From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugs-return-450795-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 21917 invoked by alias); 7 May 2014 12:03:33 -0000
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
Received: (qmail 21868 invoked by uid 48); 7 May 2014 12:03:29 -0000
From: "kcc at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug sanitizer/61095] tsan is broken in gcc trunk, works in 4.9
Date: Wed, 07 May 2014 12:03:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: sanitizer
X-Bugzilla-Version: 4.10.0
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: kcc at gcc dot gnu.org
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-61095-4-UdyOU1495K@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-61095-4@http.gcc.gnu.org/bugzilla/>
References: <bug-61095-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2014-05/txt/msg00487.txt.bz2

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=61095

--- Comment #1 from Kostya Serebryany <kcc at gcc dot gnu.org> ---
I suspect a miscompile,
at least the following patch to the libsanitizer sources fixes the problem:

--- tsan_rtl.cc (revision 210145)
+++ tsan_rtl.cc (working copy)
@@ -584,7 +584,8 @@
   if (kGoMode || size < 64*1024) {
     u64 *p = (u64*)MemToShadow(addr);
     CHECK(IsShadowMem((uptr)p));
-    CHECK(IsShadowMem((uptr)(p + size * kShadowCnt / kShadowCell - 1)));
+    volatile uptr xxx = (uptr)(p + size * kShadowCnt / kShadowCell - 1);
+    CHECK(IsShadowMem(xxx));
     // FIXME: may overwrite a part outside the region
     for (uptr i = 0; i < size / kShadowCell * kShadowCnt;) {
       p[i++] = val;


Note the "volatile". W/o volatile tsan still crashes.