This problem occurs while compiling our company's library code with -O3; the problem is not present at lower optimization levels. A complex C++ class named TTCPConnectionObj contains the following function: virtual inline bool IsLingerSet () const { return (fLingerTime != kTCPLingerNone); } This function is called (among other times) from within a Connect() method within the same object. At optimization -O3, the call to IsLingerSet() fails with a segfault. Follows is a GDB (5.3) backtrace: #0 0x400bf513 in bti::TTCPConnectionObj::IsLingerSet() const (this=0x400c23f9) at bti_tcp_lib.h:274 #1 0xbffff6e8 in ?? () #2 0x400bbdf2 in bti::TTCPConnectionObj::Connect(unsigned long, int, int, int) (this=0xbffff9b0, networkAddress=1074537465, port=1074533544, ioBufferSize=4096, connectTimeout=1074537465) at bti_tcp_lib.cc:161 #3 0x400bc084 in bti::TTCPConnectionObj::Connect(bti::TString, int, int, int) (this=0xbffff9b0, host= {<TBuffer> = {_vptr.TBuffer = 0x804a988, fStackBufferPtr = "www.bti.net", '\0' <repeats 20 times>, fExternalBufferPtr = 0x0, fCurrentBufferPtr = 0xbffff8f4 "www.bti.net", fCapacity = 32, fUsed = 11}, <No data fields>}, port=1074537465, ioBufferSize=1074537465, connectTimeout=1074537465) at bti_tcp_lib.cc:224 #4 0x08048f5a in main (argc=3, argv=0x400c23f8) at blah.cc:29 #5 0x401c3ae2 in __libc_start_main (main=0x8048e60 <main>, argc=3, ubp_av=0xbffff9b0, init=0x8048b70 <_init>, fini=0x400c14a8 <vtable for bti::TTCPConnectionObj+8>, rtld_fini=0x5000, stack_end=0x7c400bfe) at ../sysdeps/generic/libc-start.c:129 Notice that the address of 'this' changes somewhere between frames 0 and 2. It shouldn't, and it apparently doesn't with less optimization. Frame 2 (bti_tcp_lib.cc:161) points directly to the call to IsLingerSet().
This could be related to reports 568, 3608 and 5554, all of which are fixed. Unfortunately, you didn't tell us which version of gcc you are working with, and you didn't give us a testcase either, so we can't check. Regards Wolfgang
Subject: Re: Runtime segfault: C++ heap-allocated object loses/changes 'this' address at -O3 when calling virtual inline const function Wolfgang, My apologies. The version info was in Bugzilla and I thought it would be echoed in the report. I'm running the latest production gcc: -------------------- gcc -v Reading specs from /usr/local/lib/gcc-lib/i686-pc-linux-gnu/3.3/specs Configured with: ../gcc-3.3/configure --prefix=/usr/local --enable-languages=c,c++,java --enable-threads --enable-__cxa_atexit Thread model: posix gcc version 3.3 -------------------- The reports you cited were with older versions, the latest being 3.1. I've spent a couple of hours this morning attempting to create a test case but I haven't been able to duplicate the problem. This leads me to believe that there is probably another workaround (refactoring the original class somehow), but I still think that the optimization is still goofy. I'll keep working on it and post my findings and/or a demonstration test case. DSC In our previous episode, on 7/11/2003 5:49 PM, bangerth at dealii dot org (gcc-bugzilla@gcc.gnu.org) related the following words of wisdom: > PLEASE REPLY TO gcc-bugzilla@gcc.gnu.org ONLY, *NOT* gcc-bugs@gcc.gnu.org. > > http://gcc.gnu.org/bugzilla/show_bug.cgi?id=11505 > > > > ------- Additional Comments From bangerth at dealii dot org 2003-07-11 22:49 > ------- > This could be related to reports 568, 3608 and 5554, all of which are > fixed. Unfortunately, you didn't tell us which version of gcc you are > working with, and you didn't give us a testcase either, so we can't > check. > > Regards > Wolfgang > > > > ------- You are receiving this mail because: ------- > You reported the bug, or are watching the reporter. >
Subject: Re: Runtime segfault: C++ heap-allocated object loses/changes 'this' address at -O3 when calling virtual inline const function While I stil haven't been able to come up with a simple test case for this, I did discover another workaround. Converting all 'virtual inline' functions in the TTCPConnectionObj class to just 'inline' functions solved all the problems, even at -O3 optimization. Converting those functions to regular 'virtual' functions and removing the code from the header file also appears to solve the problem. I did discover some addition bizarre behaviors while testing, such being able call the object's IsLingerSet() virtual inline function from outside the object (eg, main()) but not from within another function in the same object. But unless I can reproduce it in a simple test case I'm not going to make any weird claims. Cheers, DSC
What's the status of this? Have you succeeded in producing a testcase? Thanks.
Subject: Re: Runtime segfault: C++ heap-allocated object loses/changes 'this' address at -O3 when calling virtual inline const function -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have not succeeded in producing a testcase, unfortunately, which leads me to believe that the problem is more than likely somewhere in my own library and not in gcc. At least, we should treat it as such barring evidence to the contrary. I'd advise closing the bug report. Thanks! In our last episode, on 8/24/03 2:15 PM, dhazeghi at yahoo dot com (gcc-bugzilla@gcc.gnu.org) said something like: > What's the status of this? Have you succeeded in producing a testcase? > Thanks. -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.2 iQA/AwUBP0pN4/HX8q+q4UMVEQIxwQCg1coUcUbNe4ZbyQZnOiSFJsR/pkEAnixc YM1r4LVE5SsBi41Ar+Mduefw =slzh -----END PGP SIGNATURE----- _________________________________________________________________________ Dan S. Camper Borrowed Time, Inc. Software Thaumaturge http://www.bti.net Toll-Free: 877.451.8939 Texas: 512.451.8939
Closing on request of submitter. If you find a testcase, feel free to open a new PR. W.