[llvm-bugs] [Bug 44512] New: Wrong optimization: instability of uninitialized variables leads to nonsense

via llvm-bugs llvm-bugs at lists.llvm.org
Fri Jan 10 10:42:05 PST 2020 

https://bugs.llvm.org/show_bug.cgi?id=44512

            Bug ID: 44512
           Summary: Wrong optimization: instability of uninitialized
                    variables leads to nonsense
           Product: new-bugs
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: new bugs
          Assignee: unassignedbugs at nondot.org
          Reporter: ch3root at openwall.com
                CC: htmldeveloper at gmail.com, llvm-bugs at lists.llvm.org

Epigraph: "To put it another way, if I have a comparison that gives one answer
to some observers and other answers to other observers, there may be nothing
that prevents that logical contradiction from infecting the remainder of the
execution." Hal Finkel, bug 34548, comment 77.

Uninitialized variables have unstable values which leads to nonsense:

----------------------------------------------------------------------
#include <stdio.h>

void f(unsigned char x, unsigned char y)
{
    if (y == x)
        printf("x = %u\n", x);
}

int main()
{
    unsigned char x = 1;
    unsigned char y; // no trap representation possible
    (void)&y; // disarm C11, 6.3.2.1p2

    f(x, y);
}
----------------------------------------------------------------------
$ clang -std=c11 -Wall -O3 test.c && ./a.out
x = 0
----------------------------------------------------------------------
clang x86-64 version: clang version 10.0.0
(https://github.com/llvm/llvm-project.git
cdd05f2aea3b950a4e2c496175117e6b47b2a050)
----------------------------------------------------------------------

This example uses conditional equivalence propagation to demonstrate the effect
but the problem is not limited to it in any way.

There two aspects here:

1) according to my reading of C11 this program doesn't invoke UB and should
either print the right value or not print anything at all (and AFAIR various
changes proposed for handling uninitialized variables don't change this given
that no trap representation is possible here);
2) IIUC the definition of undef in LLVM is supposed to guarantee the same
result as C11 here.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20200110/6916f9cd/attachment.html>

More information about the llvm-bugs mailing list