Bug 48695 - [4.6 Regression] Runtime with an array of std::vectors
Summary: [4.6 Regression] Runtime with an array of std::vectors
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: rtl-optimization (show other bugs)
Version: 4.6.0
: P3 normal
Target Milestone: 4.6.1
Assignee: Richard Biener
URL:
Keywords: alias, wrong-code
Depends on:
Blocks:
 
Reported: 2011-04-19 21:25 UTC by e-maxx
Modified: 2011-04-21 14:40 UTC (History)
3 users (show)

See Also:
Host:
Target: x86_64-linux-gnu
Build:
Known to work: 4.7.0
Known to fail: 4.6.0
Last reconfirmed: 2011-04-19 23:01:24


Attachments
The entire program (125 bytes, application/octet-stream)
2011-04-19 21:25 UTC, e-maxx
Details
partially reduced testcase (1.05 KB, text/plain)
2011-04-19 22:15 UTC, Zdenek Sojka
Details
reduced testcase (305 bytes, text/plain)
2011-04-19 23:06 UTC, Zdenek Sojka
Details

Note You need to log in before you can comment on or make changes to this bug.
Description e-maxx 2011-04-19 21:25:34 UTC
Created attachment 24048 [details]
The entire program

The following program crashes if compiled with -O2:

   for (int i=0; i<=1; i++)
      for (int j=0; j<=1; j++) {
         std::vector<int> a[2];
         a[i].push_back (0);
      }

If we remove any 'for' loop, or if we change a[i] to a[0] or to a[1] - there will be no crash.
Comment 1 Andrew Pinski 2011-04-19 21:33:53 UTC
I can reproduce this on the trunk.
Comment 2 Andrew Pinski 2011-04-19 21:39:32 UTC
-fno-strict-aliasing makes it work.
Comment 3 Zdenek Sojka 2011-04-19 22:15:23 UTC
Created attachment 24049 [details]
partially reduced testcase

$ g++ testcase.C -O2
$ valgrind -q ./a.out 
==20686== Invalid write of size 4
==20686==    at 0x400625: main (testcase.C:54)
==20686==  Address 0x4 is not stack'd, malloc'd or (recently) free'd
Comment 4 Andrew Pinski 2011-04-19 22:58:01 UTC
The aliasing problem does not show up until sched2.
Comment 5 Andrew Pinski 2011-04-19 23:01:24 UTC
D.2398_16->D.2250._M_impl._M_finish
MEM[(struct _Vector_impl *)&a + 24B]._M_finish
Should conflict but don't
Comment 6 Zdenek Sojka 2011-04-19 23:06:31 UTC
Created attachment 24050 [details]
reduced testcase

I am not sure if it is reduced correctly. However, -fno-strict-aliasing prevents the crash.
Comment 7 Richard Biener 2011-04-20 09:26:30 UTC
Mine.
Comment 8 Richard Biener 2011-04-20 13:11:12 UTC
Author: rguenth
Date: Wed Apr 20 13:11:06 2011
New Revision: 172768

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=172768
Log:
2011-04-20  Richard Guenther  <rguenther@suse.de>

	PR middle-end/48695
	* tree-ssa-alias.c (aliasing_component_refs_p): Compute base
	objects and types here.  Adjust for their offset before
	comparing.

	* g++.dg/torture/pr48695.C: New testcase.

Added:
    trunk/gcc/testsuite/g++.dg/torture/pr48695.C
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/testsuite/ChangeLog
    trunk/gcc/tree-ssa-alias.c
Comment 9 Richard Biener 2011-04-20 13:46:54 UTC
Fixed on trunk sofar.
Comment 10 Richard Biener 2011-04-21 14:40:36 UTC
Fixed.
Comment 11 Richard Biener 2011-04-21 14:40:57 UTC
Author: rguenth
Date: Thu Apr 21 14:40:53 2011
New Revision: 172831

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=172831
Log:
2011-04-21  Richard Guenther  <rguenther@suse.de>

	PR middle-end/48695
	* tree-ssa-alias.c (aliasing_component_refs_p): Compute base
	objects and types here.  Adjust for their offset before
	comparing.

	* g++.dg/torture/pr48695.C: New testcase.

Added:
    branches/gcc-4_6-branch/gcc/testsuite/g++.dg/torture/pr48695.C
Modified:
    branches/gcc-4_6-branch/gcc/ChangeLog
    branches/gcc-4_6-branch/gcc/testsuite/ChangeLog
    branches/gcc-4_6-branch/gcc/tree-ssa-alias.c