This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug c++/70531] Turning optimisation level 2 causes the output program to go into infinite loop
- From: "jgreenhalgh at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Mon, 04 Apr 2016 14:01:07 +0000
- Subject: [Bug c++/70531] Turning optimisation level 2 causes the output program to go into infinite loop
- Auto-submitted: auto-generated
- References: <bug-70531-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70531
James Greenhalgh <jgreenhalgh at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
CC| |jgreenhalgh at gcc dot gnu.org
Resolution|--- |INVALID
--- Comment #1 from James Greenhalgh <jgreenhalgh at gcc dot gnu.org> ---
Try compiling and running with -fsanitize=undefined. You have a bug in your
logic that results in an out-of-bounds memory access:
.../ab2.cpp:97:26: runtime error: index -1 out of bounds for type 'long long
int [101]'
.../ab2.cpp:97:18: runtime error: index -1 out of bounds for type 'long long
int [101][101][101]'
Segmentation fault (core dumped)
(At least) this condition is in the wrong place:
if (xs > xe || ys > ye)
return 0;
When rec is called with arguments (0, -1, 0, -1) (as it will be), this
condition comes after the memory dereference at:
if (dp[xs][xe][ys][ye] != -1)
return dp[xs][xe][ys][ye];
So you will be trying to access dp[0][-1][0][-1] - which is invalid.
I haven't fully audited your code for other logic errors. Please check your
algorithm. For simple inputs I always get a crash, not an infinite loop - but
such is the nature of undefined behaviour. If your bug report relies on
particular input to cause the loop, you'll need to provide that. As it stands,
this looks invalid, but feel free to reopen it after you have audited your code
for other undefined sequences.