[Bug tree-optimization/87214] [9 Regression] r263772 miscompiled 520.omnetpp_r in SPEC CPU 2017

Thu, 24 Jan 2019 06:15:24 -0800 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87214

--- Comment #13 from Martin Liška <marxin at gcc dot gnu.org> ---
The 2 problematic functions looks like:

void cComponent::reallocParamv(int size)
{
    ((void)0);
    if (size!=(short)size)
        throw cRuntimeError(this, "reallocParamv(%d): at most %d parameters
allowed", size, 0x7fff);
    cPar *newparamv = new cPar[size];
__builtin_printf ("realloc called with new size: paramvsize: %d\n", numparams);
    for (int i=0; i<numparams; i++)
        __builtin_printf ("%d:%s\n", i,paramv[i].getName());
__builtin_printf ("\n");

    for (int i=0; i<numparams; i++)
        paramv[i].moveto(newparamv[i]);

    for (int i=0; i<numparams; i++)
        __builtin_printf ("%d:%s\n", i,newparamv[i].getName());
__builtin_printf ("realloc done\n");
    delete [] paramv;
    paramv = newparamv;
    paramvsize = (short)size;
}

void cComponent::addPar(cParImpl *value)
{
__builtin_printf ("addPar: paramvsize: %d, name: %s\n", paramvsize,
value->getName());
    if (parametersFinalized())
        throw cRuntimeError(this, "cannot add parameters at runtime");
    if (findPar(value->getName())>=0)
        throw cRuntimeError(this, "cannot add parameter `%s': already exists",
value->getName());
    if (numparams==paramvsize)
        reallocParamv(paramvsize+1);
    paramv[numparams++].init(this, value);
}

where the vectorized version prints:

Preparing for running configuration General, run #0...
Scenario: $repetition=0
Assigned runID=speccpu-runid
Setting up network `largeNet'...
addPar: paramvsize: 0, name: n
findPar: n
realloc called with new size: paramvsize: 0

realloc done
findPar: n
addPar: paramvsize: 1, name: bbs
findPar: bbs
realloc called with new size: paramvsize: 1
0:n

0:n
realloc done
findPar: bbs
addPar: paramvsize: 2, name: bbm
findPar: bbm
realloc called with new size: paramvsize: 2
0:n
1:bbs

0:n
1:bbs
realloc done
findPar: bbm
addPar: paramvsize: 3, name: bbl
findPar: bbl
realloc called with new size: paramvsize: 3
0:n
1:bbs
2:bbm

0:n
1:bbs
2:bbm
realloc done
findPar: bbl
addPar: paramvsize: 4, name: as
findPar: as
realloc called with new size: paramvsize: 4
0:n
1:bbs
2:bbm
3:bbl

0:n
1:bbs
2:bbm
3:bbl
realloc done
findPar: as
addPar: paramvsize: 5, name: am
findPar: am
realloc called with new size: paramvsize: 5
0:n
1:bbs
2:bbm
3:bbl
4:as

0:n
1:bbs
2:bbm
3:bbl
4:as
realloc done
findPar: am
addPar: paramvsize: 6, name: al
findPar: al
realloc called with new size: paramvsize: 6
0:n
1:bbs
2:bbm
3:bbl
4:as
5:am

0:n
1:bbs
2:bbm
3:largeNet
4:as
5:am
realloc done
findPar: al
addPar: paramvsize: 7, name: bs
findPar: bs
realloc called with new size: paramvsize: 7
0:n
1:bbs
2:bbm
3:largeNet
4:as
5:am
6:al

0:n
1:bbs
2:bbm
Segmentation fault (core dumped)


As seen the moveto is wrong for paramvsize == 6 (5 old elements), where element
#3 should be 'bbl' after copying, but is 'largeNet'. Then we reach a segfault
due to it.

Reply via email to