This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libgomp/80809] New: Multi-free error for variable size array used within OpenMP task


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80809

            Bug ID: 80809
           Summary: Multi-free error for variable size array used within
                    OpenMP task
           Product: gcc
           Version: 7.1.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: libgomp
          Assignee: unassigned at gcc dot gnu.org
          Reporter: jessica at nettelblad dot se
                CC: jakub at gcc dot gnu.org
  Target Milestone: ---

Created attachment 41378
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=41378&action=edit
Repro test case

When using a local variable-sized array inited by a local variable in OpenMP
tasks, there seems to be a multi-free error. This is only evident if the array
is actually accessed within the OpenMP tasks, but that access can be a read.

Changing the array to fixed size, a dynamically allocated pointer, or
explicitly stating the array as shared (despite the default OpenMP data access
mode being shared), makes the error go away.

Minimum reproducible test case attached.

Reproduced on older releases from gcc 4, 5, and 6 branches as well.

Might not reproduce consistently on -O0.

Compiler and run output from gcc 7.1.0:

gcc -O1 -Wall -Wextra -fopenmp -fno-strict-aliasing -fwrapv openMPrepro.c
openMPrepro.c: In function ‘main._omp_fn.0’:
openMPrepro.c:24:9: warning: ‘({anonymous})’ may be used uninitialized in this
function [-Wmaybe-uninitialized]
 #pragma omp task firstprivate(index)
         ^~~
openMPrepro.c:8:7: note: ‘({anonymous})’ was declared here
   int data[x];
       ^~~~
-bash-4.2$ ./a.out
Give me x
4
0xf8747c 0 0 4
0xfa00fc 0 1 4
0xfc10fc 0 2 4
0xfe20fc 0 3 4
*** Error in `./a.out': double free or corruption (out): 0x0000000000fe2010 ***
Aborted (core dumped)

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]