[Bug c++/55131] New: Segmentation fault happened after upgraded g++ from 3.4.6 to 4.7.0

[Bug c++/55131] New: Segmentation fault happened after upgraded g++ from 3.4.6 to 4.7.0

[mawenqi108 at gmail dot com]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55131

             Bug #: 55131
           Summary: Segmentation fault happened after upgraded g++ from
                    3.4.6 to 4.7.0
    Classification: Unclassified
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: blocker
          Priority: P3
         Component: c++
        AssignedTo: unassigned@gcc.gnu.org
        ReportedBy: mawenqi108@gmail.com


Created attachment 28570
  --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=28570
The source file

Recently I have upgraded the build environment from RHEL 4.7 (32bit) with g++
3.4.6 to CentOS 6.3 (32bit) with g++ 4.7.0. While an inline assembly function,
which implements the atomic comparison and exchange function, could not work
anymore.The attachment is the source file for your reference.

On the old RHEL 4.7 environment:
# g++ -v
Reading specs from /usr/lib/gcc/i386-redhat-linux/3.4.6/specs
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --enable-shared --enable-threads=posix
--disable-checking --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions --enable-java-awt=gtk --host=i386-redhat-linux
Thread model: posix
gcc version 3.4.6 20060404 (Red Hat 3.4.6-10)

# g++ -Wall -Wextra -g -o test test.cpp
test.cpp:37: warning: unused parameter 'argc'
test.cpp:37: warning: unused parameter 'argv'

# ./test
1 val = 0, oldv = 0, newv = 20
2 val = 20, oldv = 0, newv = 20
3 val = 20, oldv = 20, newv = 20

However, on the new CentOS 6.3 environment:
# g++47 -v
Using built-in specs.
COLLECT_GCC=g++47
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/i686-redhat-linux4.7.0/4.7.0/lto-wrapper
Target: i686-redhat-linux4.7.0
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --enable-bootstrap --enable-shared
--enable-threads=posix --enable-checking=release --disable-build-with-cxx
--with-system-zlib --enable-__cxa_atexit --enable-languages=c,c++
--disable-profiling --enable-ld --disable-libgcj --disable-java --disable-gcj
--disable-libgcj-multifile --disable-plugin --enable-linker-build-id
--with-tune=generic --with-arch=i686 --build=i686-redhat-linux4.7.0
Thread model: posix
gcc version 4.7.0 20120507 (Red Hat 4.7.0-3) (GCC)

# g++47 -Wall -Wextra -g -fno-strict-aliasing -fwrapv -o test test.cpp
test.cpp:36:5: warning: unused parameter ‘argc’ [-Wunused-parameter]
test.cpp:36:5: warning: unused parameter ‘argv’ [-Wunused-parameter]

# ./test 
1 val = 0, oldv = 0, newv = 20
Segmentation fault (core dumped)

GDB print following info:
(gdb) r
Starting program: /home/share/tmp/test 
1 val = 0, oldv = 0, newv = 20

Program received signal SIGSEGV, Segmentation fault.
0x08048831 in MyAtomic_CAS64 (tgt=0xbffff610, old=0xbffff608, rep=20) at
test.cpp:31
31            : "memory", "edx", "esi", "edi", "cc");

Thanks!

[Bug c++/55131] Segmentation fault happened in resulting code (inline-asm) after upgraded g++ from 3.4.6 to 4.7.0

[pinskia at gcc dot gnu.org]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55131

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Segmentation fault happened |Segmentation fault happened
                   |after upgraded g++ from     |in resulting code
                   |3.4.6 to 4.7.0              |(inline-asm) after upgraded
                   |                            |g++ from 3.4.6 to 4.7.0
           Severity|blocker                     |normal

[Bug inline-asm/55131] Segmentation fault happened in resulting code (inline-asm) after upgraded g++ from 3.4.6 to 4.7.0

[pinskia at gcc dot gnu.org]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55131

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
          Component|c++                         |inline-asm
            Version|unknown                     |4.7.0
         Resolution|                            |INVALID

--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> 2012-10-30 02:28:31 UTC ---
This is not a bug.
The produced assembly looks like:
       movl        8(%ebp), %edi # %1
       movl        12(%ebp), %esi# %2
       movl        0(%esi), %eax
       movl        4(%esi), %edx
       movl        (%ecx), %ebx# %3
       movl        (%eax), %ecx# %4

By the time the last statement happens, eax has already been clobbered.  You
never said you are clobber eax in the inline-asm so it chose the 4th operand as
being eax.  You were getting lucky in 3.4.6 with the inline-asm really,


I don't see why you don't use the __sync_* (or even better the __atomic_*)
builtins for doing the compare and swap?

[Bug c++/55131] Segmentation fault happened in resulting code (inline-asm) after upgraded g++ from 3.4.6 to 4.7.0

[mawenqi108 at gmail dot com]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55131

mawenqi <mawenqi108 at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |UNCONFIRMED
          Component|inline-asm                  |c++
            Version|4.7.0                       |unknown
         Resolution|INVALID                     |
           Severity|normal                      |blocker

--- Comment #2 from mawenqi <mawenqi108 at gmail dot com> 2012-10-30 06:22:07 UTC ---
(In reply to comment #1)
> This is not a bug.
> The produced assembly looks like:
>        movl        8(%ebp), %edi # %1
>        movl        12(%ebp), %esi# %2
>        movl        0(%esi), %eax
>        movl        4(%esi), %edx
>        movl        (%ecx), %ebx# %3
>        movl        (%eax), %ecx# %4
> 
> By the time the last statement happens, eax has already been clobbered.  You
> never said you are clobber eax in the inline-asm so it chose the 4th operand as
> being eax.  You were getting lucky in 3.4.6 with the inline-asm really,
> 
> 
> I don't see why you don't use the __sync_* (or even better the __atomic_*)
> builtins for doing the compare and swap?

Thanks a lot for your help!
This is the old legacy code. After replaced original implementation with
buildin function __atomic_compare_exchange_n, now everything is fine!
static inline bool MyAtomic_CAS64(volatile unsigned long long* tgt, 
                                    unsigned long long* old,
                                    unsigned long long rep)
{
        return __atomic_compare_exchange_n(tgt, old, rep, 
                false, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST);
}

Thanks again!

[Bug c++/55131] Segmentation fault happened in resulting code (inline-asm) after upgraded g++ from 3.4.6 to 4.7.0

[mawenqi108 at gmail dot com]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55131

mawenqi <mawenqi108 at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
            Version|unknown                     |4.7.0
         Resolution|                            |INVALID

--- Comment #3 from mawenqi <mawenqi108 at gmail dot com> 2012-10-30 06:25:15 UTC ---
As Andrew Pinski said, this is not a bug of GCC.

[Bug c++/55131] Segmentation fault happened in resulting code (inline-asm) after upgraded g++ from 3.4.6 to 4.7.0

[redi at gcc dot gnu.org]

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55131

Jonathan Wakely <redi at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|blocker                     |normal