Daniel Berlin wrote: > On Thu, 2005-05-12 at 10:01 -0600, Zan Lynx wrote: > > I'm not subscribed to the list (please CC replies to me) and this isn't > > a real bug report, just a sort of quick check to see if its a known > > problem. > > > > When I compiled openssl-0.9.7g using -O3 and -ftree-loop-linear as > > CFLAGS, openssl failed its self-tests for the MD2 code. Interestingly, > > it succeeded at the tests for other algorithms. > > > > -ftree-loop-linear uses the dependence analyzer which has a number of > issues where it will claim things are legal that are not. > > You shouldn't expect -ftree-loop-linear to work on random code that you > don't know anything about :) > At least, not yet. > Hopefully these should be fixed in 4.1 > >
The loops that get interchanged are in the following function: static void md2_block(MD2_CTX *c, const unsigned char *d) { register unsigned int t,*sp1,*sp2; register int i,j; unsigned int state[48]; sp1=c->state; sp2=c->cksm; j=sp2[16 -1]; for (i=0; i<16; i++) { state[i]=sp1[i]; state[i+16]=t=d[i]; state[i+32]=(t^sp1[i]); j=sp2[i]^=S[t^j]; } t=0; for (i=0; i<18; i++) { for (j=0; j<48; j+=8) { t= state[j+ 0]^=S[t]; t= state[j+ 1]^=S[t]; t= state[j+ 2]^=S[t]; t= state[j+ 3]^=S[t]; t= state[j+ 4]^=S[t]; t= state[j+ 5]^=S[t]; t= state[j+ 6]^=S[t]; t= state[j+ 7]^=S[t]; } t=(t+i)&0xff; } memcpy(sp1,state,16*sizeof(unsigned int)); OPENSSL_cleanse(state,48*sizeof(unsigned int)); } It is failing on mainline with: md2_dgst.c: In function 'md2_block': md2_dgst.c:170: error: Definition in block 13 does not dominate use in block 9 for SSA_NAME: t_23 in statement: t_143 = PHI <t_23(9), 0(3)>; PHI argument t_23 for PHI node t_143 = PHI <t_23(9), 0(3)>; md2_dgst.c:170: internal compiler error: verify_ssa failed. after transformation in loop linear.