public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c++/33025] New: Wrong optimisation
@ 2007-08-08 17:46 theodore dot papadopoulo at sophia dot inria dot fr
2007-08-08 17:49 ` [Bug c++/33025] " theodore dot papadopoulo at sophia dot inria dot fr
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: theodore dot papadopoulo at sophia dot inria dot fr @ 2007-08-08 17:46 UTC (permalink / raw)
To: gcc-bugs
The attached code fails with gcc version 4.3.0 20070703 (experimental). It call
the alloc() function at each iteration producing a memory corruption. I get the
following trace.
grenade-> g++ /tmp/test.C
grenade-> ./a.out
2000
*** glibc detected *** ./a.out: double free or corruption (!prev):
0x0000000000502010 ***
======= Backtrace: =========
/lib64/libc.so.6[0x3d64a6d313]
/lib64/libc.so.6(__libc_free+0x84)[0x3d64a6d494]
./a.out(__gxx_personality_v0+0x3c0)[0x400c58]
./a.out[0x400e01]
./a.out(__gxx_personality_v0+0x2cf)[0x400b67]
/lib64/libc.so.6(__libc_start_main+0xf4)[0x3d64a1c784]
./a.out(_ZNSt8ios_base4InitD1Ev+0x51)[0x400909]
======= Memory map: ========
00400000-00402000 r-xp 00000000 08:02 6975782
/home/papadop/compiles/Odyssee++-linux-4.3-x86_64/Bins/DirInv/src/Q1Mesh/a.out
00501000-00502000 rw-p 00001000 08:02 6975782
/home/papadop/compiles/Odyssee++-linux-4.3-x86_64/Bins/DirInv/src/Q1Mesh/a.out
00502000-00523000 rw-p 00502000 00:00 0 [heap]
3d63d00000-3d63d1a000 r-xp 00000000 08:02 7292997
/lib64/ld-2.4.so
3d63e19000-3d63e1a000 r--p 00019000 08:02 7292997
/lib64/ld-2.4.so
3d63e1a000-3d63e1b000 rw-p 0001a000 08:02 7292997
/lib64/ld-2.4.so
3d64a00000-3d64b3f000 r-xp 00000000 08:02 7293004
/lib64/libc-2.4.so
3d64b3f000-3d64c3e000 ---p 0013f000 08:02 7293004
/lib64/libc-2.4.so
3d64c3e000-3d64c42000 r--p 0013e000 08:02 7293004
/lib64/libc-2.4.so
3d64c42000-3d64c43000 rw-p 00142000 08:02 7293004
/lib64/libc-2.4.so
3d64c43000-3d64c48000 rw-p 3d64c43000 00:00 0
3d64d00000-3d64d80000 r-xp 00000000 08:02 7293008
/lib64/libm-2.4.so
3d64d80000-3d64e7f000 ---p 00080000 08:02 7293008
/lib64/libm-2.4.so
3d64e7f000-3d64e80000 r--p 0007f000 08:02 7293008
/lib64/libm-2.4.so
3d64e80000-3d64e81000 rw-p 00080000 08:02 7293008
/lib64/libm-2.4.so
2aaaaaaab000-2aaaaaaac000 rw-p 2aaaaaaab000 00:00 0
2aaaaaad2000-2aaaaaad3000 rw-p 2aaaaaad2000 00:00 0
2aaaaaad3000-2aaaaabb8000 r-xp 00000000 08:02 3401368
/usr/local/gcc-4.3/lib64/libstdc++.so.6.0.9
2aaaaabb8000-2aaaaacb8000 ---p 000e5000 08:02 3401368
/usr/local/gcc-4.3/lib64/libstdc++.so.6.0.9
2aaaaacb8000-2aaaaacbf000 r--p 000e5000 08:02 3401368
/usr/local/gcc-4.3/lib64/libstdc++.so.6.0.9
2aaaaacbf000-2aaaaacc1000 rw-p 000ec000 08:02 3401368
/usr/local/gcc-4.3/lib64/libstdc++.so.6.0.9
2aaaaacc1000-2aaaaacd4000 rw-p 2aaaaacc1000 00:00 0
2aaaaacd4000-2aaaaace9000 r-xp 00000000 08:02 3401390
/usr/local/gcc-4.3/lib64/libgcc_s.so.1
2aaaaace9000-2aaaaade8000 ---p 00015000 08:02 3401390
/usr/local/gcc-4.3/lib64/libgcc_s.so.1
2aaaaade8000-2aaaaade9000 rw-p 00014000 08:02 3401390
/usr/local/gcc-4.3/lib64/libgcc_s.so.1
2aaaaade9000-2aaaaadeb000 rw-p 2aaaaade9000 00:00 0
2aaaaae00000-2aaaaae21000 rw-p 2aaaaae00000 00:00 0
2aaaaae21000-2aaaaaf00000 ---p 2aaaaae21000 00:00 0
7fffe7a74000-7fffe7a89000 rw-p 7fffe7a74000 00:00 0
[stack]
ffffffffff600000-ffffffffffe00000 ---p 00000000 00:00 0 [vdso]
Abort
As it can be seen the allocator has been called 2000 times instead of only
1000.
The same code on gcc version 4.3.0 20070528 (experimental) (though on
i686-pc-linux-gnu) does not behave the same way...
--
Summary: Wrong optimisation
Product: gcc
Version: 4.3.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c++
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: theodore dot papadopoulo at sophia dot inria dot fr
GCC build triplet: x86_64-unknown-linux-gnu
GCC host triplet: x86_64-unknown-linux-gnu
GCC target triplet: x86_64-unknown-linux-gnu
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33025
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/33025] Wrong optimisation
2007-08-08 17:46 [Bug c++/33025] New: Wrong optimisation theodore dot papadopoulo at sophia dot inria dot fr
@ 2007-08-08 17:49 ` theodore dot papadopoulo at sophia dot inria dot fr
2007-08-08 18:55 ` [Bug c++/33025] [4.3 Regression] Wrong calling of placement new with conditionals pinskia at gcc dot gnu dot org
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: theodore dot papadopoulo at sophia dot inria dot fr @ 2007-08-08 17:49 UTC (permalink / raw)
To: gcc-bugs
------- Comment #1 from theodore dot papadopoulo at sophia dot inria dot fr 2007-08-08 17:49 -------
Created an attachment (id=14043)
--> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=14043&action=view)
The piece of code that shows the problem.
One more note. The bug seems related to the placement new syntax. Without
placement new, I do not have the same behaviour.
I'll try to update my gcc version tomorrow to recheck this on both
architectures.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33025
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/33025] [4.3 Regression] Wrong calling of placement new with conditionals
2007-08-08 17:46 [Bug c++/33025] New: Wrong optimisation theodore dot papadopoulo at sophia dot inria dot fr
2007-08-08 17:49 ` [Bug c++/33025] " theodore dot papadopoulo at sophia dot inria dot fr
@ 2007-08-08 18:55 ` pinskia at gcc dot gnu dot org
2007-08-09 9:18 ` pinskia at gcc dot gnu dot org
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2007-08-08 18:55 UTC (permalink / raw)
To: gcc-bugs
------- Comment #2 from pinskia at gcc dot gnu dot org 2007-08-08 18:55 -------
data[i] = (i%2==0) ? new(alloc.value()) unsigned(2) :
new(alloc()) unsigned(1);
D.2395 = value (&alloc);
D.2367 = D.2395;
D.2396 = operator() (&alloc);
unsigned int * D.2367;
<<cleanup_point <<< Unknown tree: expr_stmt
(void) (D.2367 = value (&alloc)) >>>
>>;
unsigned int * D.2384;
<<cleanup_point <<< Unknown tree: expr_stmt
(void) (D.2384 = operator() (&alloc)) >>>
>>;
--
pinskia at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |pinskia at gcc dot gnu dot
| |org
Keywords| |wrong-code
Summary|Wrong optimisation |[4.3 Regression] Wrong
| |calling of placement new
| |with conditionals
Target Milestone|--- |4.3.0
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33025
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/33025] [4.3 Regression] Wrong calling of placement new with conditionals
2007-08-08 17:46 [Bug c++/33025] New: Wrong optimisation theodore dot papadopoulo at sophia dot inria dot fr
2007-08-08 17:49 ` [Bug c++/33025] " theodore dot papadopoulo at sophia dot inria dot fr
2007-08-08 18:55 ` [Bug c++/33025] [4.3 Regression] Wrong calling of placement new with conditionals pinskia at gcc dot gnu dot org
@ 2007-08-09 9:18 ` pinskia at gcc dot gnu dot org
2007-08-09 12:03 ` theodore dot papadopoulo at sophia dot inria dot fr
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2007-08-09 9:18 UTC (permalink / raw)
To: gcc-bugs
------- Comment #3 from pinskia at gcc dot gnu dot org 2007-08-09 09:18 -------
Because placement new is required to reproduce this bug and the front-end is
where the broken code happens already, then the patch to fix PR 29286 is the
cause.
The problem is in build_new_1 where we create a temp variable to hold the
placement variable is initialized with the value of the placement new which is
wrong as we don't get that initialization inside the conditional.
You can most likely reduce this testcase further using printf instead of cout
and saying if you call operator() too many times to abort.
--
pinskia at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ian at gcc dot gnu dot org
Status|UNCONFIRMED |NEW
Ever Confirmed|0 |1
GCC build triplet|x86_64-unknown-linux-gnu |
GCC host triplet|x86_64-unknown-linux-gnu |
GCC target triplet|x86_64-unknown-linux-gnu |
Last reconfirmed|0000-00-00 00:00:00 |2007-08-09 09:18:30
date| |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33025
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/33025] [4.3 Regression] Wrong calling of placement new with conditionals
2007-08-08 17:46 [Bug c++/33025] New: Wrong optimisation theodore dot papadopoulo at sophia dot inria dot fr
` (2 preceding siblings ...)
2007-08-09 9:18 ` pinskia at gcc dot gnu dot org
@ 2007-08-09 12:03 ` theodore dot papadopoulo at sophia dot inria dot fr
2007-08-10 1:02 ` mmitchel at gcc dot gnu dot org
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: theodore dot papadopoulo at sophia dot inria dot fr @ 2007-08-09 12:03 UTC (permalink / raw)
To: gcc-bugs
------- Comment #4 from theodore dot papadopoulo at sophia dot inria dot fr 2007-08-09 12:02 -------
Created an attachment (id=14046)
--> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=14046&action=view)
A new more minimal test case
The same program was still working with gcc version 4.3.0 20070608
(experimental). This reduces slightly the bug introduction window even though
it looks that Andrew already spotted the exact patch that introduced the bug
(By the way thank's a lot!!).
grenade-> /usr/local/gcc-4.3/bin/g++ Bug.C
grenade-> /usr/local/gcc-4.3/bin/g++ -v
Using built-in specs.
Target: x86_64-unknown-linux-gnu
Configured with:
/user/papadop/laptop/home/src/Cvs/Refs/gcc/gcc-svn-ref/trunk/configure
--prefix=/usr/local/gcc-4.3/ --enable-languages=c,c++,fortran
--enable-__cxa_atexit
Thread model: posix
gcc version 4.3.0 20070703 (experimental)
grenade-> ./a.out
Abort
grenade-> g++ Bug.C
grenade-> g++ -v
Using built-in specs.
Target: x86_64-redhat-linux
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --enable-shared --enable-threads=posix
--enable-checking=release --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions --enable-libgcj-multifile
--enable-languages=c,c++,objc,obj-c++,java,fortran,ada --enable-java-awt=gtk
--disable-dssi --with-java-home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre
--with-cpu=generic --host=x86_64-redhat-linux
Thread model: posix
gcc version 4.1.1 20070105 (Red Hat 4.1.1-51)
grenade-> ./a.out
grenade-> /usr/local/gcc-4.3.old/bin/g++ Bug.C
grenade-> /usr/local/gcc-4.3.old/bin/g++ -v
Using built-in specs.
Target: x86_64-unknown-linux-gnu
Configured with:
/user/papadop/laptop/home/src/Cvs/Refs/gcc/gcc-svn-ref/trunk/configure
--prefix=/usr/local/gcc-4.3/ --enable-languages=c,c++,fortran
--enable-__cxa_atexit
Thread model: posix
gcc version 4.3.0 20070608 (experimental)
grenade-> ./a.out
--
theodore dot papadopoulo at sophia dot inria dot fr changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #14043|0 |1
is obsolete| |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33025
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/33025] [4.3 Regression] Wrong calling of placement new with conditionals
2007-08-08 17:46 [Bug c++/33025] New: Wrong optimisation theodore dot papadopoulo at sophia dot inria dot fr
` (3 preceding siblings ...)
2007-08-09 12:03 ` theodore dot papadopoulo at sophia dot inria dot fr
@ 2007-08-10 1:02 ` mmitchel at gcc dot gnu dot org
2007-08-16 16:03 ` jakub at gcc dot gnu dot org
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: mmitchel at gcc dot gnu dot org @ 2007-08-10 1:02 UTC (permalink / raw)
To: gcc-bugs
--
mmitchel at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P3 |P1
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33025
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/33025] [4.3 Regression] Wrong calling of placement new with conditionals
2007-08-08 17:46 [Bug c++/33025] New: Wrong optimisation theodore dot papadopoulo at sophia dot inria dot fr
` (4 preceding siblings ...)
2007-08-10 1:02 ` mmitchel at gcc dot gnu dot org
@ 2007-08-16 16:03 ` jakub at gcc dot gnu dot org
2007-08-20 7:54 ` jakub at gcc dot gnu dot org
2007-08-20 8:19 ` jakub at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: jakub at gcc dot gnu dot org @ 2007-08-16 16:03 UTC (permalink / raw)
To: gcc-bugs
--
jakub at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|unassigned at gcc dot gnu |jakub at gcc dot gnu dot org
|dot org |
Status|NEW |ASSIGNED
Last reconfirmed|2007-08-09 09:18:30 |2007-08-16 16:02:42
date| |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33025
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/33025] [4.3 Regression] Wrong calling of placement new with conditionals
2007-08-08 17:46 [Bug c++/33025] New: Wrong optimisation theodore dot papadopoulo at sophia dot inria dot fr
` (5 preceding siblings ...)
2007-08-16 16:03 ` jakub at gcc dot gnu dot org
@ 2007-08-20 7:54 ` jakub at gcc dot gnu dot org
2007-08-20 8:19 ` jakub at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: jakub at gcc dot gnu dot org @ 2007-08-20 7:54 UTC (permalink / raw)
To: gcc-bugs
------- Comment #5 from jakub at gcc dot gnu dot org 2007-08-20 07:54 -------
Subject: Bug 33025
Author: jakub
Date: Mon Aug 20 07:53:58 2007
New Revision: 127639
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=127639
Log:
PR c++/33025
* init.c (build_new_1): Rename placement_var variable to
placement_expr.
Initialize it with save_expr rather than get_temp_regvar.
* g++.dg/init/new23.C: New test.
Added:
trunk/gcc/testsuite/g++.dg/init/new23.C
Modified:
trunk/gcc/cp/ChangeLog
trunk/gcc/cp/init.c
trunk/gcc/testsuite/ChangeLog
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33025
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug c++/33025] [4.3 Regression] Wrong calling of placement new with conditionals
2007-08-08 17:46 [Bug c++/33025] New: Wrong optimisation theodore dot papadopoulo at sophia dot inria dot fr
` (6 preceding siblings ...)
2007-08-20 7:54 ` jakub at gcc dot gnu dot org
@ 2007-08-20 8:19 ` jakub at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: jakub at gcc dot gnu dot org @ 2007-08-20 8:19 UTC (permalink / raw)
To: gcc-bugs
------- Comment #6 from jakub at gcc dot gnu dot org 2007-08-20 08:19 -------
Fixed.
--
jakub at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |FIXED
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33025
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2007-08-20 8:19 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-08-08 17:46 [Bug c++/33025] New: Wrong optimisation theodore dot papadopoulo at sophia dot inria dot fr
2007-08-08 17:49 ` [Bug c++/33025] " theodore dot papadopoulo at sophia dot inria dot fr
2007-08-08 18:55 ` [Bug c++/33025] [4.3 Regression] Wrong calling of placement new with conditionals pinskia at gcc dot gnu dot org
2007-08-09 9:18 ` pinskia at gcc dot gnu dot org
2007-08-09 12:03 ` theodore dot papadopoulo at sophia dot inria dot fr
2007-08-10 1:02 ` mmitchel at gcc dot gnu dot org
2007-08-16 16:03 ` jakub at gcc dot gnu dot org
2007-08-20 7:54 ` jakub at gcc dot gnu dot org
2007-08-20 8:19 ` jakub at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).