https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81785
Mikael Pettersson <mikpelinux at gmail dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mikpelinux at gmail dot com --- Comment #2 from Mikael Pettersson <mikpelinux at gmail dot com> --- Created attachment 41983 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=41983&action=edit simple test case Simpler test case that will __builtin_abort () when the bug hits rather than segfault. Problem seems to be that int * __attribute__((__noinline__, __noclone__)) foo(int x[]) { int k = INT_MIN; return &x[k - INT_MAX]; } becomes the bogus code foo: movabsq $-17179869180, %rax addq %rdi, %rax ret which returns a pointer to a large negative offset off x[], even though -fwrapv has been passed to gcc. The equivalent int * __attribute__((__noinline__, __noclone__)) bar(int x[]) { return &x[INT_MIN - INT_MAX]; } becomes the expected code bar: leaq 4(%rdi), %rax ret although gcc also emits an IMO unwarranted (since -fwrapv is present) warning pr81785.c: In function 'bar': pr81785.c:20:23: warning: integer overflow in expression of type 'int' results in '1' [-Woverflow] return &x[INT_MIN - INT_MAX]; Affects every single gcc since 3.x on x86_64 as far as I can tell.