Bug#210848: g++-3.3: Code miscompilation with -O0 -finline (discovered in QT)

To: Kevin Puetz <puetzk@iastate.edu>, 210848@bugs.debian.org
Subject: Bug#210848: g++-3.3: Code miscompilation with -O0 -finline (discovered in QT)
From: Daniel Jacobowitz <dan@debian.org>
Date: Sun, 14 Sep 2003 12:50:51 -0400
Message-id: <[🔎] 20030914165050.GA27063@nevyn.them.org>
Reply-to: Daniel Jacobowitz <dan@debian.org>, 210848@bugs.debian.org
In-reply-to: <[🔎] E19yQVw-00029h-00@puetzk>
References: <[🔎] E19yQVw-00029h-00@puetzk>

On Sun, Sep 14, 2003 at 01:37:40AM -0500, Kevin Puetz wrote:
> Package: g++-3.3
> Version: 1:3.3.2-0pre3
> Severity: grave
> Tags: security
> Justification: renders package unusable
> 
> 3.3.2-0pre3 introduces a very serious miscompilation when inline functions are in the lvalue of conditional expressions (at least, I think that this is the trigger condition).
> 
> It was introduced sometime between 3.3.2-0pre2 (2003/08/31) and 3.3.2-0pre3 (2003/09/08).
> It appears to generally generate an infinite loop in which it repeatedly evaluates the inlined function, though I also observed it to manifest in repeated, but terminating evaluation (in which it calculated the left-hand expression two or more times, butr then did perform the assignment).
> 
> This will break most users of the QT template library container classes (and thus KDE) - probably most other C++ applications if my guess as to the nature of the bug is correct. I discovered it manifesting in the form of my locally-built kbuildsycoca, qt-assistant, and qt-linguist hanging partway through their startups. Chris Cheney (KDE maintainer) is also able to reproduce the behavior in my provided testcase, though his KDE/QT debian have not been rebuilt since 3.3.2-0pre3 was installed.
> 
> A minimal testcase derived from the QListView::addColumn method (in which I first observed this problem) is available at http://puetzk.org/tmp/testcast.tgz. If compiled with 3.3.2-0pre2 it will run and exit, with 3.3.2-0pre3 it hangs with 100% cpu usage. It will also run in 3.2.3-0pre3 as long as -finline is disabled. I was unable to isolate a small example for the behavior in which it executed more than once the lvalue function (qux) more than once, but not endlessly, though I occasionally saw this behavior as I worked to minimize the testcase. I believe both symptoms are related to the same underlying cause.

Reproduced.  The bug occurs between the 00.rtl and 01.sibling dumps
(????).  Let me built a couple of CVS gccs to test.

-- 
Daniel Jacobowitz
MontaVista Software                         Debian GNU/Linux Developer

Reply to:

References:
- Bug#210848: g++-3.3: Code miscompilation with -O0 -finline (discovered in QT)
  - From: Kevin Puetz <puetzk@iastate.edu>

Prev by Date: Processed: Re: Bug#210848: g++-3.3: Code miscompilation with -O0 -finline (discovered in QT)
Next by Date: Processed: Trying to fix tags again
Previous by thread: Processed: Re: Bug#210848: g++-3.3: Code miscompilation with -O0 -finline (discovered in QT)
Next by thread: Bug#210848: marked as done (g++-3.3: Code miscompilation with -O0 -finline (discovered in QT))
Index(es):
- Date
- Thread