[Bug c++/63736] New: gcc generated program with segfault on atomic exchange when the atomic variable is a member of a struct allocated with make_shared

[Bug c++/63736] New: gcc generated program with segfault on atomic exchange when the atomic variable is a member of a struct allocated with make_shared

[leandrosansilva at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63736

            Bug ID: 63736
           Summary: gcc generated program with segfault on atomic exchange
                    when the atomic variable is a member of a struct
                    allocated with make_shared
           Product: gcc
           Version: 4.8.2
            Status: UNCONFIRMED
          Severity: blocker
          Priority: P3
         Component: c++
          Assignee: unassigned at gcc dot gnu.org
          Reporter: leandrosansilva at gmail dot com

Created attachment 33882
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=33882&action=edit
self contained program which reproduces the problem

I am sending a sample code with a self contained program which declares a
struct called PStruct which contains a variable member which is an atomic of a
simple struct.

G++ compiles the code correctly, however it has a segmentation fault in a (IMO)
valid atomic exchance operation, when PStruct is allocated using make_shared,
but it does not happen when it's allocated using new operator.

In clang 3.5 the code generate a valid program, which runs as expected.

G++ info:

Using built-in specs.
COLLECT_GCC=g++-4.8
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/4.8/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu
4.8.1-2ubuntu1~12.04' --with-bugurl=file:///usr/share/doc/gcc-4.8/README.Bugs
--enable-languages=c,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr
--program-suffix=-4.8 --enable-shared --enable-linker-build-id
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix
--with-gxx-include-dir=/usr/include/c++/4.8 --libdir=/usr/lib --enable-nls
--with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug
--enable-libstdcxx-time=yes --enable-gnu-unique-object --enable-plugin
--with-system-zlib --disable-browser-plugin --enable-java-awt=gtk
--enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-4.8-amd64/jre
--enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-4.8-amd64
--with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-4.8-amd64
--with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar
--enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686
--with-abi=m64 --with-multilib-list=m32,m64 --with-tune=generic
--enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu
--target=x86_64-linux-gnu
Thread model: posix
gcc version 4.8.1 (Ubuntu 4.8.1-2ubuntu1~12.04)

The command line I am using to compile the code:
$ g++-4.8 -std=c++11 -Wall -Wextra atomic_of_struct_test.cpp -o
atomic_of_struct_test -lrt -latomic

The attached file reproduces the problem, because allocates using make_shared.
To allocate using new operator, comment line 34 and uncomment line 37.

The expected output in both allocation ways is:
field1: 2, field2: 4

The actual output when compiled with g++ is:
Segmentation fault (core dumped)

The backtrace of the later execution:

#0  0x00007ffff7bd5897 in ?? () from /usr/lib/x86_64-linux-gnu/libatomic.so.1
No symbol table info available.
#1  0x0000000000401186 in std::atomic<TwoFieldStruct>::exchange (this=0x604028,
__i=..., _m=std::memory_order_seq_cst) at /usr/include/c++/4.8/atomic:225
        tmp = {
          field1 = 140737488346624, 
          field2 = 4198920
        }
#2  0x00000000004010e3 in PStruct::setMs (this=0x604028, ms=...) at
atomic_of_struct_test.cpp:18
No locals.
#3  0x0000000000400f81 in main () at atomic_of_struct_test.cpp:39
        ms = {
          field1 = 2, 
          field2 = 4
        }
        ptr = std::shared_ptr (count 1, weak 0) 0x604028
        oms = {
          field1 = 0, 
          field2 = 4197680
        }

[Bug c++/63736] gcc generated program with segfault on atomic exchange when the atomic variable is a member of a struct allocated with make_shared

[redi at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63736

Jonathan Wakely <redi at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|blocker                     |normal

[Bug c++/63736] gcc generated program with segfault on atomic exchange when the atomic variable is a member of a struct allocated with make_shared

[leandrosansilva at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63736

--- Comment #1 from Leandro Santiago <leandrosansilva at gmail dot com> ---
I forgot to mention I am using Ubuntu 12.04 64-bit on a i7 machine and kernel
3.8.0.

[Bug c++/63736] gcc generated program with segfault on atomic exchange when the atomic variable is a member of a struct allocated with make_shared

[leandrosansilva at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63736

--- Comment #2 from Leandro Santiago <leandrosansilva at gmail dot com> ---
I tested the same program again with gcc from master branch from today and it
worked as expected, generated a runnable executable. 

Is it possible to backport whichever the solution is to gcc 4.8?

[1] COLLECT_GCC=/home/tenchi/programs/gcc/bin/g++
COLLECT_LTO_WRAPPER=/home/tenchi/programs/gcc/libexec/gcc/x86_64-unknown-linux-gnu/5.0.0/lto-wrapper
Target: x86_64-unknown-linux-gnu
Configured with: ../configure --prefix=/home/tenchi/programs/gcc --enable-debug
--enable-lto
Thread model: posix
gcc version 5.0.0 20141104 (experimental) (GCC)

[Bug c++/63736] gcc generated program with segfault on atomic exchange when the atomic variable is a member of a struct allocated with make_shared

[leandrosansilva at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63736

--- Comment #3 from Leandro Santiago <leandrosansilva at gmail dot com> ---
I've just realized the gcc I am using is 4.8.1 instead of 4.8.1 as initially
reported.

[Bug c++/63736] gcc generated program with segfault on atomic exchange when the atomic variable is a member of a struct allocated with make_shared

[redi at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63736

Jonathan Wakely <redi at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
      Known to work|                            |4.9.2, 5.0
      Known to fail|                            |4.8.2

--- Comment #4 from Jonathan Wakely <redi at gcc dot gnu.org> ---
I can reproduce it with 4.8.2 and can confirm it seems to be fixed in 4.9.0
(even when linking to the libatomic.so from 4.8.2)

#0  0x00007ffff7dcc898 in libat_exchange_16_i1 (mptr=0x604028,
newval=<optimized out>, smodel=<optimized out>) at
../../../libatomic/exch_n.c:54
#1  0x00000000004011b4 in std::atomic<TwoFieldStruct>::exchange (this=0x604028,
__i=..., _m=std::memory_order_seq_cst) at /usr/include/c++/4.8.3/atomic:225
#2  0x0000000000401111 in PStruct::setMs (this=0x604028, ms=...) at
/var/tmp/atomic_of_struct_test.cpp:18
#3  0x0000000000400fb1 in main () at /var/tmp/atomic_of_struct_test.cpp:39

[Bug c++/63736] gcc generated program with segfault on atomic exchange when the atomic variable is a member of a struct allocated with make_shared

[redi at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63736

Jonathan Wakely <redi at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |NEW
   Last reconfirmed|                            |2014-12-10
     Ever confirmed|0                           |1