[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#630441: g++-4.6 miscompilation

Hi there.

It turns out that the problem was in the debug version - it shouldn't have worked.
Further, the compiler should have noticed a reference to a stack variable being returned,
but that didn't happen either.

It's still my bad though. Sorry if I've wasted your time.

Maybe this problem can help you guys figure out why the compiler didn't notice.

Here's a detailed explanation for those interested.

Notes
-----
treedb and meta-treedb deal in offsets where allocation or freeing of heap data
is involved, as they may result in having to resize the heap, which may cause
the heap to move in memory.

Yes, segment addressing would make this all go away, but it's not portable.

--------------------------------------------------------------------------------
Meta treedb stores data in a double-linked list node as follows
--------------------------------------------------------------------------------
->  context.push_back(const InputType&  d)
->  meta::L2ListT<...>::push_back(Backend::pack_input(d))
->  meta::L2List::PushBack(d)
->  return (HTREEDB_L2LISTNODE)L2LIST_pack_node(L2LIST_NS(PushBack)(context, hl, pv)
This calls into l2list-impl.h, which needs to allocate a node.
To do this, it calls on the BackEnd's AllocNode member, which knows how to
calculate the required size based on the input data and information about the
node size and alignment requirements, which it gets from the constexts description.

Once returned, the node is linked into the list by L2LIST_NS(PushBack), and
passed on to the caller.

--------------------------------------------------------------------------------
Meta treedb retrieves data from a double-linked list as follows
--------------------------------------------------------------------------------
context.PointerHead() gets the address of the node.
context.data(node) gets the data from the node as follows:
->  meta:L2ListT<...>::data(pv)
->  meta::L2ListImplT<...>::data(pv)
->  Backend::unpack_data(node_to_data(pv))

The problem was that Backend::unpack_data returns a reference to a char *,
which gets stepped on when optimized.

Regards,
Philip Ashmore
Reply to: