Bug 41103 - g++-4.3/4.4 generates wrong code on x86_64
Summary: g++-4.3/4.4 generates wrong code on x86_64
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: c++ (show other bugs)
Version: unknown
: P3 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-08-18 11:29 UTC by tim blechmann
Modified: 2012-05-13 22:07 UTC (History)
2 users (show)

See Also:
Host:
Target:
Build:
Known to work: 4.2.4
Known to fail: 4.3.3, 4.4.1
Last reconfirmed: 2011-10-19 00:00:00

Attachments
preprocessed source, 4.4 (263.62 KB, application/octet-stream)
2009-08-18 11:35 UTC, tim blechmann 		Details
preprocessed source, 4.2 (253.17 KB, application/octet-stream)
2009-08-18 11:37 UTC, tim blechmann 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description tim blechmann 2009-08-18 11:29:56 UTC 
g++-4.3 and 4.4 seem to generate wrong code, when optimizing. 4.2 produce correct code for me

the bad code on 4.4 is:
00000000004449a0 <fifo_tester<boost::lockfree::caching_freelist_t>::get()>:
  4449a0:	41 57                	push   %r15
  4449a2:	48 8d 87 80 00 00 00 	lea    0x80(%rdi),%rax
  4449a9:	48 8d 97 98 00 58 00 	lea    0x580098(%rdi),%rdx
  4449b0:	48 8d 8f 90 00 00 00 	lea    0x90(%rdi),%rcx
  4449b7:	41 56                	push   %r14
  4449b9:	41 55                	push   %r13
  4449bb:	4c 8d 6f 40          	lea    0x40(%rdi),%r13
  4449bf:	41 54                	push   %r12
  4449c1:	55                   	push   %rbp
  4449c2:	48 bd ff ff ff ff ff 	mov    $0xffffffffffff,%rbp
  4449c9:	ff 00 00 
  4449cc:	49 89 ec             	mov    %rbp,%r12
  4449cf:	53                   	push   %rbx
  4449d0:	48 89 fb             	mov    %rdi,%rbx
  4449d3:	48 81 ec c8 00 00 00 	sub    $0xc8,%rsp
  4449da:	48 89 44 24 30       	mov    %rax,0x30(%rsp)
  4449df:	48 8d 87 98 00 00 00 	lea    0x98(%rdi),%rax
  4449e6:	48 89 54 24 18       	mov    %rdx,0x18(%rsp)
  4449eb:	48 89 4c 24 20       	mov    %rcx,0x20(%rsp)
  4449f0:	48 89 44 24 38       	mov    %rax,0x38(%rsp)
  4449f5:	0f 1f 00             	nopl   (%rax)
  4449f8:	48 8b 03             	mov    (%rbx),%rax
  4449fb:	0f ae e8             	lfence 
  4449fe:	48 8b 3b             	mov    (%rbx),%rdi
  444a01:	48 89 c2             	mov    %rax,%rdx
  444a04:	48 21 ea             	and    %rbp,%rdx
  444a07:	48 89 ee             	mov    %rbp,%rsi
  444a0a:	48 8b 4b 40          	mov    0x40(%rbx),%rcx
  444a0e:	48 23 32             	and    (%rdx),%rsi
  444a11:	48 39 c7             	cmp    %rax,%rdi
  444a14:	0f 85 3c 03 00 00    	jne    444d56 <fifo_tester<boost::lockfree::caching_freelist_t>::get()+0x3b6>
  444a1a:	48 89 cf             	mov    %rcx,%rdi
  444a1d:	4c 21 e7             	and    %r12,%rdi
  444a20:	48 39 fa             	cmp    %rdi,%rdx
  444a23:	0f 84 27 02 00 00    	je     444c50 <fifo_tester<boost::lockfree::caching_freelist_t>::get()+0x2b0>
  444a29:	48 89 c1             	mov    %rax,%rcx
  444a2c:	44 8b 76 10          	mov    0x10(%rsi),%r14d   <-- oops
  444a30:	48 89 74 24 50       	mov    %rsi,0x50(%rsp)
  444a35:	48 c1 e9 30          	shr    $0x30,%rcx
  444a39:	48 89 44 24 40       	mov    %rax,0x40(%rsp)
  444a3e:	83 c1 01             	add    $0x1,%ecx
  444a41:	66 89 4c 24 56       	mov    %cx,0x56(%rsp)
  444a46:	48 8b 4c 24 50       	mov    0x50(%rsp),%rcx
  444a4b:	f0 48 0f b1 0b       	lock cmpxchg %rcx,(%rbx)

at position 444a2c it segfaults, because the register %rsi is 0

while the correct code of 4.2 is:
0000000000447380 <fifo_tester<boost::lockfree::caching_freelist_t>::get()>:
  447380:	41 57                	push   %r15
  447382:	48 8d 87 98 00 58 00 	lea    0x580098(%rdi),%rax
  447389:	48 8d 97 90 00 00 00 	lea    0x90(%rdi),%rdx
  447390:	41 56                	push   %r14
  447392:	41 55                	push   %r13
  447394:	4c 8d af 80 00 00 00 	lea    0x80(%rdi),%r13
  44739b:	41 54                	push   %r12
  44739d:	4c 8d 67 40          	lea    0x40(%rdi),%r12
  4473a1:	55                   	push   %rbp
  4473a2:	48 89 fd             	mov    %rdi,%rbp
  4473a5:	53                   	push   %rbx
  4473a6:	48 bb ff ff ff ff ff 	mov    $0xffffffffffff,%rbx
  4473ad:	ff 00 00 
  4473b0:	48 83 ec 28          	sub    $0x28,%rsp
  4473b4:	48 89 44 24 10       	mov    %rax,0x10(%rsp)
  4473b9:	48 8d 44 24 24       	lea    0x24(%rsp),%rax
  4473be:	48 89 54 24 08       	mov    %rdx,0x8(%rsp)
  4473c3:	48 89 04 24          	mov    %rax,(%rsp)
  4473c7:	48 8b 55 00          	mov    0x0(%rbp),%rdx
  4473cb:	0f ae e8             	lfence 
  4473ce:	48 8b 75 40          	mov    0x40(%rbp),%rsi
  4473d2:	48 89 d7             	mov    %rdx,%rdi
  4473d5:	48 21 df             	and    %rbx,%rdi
  4473d8:	48 8b 0f             	mov    (%rdi),%rcx
  4473db:	48 21 d9             	and    %rbx,%rcx
  4473de:	48 3b 55 00          	cmp    0x0(%rbp),%rdx
  4473e2:	75 e3                	jne    4473c7 <fifo_tester<boost::lockfree::caching_freelist_t>::get()+0x47>
  4473e4:	48 89 f0             	mov    %rsi,%rax
  4473e7:	48 21 d8             	and    %rbx,%rax
  4473ea:	48 39 c7             	cmp    %rax,%rdi
  4473ed:	0f 84 42 01 00 00    	je     447535 <fifo_tester<boost::lockfree::caching_freelist_t>::get()+0x1b5>
  4473f3:	8b 41 10             	mov    0x10(%rcx),%eax
  4473f6:	89 44 24 24          	mov    %eax,0x24(%rsp)
  4473fa:	48 89 d0             	mov    %rdx,%rax
  4473fd:	48 c1 e8 30          	shr    $0x30,%rax
  447401:	83 c0 01             	add    $0x1,%eax
  447404:	48 c1 e0 30          	shl    $0x30,%rax
  447408:	48 09 c1             	or     %rax,%rcx
  44740b:	48 89 d0             	mov    %rdx,%rax
  44740e:	f0 48 0f b1 4d 00    	lock cmpxchg %rcx,0x0(%rbp)
...

gcc-4.4
g++-4.4 -v
Using built-in specs.
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 4.4.1-1ubuntu1~jaunty1' --with-bugurl=file:///usr/share/doc/gcc-4.4/README.Bugs --enable-languages=c,c++,fortran,objc,obj-c++ --prefix=/usr --enable-shared --enable-multiarch --enable-linker-build-id --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --with-gxx-include-dir=/usr/include/c++/4.4 --program-suffix=-4.4 --enable-nls --enable-clocale=gnu --enable-libstdcxx-debug --enable-mpfr --enable-objc-gc --disable-werror --with-arch-32=i486 --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 4.4.1 (Ubuntu 4.4.1-1ubuntu1~jaunty1) 

this also happens on gcc-4.3, where the corresponding code is:
0000000000441ed0 <fifo_tester<boost::lockfree::caching_freelist_t>::get()>:
  441ed0:	41 57                	push   %r15
  441ed2:	48 8d 87 80 00 00 00 	lea    0x80(%rdi),%rax
  441ed9:	48 8d 97 98 00 58 00 	lea    0x580098(%rdi),%rdx
  441ee0:	48 8d 8f 90 00 00 00 	lea    0x90(%rdi),%rcx
  441ee7:	4c 8d 7f 40          	lea    0x40(%rdi),%r15
  441eeb:	41 56                	push   %r14
  441eed:	41 55                	push   %r13
  441eef:	41 54                	push   %r12
  441ef1:	55                   	push   %rbp
  441ef2:	48 89 fd             	mov    %rdi,%rbp
  441ef5:	53                   	push   %rbx
  441ef6:	48 bb ff ff ff ff ff 	mov    $0xffffffffffff,%rbx
  441efd:	ff 00 00 
  441f00:	48 83 ec 38          	sub    $0x38,%rsp
  441f04:	48 89 44 24 10       	mov    %rax,0x10(%rsp)
  441f09:	48 89 54 24 08       	mov    %rdx,0x8(%rsp)
  441f0e:	48 89 0c 24          	mov    %rcx,(%rsp)
  441f12:	66 0f 1f 44 00 00    	nopw   0x0(%rax,%rax,1)
  441f18:	48 8b 55 00          	mov    0x0(%rbp),%rdx
  441f1c:	eb 05                	jmp    441f23 <fifo_tester<boost::lockfree::caching_freelist_t>::get()+0x53>
  441f1e:	66 90                	xchg   %ax,%ax
  441f20:	48 89 c2             	mov    %rax,%rdx
  441f23:	0f ae e8             	lfence 
  441f26:	48 8b 45 00          	mov    0x0(%rbp),%rax
  441f2a:	48 89 d6             	mov    %rdx,%rsi
  441f2d:	48 21 de             	and    %rbx,%rsi
  441f30:	48 89 df             	mov    %rbx,%rdi
  441f33:	48 8b 4d 40          	mov    0x40(%rbp),%rcx
  441f37:	48 23 3e             	and    (%rsi),%rdi
  441f3a:	48 39 d0             	cmp    %rdx,%rax
  441f3d:	75 e1                	jne    441f20 <fifo_tester<boost::lockfree::caching_freelist_t>::get()+0x50>
  441f3f:	48 b8 ff ff ff ff ff 	mov    $0xffffffffffff,%rax
  441f46:	ff 00 00 
  441f49:	48 21 c8             	and    %rcx,%rax
  441f4c:	48 39 c6             	cmp    %rax,%rsi
  441f4f:	0f 84 0b 02 00 00    	je     442160 <fifo_tester<boost::lockfree::caching_freelist_t>::get()+0x290>
  441f55:	48 89 d0             	mov    %rdx,%rax
  441f58:	44 8b 67 10          	mov    0x10(%rdi),%r12d     <-- oops
  441f5c:	48 c1 e8 30          	shr    $0x30,%rax
  441f60:	83 c0 01             	add    $0x1,%eax
  441f63:	48 89 c1             	mov    %rax,%rcx
  441f66:	48 89 d0             	mov    %rdx,%rax
  441f69:	48 c1 e1 30          	shl    $0x30,%rcx
  441f6d:	48 09 f9             	or     %rdi,%rcx
  441f70:	f0 48 0f b1 4d 00    	lock cmpxchg %rcx,0x0(%rbp)

Using built-in specs.
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 4.3.3-5ubuntu4' --with-bugurl=file:///usr/share/doc/gcc-4.3/README.Bugs --enable-languages=c,c++,fortran,objc,obj-c++ --prefix=/usr --enable-shared --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --enable-nls --with-gxx-include-dir=/usr/include/c++/4.3 --program-suffix=-4.3 --enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc --enable-mpfr --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 4.3.3 (Ubuntu 4.3.3-5ubuntu4)
Comment 1 tim blechmann 2009-08-18 11:35:31 UTC 
Created attachment 18395 [details]
preprocessed source, 4.4
Comment 2 tim blechmann 2009-08-18 11:37:46 UTC 
Created attachment 18396 [details]
preprocessed source, 4.2
Comment 3 tim blechmann 2009-08-18 11:50:21 UTC 
i forgot to mention, i am building with bjam, passing the following options:

COLLECT_GCC_OPTIONS='-ftemplate-depth-128' '-O3' '-finline-functions' '-Wno-inline' '-Wall' '-pthread' '-fPIC' '-g' '-v' '-save-temps' '-DBOOST_ALL_NO_LIB=1' '-DBOOST_THREAD_POSIX' '-DBOOST_THREAD_USE_DLL=1' '-DNDEBUG' '-I../../..' '-c' '-o' '../../../bin.v2/libs/lockfree/test/fifo_test.test/gcc-4.4.1/release/threading-multi/fifo_test.o' '-shared-libgcc' '-mtune=generic'

when compiling in debug mode, the binary works fine:
COLLECT_GCC_OPTIONS='-ftemplate-depth-128' '-O0' '-fno-inline' '-Wall' '-g' '-pthread' '-fPIC' '-g' '-v' '-save-temps' '-DBOOST_ALL_NO_LIB=1' '-DBOOST_THREAD_POSIX' '-DBOOST_THREAD_USE_DLL=1' '-I../../..' '-c' '-o' '../../../bin.v2/libs/lockfree/test/fifo_test.test/gcc-4.4.1/debug/threading-multi/fifo_test.o' '-shared-libgcc' '-mtune=generic'
Comment 4 Richard Biener 2009-08-18 14:24:47 UTC 
Does it work with -fno-strict-aliasing?  I suppose this is one case where boost
plays tricks with placement new on decls (non-anonymous storage)?
Comment 5 tim blechmann 2009-08-18 14:36:08 UTC 
compiling with -fno-strict-aliasing doesn't do any difference.

the error is actually related to some code, that does a pointer/tag compression, packing a pointer and an integer to a 64bit pointer [1] in order to deal with the lack of cmpxchg16b instructions on early x86_64 cpus.

hth, tim

[1] http://tim.klingt.org/git?p=boost_lockfree.git;a=blob;f=boost/lockfree/detail/tagged_ptr_ptrcompression.hpp
Comment 6 Paolo Carlini 2011-10-19 00:16:49 UTC 
Richard, do you think we could somehow resolve this? (doesn't seem a C++ issue)
Comment 7 Richard Biener 2011-10-19 07:51:48 UTC 
Unlikely, it hasn't been properly analyzed and boost code is a mess.  There
are known issues with PTA and pointer-in-integer tricks.  Use GCC 4.6.1
which should have this fixed.

So, please try 4.5.3 and/or 4.6.1.
Comment 8 Paolo Carlini 2012-05-13 22:07:39 UTC 
I guess we can close this.