[Bug c++/53220] New: g++ mis-compiles compound literals

ppluzhnikov at google dot com gcc-bugzilla@gcc.gnu.org
Thu May 3 19:50:00 GMT 2012 

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53220

             Bug #: 53220
           Summary: g++ mis-compiles compound literals
    Classification: Unclassified
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c++
        AssignedTo: unassigned@gcc.gnu.org
        ReportedBy: ppluzhnikov@google.com


This appears to be a gcc-4.7 regression. Confirmed in:
g++ (GCC) 4.8.0 20120331 (experimental)
g++ (GCC) 4.8.0 20120503 (experimental)


#include <stdio.h>

int main()
{
  for (int *p = (int[]){ 1, 2, 3, 0}; *p; ++p) {
    printf("%d\n", *p);
  }
  return 0;
}

gcc -std=c99 t2.c && ./a.out
1
2
3

gcc -std=c99 -O2 t2.c && ./a.out
1
2
3

g++ t2.c && ./a.out
1
2
3

g++ -O2 -g t2.c && ./a.out
944127552
32767

AFAICT, g++ completely removes the initializer and reads random garbage off
stack:

(gdb) disas main
Dump of assembler code for function main():
   0x0000000000400600 <+0>:     push   %rbx
   0x0000000000400601 <+1>:     sub    $0x10,%rsp
   0x0000000000400605 <+5>:     mov    (%rsp),%esi
   0x0000000000400608 <+8>:     mov    %rsp,%rbx
   0x000000000040060b <+11>:    test   %esi,%esi
   0x000000000040060d <+13>:    je     0x400626 <main()+38>
   0x000000000040060f <+15>:    nop
   0x0000000000400610 <+16>:    xor    %eax,%eax
   0x0000000000400612 <+18>:    add    $0x4,%rbx
   0x0000000000400616 <+22>:    mov    $0x40071c,%edi
   0x000000000040061b <+27>:    callq  0x400478 <printf@plt>
   0x0000000000400620 <+32>:    mov    (%rbx),%esi
   0x0000000000400622 <+34>:    test   %esi,%esi
   0x0000000000400624 <+36>:    jne    0x400610 <main()+16>
   0x0000000000400626 <+38>:    add    $0x10,%rsp
   0x000000000040062a <+42>:    xor    %eax,%eax
   0x000000000040062c <+44>:    pop    %rbx
   0x000000000040062d <+45>:    retq   
End of assembler dump.

valgrind ./a.out
...
==13572== Conditional jump or move depends on uninitialised value(s)
==13572==    at 0x40060D: main (/tmp/t2.c:5)
==13572== 
==13572== Use of uninitialised value of size 8
==13572==    at 0x5625E4B: _itoa_word
(/build/buildd/eglibc-2.11.1/stdio-common/_itoa.c:195)
==13572==    by 0x5628A87: vfprintf
(/build/buildd/eglibc-2.11.1/stdio-common/vfprintf.c:1616)
==13572==    by 0x5631659: printf
(/build/buildd/eglibc-2.11.1/stdio-common/printf.c:35)
==13572==    by 0x40061F: main (/tmp/t2.c:6)
==13572== 
==13572== Conditional jump or move depends on uninitialised value(s)
==13572==    at 0x5625E55: _itoa_word
(/build/buildd/eglibc-2.11.1/stdio-common/_itoa.c:195)
==13572==    by 0x5628A87: vfprintf
(/build/buildd/eglibc-2.11.1/stdio-common/vfprintf.c:1616)
==13572==    by 0x5631659: printf
(/build/buildd/eglibc-2.11.1/stdio-common/printf.c:35)
==13572==    by 0x40061F: main (/tmp/t2.c:6)
==13572== 
==13572== Conditional jump or move depends on uninitialised value(s)
==13572==    at 0x5627ED2: vfprintf
(/build/buildd/eglibc-2.11.1/stdio-common/vfprintf.c:1616)
==13572==    by 0x5631659: printf
(/build/buildd/eglibc-2.11.1/stdio-common/printf.c:35)
==13572==    by 0x40061F: main (/tmp/t2.c:6)
==13572== 
==13572== Conditional jump or move depends on uninitialised value(s)
==13572==    at 0x5627EF0: vfprintf
(/build/buildd/eglibc-2.11.1/stdio-common/vfprintf.c:1616)
==13572==    by 0x5631659: printf
(/build/buildd/eglibc-2.11.1/stdio-common/printf.c:35)
==13572==    by 0x40061F: main (/tmp/t2.c:6)
==13572== 
-16780368
==13572== Conditional jump or move depends on uninitialised value(s)
==13572==    at 0x400624: main (/tmp/t2.c:5)
==13572== 
127
...

Google ref: b/6439133

More information about the Gcc-bugs mailing list