SUMMARY: egregious Sun optimizer bug

From: Jay Plett (jay@silence.princeton.nj.us)
Date: Sat Mar 07 1992 - 04:39:01 CST


Is it legal to summarize a question that was never asked?
I hope so; this case seems to me worth posting here.

Credit-where-credit-is-due department: Sun provided a patch
15 days after I first reported the problem to them.

One of my users found a bug in the Sun optimizer. The bug
can cause programs to perform incorrectly with no indication
of failure. The bug is present in all versions that I had
available for testing: Sun3, Sun4, SunOS 4.1.1 and 4.1.2,
bundled and unbundled compilers. I assume, but haven't
verified, that it will affect all Sun compilers that do
optimization (Fortran, Pascal?, others?). The Bug ID is
1074939. I wasn't given a patch number. The patches for
each version mentioned above (consisting of the executable
file "iropt") are available by ftp at princeton.edu in
 ~ftp/pub/sun-fixes/lang/iropt.tar.Z . Incidentally, the
bug is also present in older versions of gcc.

Arch: Sun3, Sun4
OS: 4.1.1, 4.1.2
Compilers: bundled, unbundled
                (unbundled tested on Sun4c only)

In the following program, the assignment "mhold = m" should
occur only if (p == 1), which is true only on the first
iteration of the outer loop. If the program is compiled with
-O, the value of mhold follows that of m, although the
assignment is reached only once. The behavior can be further
illustrated by using various constants for loop conditions.

The program:

---
#include <stdio.h>

main() { int m, n, p; int mhold; int clunk;

#ifdef NOBUG clunk = &mhold - &m; #endif p = 1; for (m = 1; m <= 2; m++) for (n = 1; n <= 2; n++, p++) { if (p == 1) { mhold = m; printf("(p==1)"); } printf("\tp=%d, mhold=%d, m=%d\n", p, mhold, m); } } --- The results (correct in all but the first case): --- <flux> cc -O bug.c <flux> a.out (p==1) p=1, mhold=1, m=1 p=2, mhold=1, m=1 p=3, mhold=2, m=2 p=4, mhold=2, m=2 <flux> cc bug.c <flux> a.out (p==1) p=1, mhold=1, m=1 p=2, mhold=1, m=1 p=3, mhold=1, m=2 p=4, mhold=1, m=2 <flux> cc -O -DNOBUG bug.c <flux> a.out (p==1) p=1, mhold=1, m=1 p=2, mhold=1, m=1 p=3, mhold=1, m=2 p=4, mhold=1, m=2



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:38 CDT