[Bug 1251169] [NEW] during compilation with -O2 a function call is moved to the wrong place
Public bug reported: OS: Ubuntu 12.04.3 LTS clang version: 3.0-6ubuntu3 In the attached code the function foo2 has a side effect on its second argument. So, despite the fact that value of v1 has been previously set to 0, foo1 sould return 0. But if this code was compiled with -O2 (or higher optimization level) foo1 returns 1. Decompilation shows that after optimization the call of foo2 is placed after the check (v1!=0). ** Affects: clang (Ubuntu) Importance: Undecided Status: New ** Tags: optimizer ** Attachment added: "Example code" https://bugs.launchpad.net/bugs/1251169/+attachment/3908688/+files/clang_bug.c -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1251169 Title: during compilation with -O2 a function call is moved to the wrong place To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clang/+bug/1251169/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250941] [NEW] optimization of a recursive function cause segmentation fault during execution (in very rare cases)
Public bug reported: OS: Ubuntu 12.04.3 LTS gcc version: 4.6.3-1ubuntu5 It's a modificated test case from gcc-4.6.3 testsuite (2412-2.c): int f(int a){ int x = (( & a)[(( a % 10) * ( a % 10)) % 10) > (((10 - ( a % 10)) * (10 - ( a % 10))) % 10))) * 314160879)]); if (x==0) return 1; return f(x-1); } int main(int argc,char **argv) { if (f (2) != 1) abort (); exit (0); } "( a % 10) * ( a % 10)) % 10) > (((10 - ( a % 10)) * (10 - ( a % 10))) % 10)))" is a predicate and always equal to 0. So "x" is actually equal to "a". As you can see this test should exit successfully, but if it was compiled with optimization (O2 and higher, O1 works fine) segmentation fault happens during execution. ** Affects: gcc-4.6 (Ubuntu) Importance: Undecided Status: New ** Tags: optimizer -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250941 Title: optimization of a recursive function cause segmentation fault during execution (in very rare cases) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gcc-4.6/+bug/1250941/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250904] [NEW] variable is optimized out by mistake
Public bug reported: OS: Ubuntu 12.04.3 LTS gcc version: 4.6.3-1ubuntu5 It's a modificated test case from gcc-4.6.3 testsuite (reassoc-11.c): int main(int a, int b, int c, int d){ int e = (a ^ b) ^ (c ^ d); int f = (c ^ a) ^ (b ^ d); return ( * ((int *)(((long unsigned ) & c) + (((long unsigned ) & e) - ((long unsigned ) & c)) * (f <= (~(f ^ (~((b << 2 | f << 2) - (( b | f) << 2) ^ f; } Those terrifying expression in braces should be evaluated to "e" ( "(f <= (~(f ^ (~((b << 2 | f << 2) - (( b | f) << 2))" is a predicate and always equal to 1) and so test should return 0. But if the optimization is applied (O1 and greater) test returns some other value. Decompilation shows that "e" and "f" are optimized out. "f" value is evaluated in place, but evaluation of "e" is also optimized out. Then expression in braces is evaluated to some garbage value (interesting that compiler handles somehow dereferencing of "e" even after it was optimized out). Example is quite exotic, but, in my opinion, reveals incorrect optimizer's behavior. ** Affects: gcc-4.6 (Ubuntu) Importance: Undecided Status: New ** Tags: optimizer ** Description changed: OS: Ubuntu 12.04.3 LTS gcc version: 4.6.3-1ubuntu5 It's a modificated test case from gcc-4.6.3 testsuite (reassoc-11.c): int main(int a, int b, int c, int d){ - int e = (a ^ b) ^ (c ^ d); - int f = (c ^ a) ^ (b ^ d); - return ( * ((int *)(((long unsigned ) & c) + (((long unsigned ) & e) - ((long unsigned ) & c)) * - (f <= (~(f ^ (~((b << 2 | f << 2) - (( b | f) << 2) ^ f; + int e = (a ^ b) ^ (c ^ d); + int f = (c ^ a) ^ (b ^ d); + return ( * ((int *)(((long unsigned ) & c) + (((long unsigned ) & e) - ((long unsigned ) & c)) * + (f <= (~(f ^ (~((b << 2 | f << 2) - (( b | f) << 2) ^ f; } Those terrifying expression in braces should be evaluated to "e" ( "(f <= (~(f ^ (~((b << 2 | f << 2) - (( b | f) << 2))" is a predicate and always equal to 1) and so test should return 0. But if the optimization is applied (O1 and greater) test returns some other value. Decompilation shows that "e" and "f" are optimized out. "f" value is evaluated in place, but evaluation of "e" is also optimized out. Then expression in braces is evaluated to some garbage value (interesting that compiler handles somehow dereferencing of "e" even after it was optimized out). Example is quite exotic, but, in my opinion, reveals incorrect optimizer's behavior. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250904 Title: variable is optimized out by mistake To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gcc-4.6/+bug/1250904/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250883] [NEW] Optimizer's mistake
Public bug reported: OS: Ubuntu 12.04.3 LTS gcc version: 4.6.3-1ubuntu5 It's a slightly modificated test case from gcc-4.6.3 testsuite (920612-1.c): int main(){ int a = 0; if ((int)((~0u) >> (1 + a))+1 > 0) abort(); exit(0); } It operates fine after compilation with -O0 or -O1 option (exit is executed), but changes behavior if compiled with -O2 or -O3 (abort is executed). Decompilation shows that optimizer reduces the code down to abort(); . Besides, if variable "a" is absent, bug is absent even with O3 optimization. So in simple case the optimizer takes into account the overflow, but misses it after a trivial change of the code. ** Affects: gcc-4.6 (Ubuntu) Importance: Undecided Status: New ** Tags: optimizer ** Description changed: OS: Ubuntu 12.04.3 LTS gcc version: 4.6.3-1ubuntu5 It's a slightly modificated test case from gcc-4.6.3 testsuite (920612-1.c): int main(){ - int a = 0; - if ((int)((~0u) >> (1 + a))+1 > 0) - abort(); - exit(0); + int a = 0; + if ((int)((~0u) >> (1 + a))+1 > 0) + abort(); + exit(0); } It operates fine after compilation with -O0 or -O1 option (exit is - executed), but changes behaiviour if compiled with -O2 or -O3 (abort is + executed), but changes behavior if compiled with -O2 or -O3 (abort is executed). Decompilation shows that optimizer reduces the code down to abort(); . Besides, if variable "a" is absent, bug is absent even with O3 optimization. So in simple case the optimizer takes into account the overflow, but misses it after a trivial change of the code. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250883 Title: Optimizer's mistake To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gcc-4.6/+bug/1250883/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs