This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug ipa/68331] [meta-bug] fipa-pta issues
- From: "david.abdurachmanov at gmail dot com" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Thu, 21 Apr 2016 20:07:55 +0000
- Subject: [Bug ipa/68331] [meta-bug] fipa-pta issues
- Auto-submitted: auto-generated
- References: <bug-68331-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68331
David Abdurachmanov <david.abdurachmanov at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |david.abdurachmanov at gmail dot c
| |om
--- Comment #10 from David Abdurachmanov <david.abdurachmanov at gmail dot com> ---
I have been reg-testing GCC 6 for the last few weeks and I hit an issue with
compile code straggly segfaulting.
Compiler with GCC 5.3.0, ASan and valgrind shows no issues. Compiled with GCC
6.0.1, ASan and valgrind shows issues, program segfaults. If I go below -O2,
the execution at least does not segfault. Developers so far couldn't understand
whats happening. No issues if compiled with latest Clang or ICC.
I am trying to understand if this is a potential GCC bug and it's worth filling
another BZ ticket. I am trying to reg-test as much as I can before GCC 6.1.0 is
cut. What are your thoughts?
Bisect brought me to this commit as being the culprit:
7ae97ba6651703d99d9f0e20a4e48eb7743c103c is the first bad commit
commit 7ae97ba6651703d99d9f0e20a4e48eb7743c103c
Author: rguenth <rguenth@138bc75d-0d04-0410-961f-82ee72b054a4>
Date: Thu Dec 10 09:41:08 2015 +0000
2015-12-10 Richard Biener <rguenther@suse.de>
PR ipa/68331
[..]
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@231498
138bc75d-0d04-0410-961f-82ee72b054a4
What fails is:
421 std::unique_ptr<ParameterDescriptionNode> node =
std::make_unique<ParameterDescription<T>>(iLabel, value, isTracked);
422 ParameterDescriptionNode* pnode = addNode(std::move(node), isOptional,
writeToCfi);
addNode will segfault std::unique_ptr content is wrong. If one would do
node.get() you get 0x100000000 trying to access such memory will cause
segfault.
So, I took 7ae97ba6651703d99d9f0e20a4e48eb7743c103c (first bad commit) and
6c2acfc4892316b46df0fe4a6769fb6766ab1e0b (last good) and compared assembly for
edmtest::ProducerWithPSetDesc::fillDescriptions(edm::ConfigurationDescriptions&).
I found no significant differences, all are offsets. I know that the second
call to edm::ParameterSetDescription::addNode fails.
[..]
48 1f5f1: e8 9a 7d ff ff callq 17390
<edm::ParameterDescriptionBase* edm::ParameterSetDescription::add<int, char
[6]>(char const (&) [6], int const&, bool, bool, bool)@plt>
49 1f5f6: 48 8d 35 d3 f4 01 00 lea 0x1f4d3(%rip),%rsi #
3ead0 <_fini+0x2a10>
50 1f5fd: 48 89 c7 mov %rax,%rdi
51 1f600: e8 db 83 ff ff callq 179e0
<edm::ParameterDescriptionNode::setComment(char const*)@plt>
52 1f605: 48 8d 85 50 fe ff ff lea -0x1b0(%rbp),%rax
53 1f60c: 48 8d bd 20 d7 ff ff lea -0x28e0(%rbp),%rdi
54 1f613: 48 8d 35 c9 cb 01 00 lea 0x1cbc9(%rip),%rsi #
3c1e3 <_fini+0x123>
55 1f61a: 31 c9 xor %ecx,%ecx
56 1f61c: c7 85 50 fe ff ff 01 movl $0x80000001,-0x1b0(%rbp)
57 1f623: 00 00 80
58 1f626: 48 89 c2 mov %rax,%rdx
59 1f629: 48 89 85 98 d0 ff ff mov %rax,-0x2f68(%rbp)
60 1f630: e8 7b 91 ff ff callq 187b0
<std::_MakeUniq<edm::ParameterDescription<int> >::__single_object
std::make_unique<edm::ParameterDescription<int>, char const (&) [16], int
const&, bool&>(char const (&) [16], int const&, bool&) [clone .isra.142] >
61 1f635: 48 8b 85 20 d7 ff ff mov -0x28e0(%rbp),%rax
62 1f63c: b9 01 00 00 00 mov $0x1,%ecx
63 1f641: 31 d2 xor %edx,%edx
64 1f643: 4c 89 f6 mov %r14,%rsi
65 1f646: 4c 89 ff mov %r15,%rdi
66 1f649: 48 89 85 10 ff ff ff mov %rax,-0xf0(%rbp)
67 1f650: e8 9b 77 ff ff callq 16df0
<edm::ParameterSetDescription::addNode(std::unique_ptr<edm::ParameterDescriptionNode,
std::default_delete<edm::ParameterDescriptionNode> >, bool, bool)@plt>
68 1f655: 48 8b bd 10 ff ff ff mov -0xf0(%rbp),%rdi
[..]
Before that it calls the cloned function. Pointer becomes wrong after line 66
[%rax,-0xf0(%rbp)]. Then I looked into cloned function between two commits.
This showed some differences:
3 @@ -19,7 +19,6 @@
4 48 89 df mov %rbx,%rdi
5 e8 75 e8 ff ff callq 17060 <edm
6 48 8b 05 a6 36 03 00 mov 0x336a6(%rip),%rax # 4be98
<_DYNAMIC+0x430>
7 - 49 89 1c 24 mov %rbx,(%r12)
8 48 83 c0 10 add $0x10,%rax
9 48 89 03 mov %rax,(%rbx)
10 41 8b 45 00 mov 0x0(%r13),%eax
11 @@ -34,9 +33,10 @@
12 48 89 c5 mov %rax,%rbp
13 48 89 df mov %rbx,%rdi
14 be 28 00 00 00 mov $0x28,%esi
15 - e8 50 e4 ff ff callq 16c70 <operator delete(void*,
unsigned long)@plt>
16 + e8 54 e4 ff ff callq 16c70 <operator delete(void*,
unsigned long)@plt>
17 48 89 ef mov %rbp,%rdi
18 - e8 48 ef ff ff callq 17770 <_Unwind_Resume@plt>
19 - 0f 1f 84 00 00 00 00 nopl 0x0(%rax,%rax,1)
20 - 00
21 + e8 4c ef ff ff callq 17770 <_Unwind_Resume@plt>
22 + 66 90 xchg %ax,%ax
23 + 66 2e 0f 1f 84 00 00 nopw %cs
24 + 00 00 00
##### ASAN REPORT #####
ASAN:DEADLYSIGNAL
=================================================================
==11345==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000018 (pc
0x2abffdb95e22 bp 0x7ffd8abe14b0 sp 0x7ffd8abe12c0 T0)
#0 0x2abffdb95e21 in
edm::ParameterDescriptionNode::checkAndGetLabelsAndTypes(std::set<std::string,
std::less<std::string>, std::allocator<std::string> >&,
std::set<edm::ParameterTypes, std::less<edm::ParameterTypes>,
std::allocator<edm::ParameterTypes> >&, std::set<e
dm::ParameterTypes, std::less<edm::ParameterTypes>,
std::allocator<edm::ParameterTypes> >&) const
/mnt/build/davidlt/CMSSW_8_1_X_2016-04-18-1100/src/FWCore/ParameterSet/interface/ParameterDescriptionNode.h:213
#1 0x2abffdb95e21 in
edm::ParameterSetDescription::addNode(std::unique_ptr<edm::ParameterDescriptionNode,
std::default_delete<edm::ParameterDescriptionNode> >, bool, bool)
/mnt/build/davidlt/CMSSW_8_1_X_2016-04-18-1100/src/FWCore/ParameterSet/src/ParameterSetDescripti
on.cc:92
#2 0x2ac0041a3961 in edm::ParameterDescriptionBase*
edm::ParameterSetDescription::add<int, char [16]>(char const (&) [16], int
const&, bool, bool, bool)
/mnt/build/davidlt/CMSSW_8_1_X_2016-04-18-1100/src/FWCore/ParameterSet/interface/ParameterSetDescription.h:422
#3 0x2ac0041a3961 in edm::ParameterDescriptionBase*
edm::ParameterSetDescription::addUntracked<int, char [16]>(char const (&) [16],
int const&)
/mnt/build/davidlt/CMSSW_8_1_X_2016-04-18-1100/src/FWCore/ParameterSet/interface/ParameterSetDescription.h:95
[..]
##### VALGRIND REPORT #####
These happens already after calling edm::ParameterSetDescription::addNode where
the pointer is already wrong.
==31968== Use of uninitialised value of size 8
==31968== at 0x40C7674: checkAndGetLabelsAndTypes
(ParameterDescriptionNode.h:213)
==31968== by 0x40C7674:
edm::ParameterSetDescription::addNode(std::unique_ptr<edm::ParameterDescriptionNode,
std::default_delete<edm::ParameterDescriptionNode> >, bool, bool)
(ParameterSetDescription.cc:92)
==31968== by 0x8705657: add<int, char [16]> (ParameterSetDescription.h:422)
==31968== by 0x8705657: addUntracked<int, char [16]>
(ParameterSetDescription.h:95)
==31968== by 0x8705657:
edmtest::ProducerWithPSetDesc::fillDescriptions(edm::ConfigurationDescriptions&)
(ProducerWithPSetDesc.cc:459)
==31968== by 0x871ABBB:
edm::ParameterSetDescriptionFiller<edmtest::ProducerWithPSetDesc>::fill(edm::ConfigurationDescriptions&)
const (ParameterSetDescriptionFiller.h:55)
==31968== by 0x4059BF: operator() (edmWriteConfigs.cpp:90)
==31968== by 0x4059BF: wrap<(anonymous namespace)::writeCfisForPlugin(const
string&, edm::ParameterSetDescriptionFillerPluginFactory*)::<lambda()> >
(ConvertException.h:20)
==31968== by 0x4059BF: writeCfisForPlugin (edmWriteConfigs.cpp:91)
==31968== by 0x4059BF: __call<void, std::basic_string<char,
std::char_traits<char>, std::allocator<char> >&, 0ul, 1ul> (functional:943)
==31968== by 0x4059BF: operator()<std::basic_string<char,
std::char_traits<char>, std::allocator<char> >&> (functional:1002)
==31968== by 0x4059BF:
for_each<__gnu_cxx::__normal_iterator<std::basic_string<char>*,
std::vector<std::basic_string<char> > >, std::_Bind<void
(*(std::_Placeholder<1>,
edmplugin::PluginFactory<edm::ParameterSetDescriptionFillerBase*()>*))(const
std::basic_string<cha
r>&, edmplugin::PluginFactory<edm::ParameterSetDescriptionFillerBase*()>*)> >
(stl_algo.h:3776)
==31968== by 0x4059BF: for_all<std::vector<std::basic_string<char> >,
std::_Bind<void (*(std::_Placeholder<1>,
edmplugin::PluginFactory<edm::ParameterSetDescriptionFillerBase*()>*))(const
std::basic_string<char>&, edmplugin::PluginFactory<edm::ParameterSetDescription
FillerBase*()>*)> > (Algorithms.h:17)
==31968== by 0x4059BF: operator() (edmWriteConfigs.cpp:285)
==31968== by 0x4059BF: wrap<main(int, char**)::<lambda()> >
(ConvertException.h:20)
==31968== by 0x4059BF: main (edmWriteConfigs.cpp:286)
==31968== Uninitialised value was created by a stack allocation
==31968== at 0x8705544:
edmtest::ProducerWithPSetDesc::fillDescriptions(edm::ConfigurationDescriptions&)
(ProducerWithPSetDesc.cc:438)
==31968==
==31968== Invalid read of size 8
==31968== at 0x40C7674: checkAndGetLabelsAndTypes
(ParameterDescriptionNode.h:213)
==31968== by 0x40C7674:
edm::ParameterSetDescription::addNode(std::unique_ptr<edm::ParameterDescriptionNode,
std::default_delete<edm::ParameterDescriptionNode> >, bool, bool)
(ParameterSetDescription.cc:92)
==31968== by 0x8705657: add<int, char [16]> (ParameterSetDescription.h:422)
==31968== by 0x8705657: addUntracked<int, char [16]>
(ParameterSetDescription.h:95)
==31968== by 0x8705657:
edmtest::ProducerWithPSetDesc::fillDescriptions(edm::ConfigurationDescriptions&)
(ProducerWithPSetDesc.cc:459)
==31968== by 0x871ABBB:
edm::ParameterSetDescriptionFiller<edmtest::ProducerWithPSetDesc>::fill(edm::ConfigurationDescriptions&)
const (ParameterSetDescriptionFiller.h:55)
==31968== by 0x4059BF: operator() (edmWriteConfigs.cpp:90)
==31968== by 0x4059BF: wrap<(anonymous namespace)::writeCfisForPlugin(const
string&, edm::ParameterSetDescriptionFillerPluginFactory*)::<lambda()> >
(ConvertException.h:20)
==31968== by 0x4059BF: writeCfisForPlugin (edmWriteConfigs.cpp:91)
==31968== by 0x4059BF: __call<void, std::basic_string<char,
std::char_traits<char>, std::allocator<char> >&, 0ul, 1ul> (functional:943)
==31968== by 0x4059BF: operator()<std::basic_string<char,
std::char_traits<char>, std::allocator<char> >&> (functional:1002)
==31968== by 0x4059BF:
for_each<__gnu_cxx::__normal_iterator<std::basic_string<char>*,
std::vector<std::basic_string<char> > >, std::_Bind<void
(*(std::_Placeholder<1>,
edmplugin::PluginFactory<edm::ParameterSetDescriptionFillerBase*()>*))(const
std::basic_string<cha
r>&, edmplugin::PluginFactory<edm::ParameterSetDescriptionFillerBase*()>*)> >
(stl_algo.h:3776)
==31968== by 0x4059BF: for_all<std::vector<std::basic_string<char> >,
std::_Bind<void (*(std::_Placeholder<1>,
edmplugin::PluginFactory<edm::ParameterSetDescriptionFillerBase*()>*))(const
std::basic_string<char>&, edmplugin::PluginFactory<edm::ParameterSetDescription
FillerBase*()>*)> > (Algorithms.h:17)
==31968== by 0x4059BF: operator() (edmWriteConfigs.cpp:285)
==31968== by 0x4059BF: wrap<main(int, char**)::<lambda()> >
(ConvertException.h:20)
==31968== by 0x4059BF: main (edmWriteConfigs.cpp:286)
==31968== Address 0x1ffdfeb5400000 is not stack'd, malloc'd or (recently)
free'd