From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugs-return-465714-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 14766 invoked by alias); 4 Nov 2014 14:41:53 -0000
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
Received: (qmail 14741 invoked by uid 48); 4 Nov 2014 14:41:49 -0000
From: "leandrosansilva at gmail dot com" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug c++/63736] New: gcc generated program with segfault on atomic exchange when the atomic variable is a member of a struct allocated with make_shared
Date: Tue, 04 Nov 2014 14:41:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: c++
X-Bugzilla-Version: 4.8.2
X-Bugzilla-Keywords:
X-Bugzilla-Severity: blocker
X-Bugzilla-Who: leandrosansilva at gmail dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter attachments.created
Message-ID: <bug-63736-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2014-11/txt/msg00186.txt.bz2

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63736

            Bug ID: 63736
           Summary: gcc generated program with segfault on atomic exchange
                    when the atomic variable is a member of a struct
                    allocated with make_shared
           Product: gcc
           Version: 4.8.2
            Status: UNCONFIRMED
          Severity: blocker
          Priority: P3
         Component: c++
          Assignee: unassigned at gcc dot gnu.org
          Reporter: leandrosansilva at gmail dot com

Created attachment 33882
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=33882&action=edit
self contained program which reproduces the problem

I am sending a sample code with a self contained program which declares a
struct called PStruct which contains a variable member which is an atomic of a
simple struct.

G++ compiles the code correctly, however it has a segmentation fault in a (IMO)
valid atomic exchance operation, when PStruct is allocated using make_shared,
but it does not happen when it's allocated using new operator.

In clang 3.5 the code generate a valid program, which runs as expected.

G++ info:

Using built-in specs.
COLLECT_GCC=g++-4.8
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/4.8/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu
4.8.1-2ubuntu1~12.04' --with-bugurl=file:///usr/share/doc/gcc-4.8/README.Bugs
--enable-languages=c,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr
--program-suffix=-4.8 --enable-shared --enable-linker-build-id
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix
--with-gxx-include-dir=/usr/include/c++/4.8 --libdir=/usr/lib --enable-nls
--with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug
--enable-libstdcxx-time=yes --enable-gnu-unique-object --enable-plugin
--with-system-zlib --disable-browser-plugin --enable-java-awt=gtk
--enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-4.8-amd64/jre
--enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-4.8-amd64
--with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-4.8-amd64
--with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar
--enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686
--with-abi=m64 --with-multilib-list=m32,m64 --with-tune=generic
--enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu
--target=x86_64-linux-gnu
Thread model: posix
gcc version 4.8.1 (Ubuntu 4.8.1-2ubuntu1~12.04)

The command line I am using to compile the code:
$ g++-4.8 -std=c++11 -Wall -Wextra atomic_of_struct_test.cpp -o
atomic_of_struct_test -lrt -latomic

The attached file reproduces the problem, because allocates using make_shared.
To allocate using new operator, comment line 34 and uncomment line 37.

The expected output in both allocation ways is:
field1: 2, field2: 4

The actual output when compiled with g++ is:
Segmentation fault (core dumped)

The backtrace of the later execution:

#0  0x00007ffff7bd5897 in ?? () from /usr/lib/x86_64-linux-gnu/libatomic.so.1
No symbol table info available.
#1  0x0000000000401186 in std::atomic<TwoFieldStruct>::exchange (this=0x604028,
__i=..., _m=std::memory_order_seq_cst) at /usr/include/c++/4.8/atomic:225
        tmp = {
          field1 = 140737488346624, 
          field2 = 4198920
        }
#2  0x00000000004010e3 in PStruct::setMs (this=0x604028, ms=...) at
atomic_of_struct_test.cpp:18
No locals.
#3  0x0000000000400f81 in main () at atomic_of_struct_test.cpp:39
        ms = {
          field1 = 2, 
          field2 = 4
        }
        ptr = std::shared_ptr (count 1, weak 0) 0x604028
        oms = {
          field1 = 0, 
          field2 = 4197680
        }