Found by Sven Hartrumpf. The following program will segfault:

(define (test-it)
  (let loop ((done #f))
    (if done
        (cons  (or (read) 0.0) (loop #t)))))

(print (test-it))

When run with a DEBUGBUILD CHICKEN, you'll see it fails with a nice panic due to a low-level assertion error triggered by a C_flonum_magnitude call when you enter a fixnum:

[panic] Low-level type assertion C_blockp((C_word)C_VAL1(C__PREV_TMPST.n1))=#t failed at test.c:176 - execution terminated

Generated code failing:

/* k150 in loop in test-it in k131 in k128 in k125 */
static void C_ccall f_152(C_word c,C_word *av){
C_word tmp;
C_word t0=av[0];
C_word t1=av[1];
C_word t2;
C_word t3;
C_word t4;
double f0;
C_word *a;
C_save_and_reclaim((void *)f_152,2,av);}
f0=C_flonum_magnitude((C_truep(t1)?t1:lf[1])); /// <--- offending code
C_trace(C_text("test.scm:5: loop"));

Most likely introduced by 79cf7427638eebf695f2be54731bb6bbf4d0fff2.

ALSO: In the generated code in this case, it unboxes and immediately boxes the flonum. There's no operation in between, so that's wasteful.

It only makes sense with >1 operations (though with exactly 1 it should be okay too but adds no perf improvement)

Estimated difficulty: medium

The offending code seems to be lfa2.scm:349, the rule for walking if/##core#cond nodes. The result type is always taken from the 2nd branch, but should instead be the union of the result types of both branches.

AFAICT, the transformation in this pass doesn't create redundant boxing. I think, in this particular example the pointless boxing/unboxing is an artifact of the completely wrong type computed by walking the conditional.

Fixed by 9413c4bf1b4b0c95e60ba12e082f4e03b4c0f8ef

