimize_insn (rtx_insn *insn, rtx set)
print_rtl_single (dump_file, new_pattern);
fprintf (dump_file, "\n");
}
+
+ /* INSN may have a REG_EQUAL note indicating that the value was
+ sign or zero extended. That note is no longer valid since we've
+ just removed the extension. Just wipe the notes. */
+ remove_reg_equal_equiv_notes (insn, true);
}
else
{
