[13619] in Athena Bugs
NASTY C compiler bug gnu locker gcc AND 95q2.
daemon@ATHENA.MIT.EDU (Bill Cattey)
Thu Jun 29 19:16:27 1995
Date: Thu, 29 Jun 1995 19:14:06 -0400 (EDT)
From: Bill Cattey <wdc@MIT.EDU>
To: bugs@MIT.EDU, gnu@MIT.EDU, reidmp@MIT.EDU, watchmakers@MIT.EDU,
developers@MIT.EDU
Cc: yoav@MIT.EDU, tjm@MIT.EDU, proven@MIT.EDU
The following C program bug.c demonstrates a C compiler bug that is in
cygnus-95q2 and in gcc from the gnu locker.
In essence, gcc is botching an in-line division for pointer arithmetic.
The specific threshold that I have observed is when manipulating
pointers to structures of 24 bytes.
After the C program I include the assembler output from cygnus gcc 95q2
which botches the inline division.
After that assembler output, I include the output from cygnus gcc 94q2
which calls the div procedure.
I also ran (but don't include here) 2.6.3 from the athena gnu locker.
It too botches!
(Craig Fields points out that instead of dividing by 24, it multiplies
by 22369280.
----
Suggestion: DON'T use 2.6.3 or 95q2 until we know the scope of the
effect of this bug.
Reid: DONT BLOW AWAY cygnus 94q2!!!!!
-wdc
----gccbug.c ----
struct freehdr {
int word1;
int word2;
int word3;
int word4;
int word5;
int word6;
};
struct arenastate {
struct freehdr *arenastart;
struct freehdr *arenaend;
};
struct arenastate A;
addarena (min) {
int x;
x = (A.arenaend - A.arenastart)>>3;
}
---- gccbug.s gcc 95q2 botch ----
.file "gccbug.c"
.stabs "/mit/andydevo/build/sun4/cmu/overhead/malloc/",100,0,0,.LLtext0
.stabs "gccbug.c",100,0,0,.LLtext0
.section ".text"
.LLtext0:
.stabs "gcc2_compiled.", 0x3c, 0, 0, 0
.stabs "int:t1=r1;-2147483648;2147483647;",128,0,0,0
.stabs "char:t2=r2;0;127;",128,0,0,0
.stabs "long int:t3=r1;-2147483648;2147483647;",128,0,0,0
.stabs "unsigned int:t4=r1;0;-1;",128,0,0,0
.stabs "long unsigned int:t5=r1;0;-1;",128,0,0,0
.stabs "long long
int:t6=r1;01000000000000000000000;0777777777777777777777;",128,0,0,0
.stabs "long long unsigned
int:t7=r1;0000000000000;01777777777777777777777;",128,0,0,0
.stabs "short int:t8=r1;-32768;32767;",128,0,0,0
.stabs "short unsigned int:t9=r1;0;65535;",128,0,0,0
.stabs "signed char:t10=r1;-128;127;",128,0,0,0
.stabs "unsigned char:t11=r1;0;255;",128,0,0,0
.stabs "float:t12=r1;4;0;",128,0,0,0
.stabs "double:t13=r1;8;0;",128,0,0,0
.stabs "long double:t14=r1;16;0;",128,0,0,0
.stabs "complex int:t15=s8real:1,0,32;imag:1,32,32;;",128,0,0,0
.stabs "complex float:t16=r16;4;0;",128,0,0,0
.stabs "complex double:t17=r17;8;0;",128,0,0,0
.stabs "complex long double:t18=r18;16;0;",128,0,0,0
.stabs "void:t19=19",128,0,0,0
.stabs
"freehdr:T20=s24word1:1,0,32;word2:1,32,32;word3:1,64,32;word4:1,96,32;wo
rd5:1,128,32;word6:1,160,32;;",128,0,0,0
.stabs "arenastate:T21=s8arenastart:22=*20,0,32;arenaend:22,32,32;;",128,0,0,0
.align 4
.stabs "addarena:F1",36,0,17,addarena
.stabs "min:p1",160,0,17,68
.global addarena
.type addarena,#function
.proc 04
addarena:
.stabn 68,0,17,.LM1-addarena
.LM1:
!#PROLOGUE# 0
save %sp,-120,%sp
!#PROLOGUE# 1
st %i0,[%fp+68]
.stabn 68,0,18,.LM2-addarena
.LM2:
.LLBB2:
.stabn 68,0,19,.LM3-addarena
.LM3:
sethi %hi(A+4),%o0
sethi %hi(A),%o1
ld [%o0+%lo(A+4)],%o0
ld [%o1+%lo(A)],%o2
sub %o0,%o2,%o1
mov %o1,%o2
sll %o2,2,%o0
add %o0,%o1,%o0
sll %o0,4,%o1
add %o0,%o1,%o0
sll %o0,8,%o1
add %o0,%o1,%o0
sll %o0,16,%o1
add %o0,%o1,%o0
sub %g0,%o0,%o1
sra %o1,3,%o0
sra %o0,3,%o1
st %o1,[%fp-20]
.stabn 68,0,20,.LM4-addarena
.LM4:
.LLBE2:
.stabn 68,0,20,.LM5-addarena
.LM5:
.LL1:
ret
restore
.LLfe1:
.size addarena,.LLfe1-addarena
.stabs "x:1",128,0,18,-20
.stabn 192,0,0,.LLBB2-addarena
.stabn 224,0,0,.LLBE2-addarena
.stabs "A:G21",32,0,15,0
.common A,8,4
.ident "GCC: (GNU) 2.6-95q2"
-------- gccbug.s gcc 94q2 OK ------------
.file "gccbug.c"
.stabs "/mit/andydevo/build/sun4/cmu/overhead/malloc/",100,0,0,.LLtext0
.stabs "gccbug.c",100,0,0,.LLtext0
.section ".text"
.LLtext0:
.stabs "gcc2_compiled.", 0x3c, 0, 0, 0
.stabs "int:t1=r1;-2147483648;2147483647;",128,0,0,0
.stabs "char:t2=r2;0;127;",128,0,0,0
.stabs "long int:t3=r1;-2147483648;2147483647;",128,0,0,0
.stabs "unsigned int:t4=r1;0;-1;",128,0,0,0
.stabs "long unsigned int:t5=r1;0;-1;",128,0,0,0
.stabs "long long
int:t6=r1;01000000000000000000000;0777777777777777777777;",128,0,0,0
.stabs "long long unsigned
int:t7=r1;0000000000000;01777777777777777777777;",128,0,0,0
.stabs "short int:t8=r1;-32768;32767;",128,0,0,0
.stabs "short unsigned int:t9=r1;0;65535;",128,0,0,0
.stabs "signed char:t10=r1;-128;127;",128,0,0,0
.stabs "unsigned char:t11=r1;0;255;",128,0,0,0
.stabs "float:t12=r1;4;0;",128,0,0,0
.stabs "double:t13=r1;8;0;",128,0,0,0
.stabs "long double:t14=r1;16;0;",128,0,0,0
.stabs "complex int:t15=s8real:1,0,32;imag:1,32,32;;",128,0,0,0
.stabs "complex float:t16=r16;4;0;",128,0,0,0
.stabs "complex double:t17=r17;8;0;",128,0,0,0
.stabs "complex long double:t18=r18;16;0;",128,0,0,0
.stabs "void:t19=19",128,0,0,0
.stabs
"freehdr:T20=s24word1:1,0,32;word2:1,32,32;word3:1,64,32;word4:1,96,32;wo
rd5:1,128,32;word6:1,160,32;;",128,0,0,0
.stabs "arenastate:T21=s8arenastart:22=*20,0,32;arenaend:22,32,32;;",128,0,0,0
.align 4
.stabs "addarena:F1",36,0,17,addarena
.stabs "min:p1",160,0,17,68
.global addarena
.type addarena,#function
.proc 04
addarena:
.stabn 68,0,17,.LM1-addarena
.LM1:
!#PROLOGUE# 0
save %sp,-120,%sp
!#PROLOGUE# 1
st %i0,[%fp+68]
.stabn 68,0,18,.LM2-addarena
.LM2:
.LLBB2:
.stabn 68,0,19,.LM3-addarena
.LM3:
sethi %hi(A+4),%o0
sethi %hi(A),%o1
ld [%o0+%lo(A+4)],%o0
ld [%o1+%lo(A)],%o2
sub %o0,%o2,%o1
mov %o1,%o2
sll %o2,2,%o0
add %o0,%o1,%o0
sll %o0,4,%o1
add %o0,%o1,%o0
sll %o0,8,%o1
add %o0,%o1,%o0
sll %o0,16,%o1
add %o0,%o1,%o0
sub %g0,%o0,%o1
sra %o1,3,%o0
sra %o0,3,%o1
st %o1,[%fp-20]
.stabn 68,0,20,.LM4-addarena
.LM4:
.LLBE2:
.stabn 68,0,20,.LM5-addarena
.LM5:
.LL1:
ret
restore
.LLfe1:
.size addarena,.LLfe1-addarena
.stabs "x:1",128,0,18,-20
.stabn 192,0,0,.LLBB2-addarena
.stabn 224,0,0,.LLBE2-addarena
.stabs "A:G21",32,0,15,0
.common A,8,4
.ident "GCC: (GNU) 2.6-95q2"
