Bug 490253 - gcc optimizes away critical frees with -O2 flag set; does not occur with vanilla
gcc optimizes away critical frees with -O2 flag set; does not occur with vanilla
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: gcc34 (Show other bugs)
All Linux
low Severity high
: rc
: ---
Assigned To: Jakub Jelinek
Depends On:
  Show dependency treegraph
Reported: 2009-03-14 02:37 EDT by Ladar Levison
Modified: 2012-06-20 12:58 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-06-20 12:58:03 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
gcc34-rh490253.patch (1.74 KB, patch)
2009-03-16 11:56 EDT, Jakub Jelinek
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
CentOS 2809 None None None Never

  None (edit)
Description Ladar Levison 2009-03-14 02:37:11 EDT
When compiling clamav v0.94.2, and statically linking it to an application, memory is not freed by the cl_free function. It appears to be a bug with the RHEL version of gcc 3.4, as the bug does not occur with gcc 3.4 in debian. See this clamav bug report for a test case:


I finally managed to get my hands on a RHEL 4 box to test against, and the issue is still present.
Comment 1 Jakub Jelinek 2009-03-16 11:30:59 EDT
Yeah, reproduceable also with vanilla gcc 3.4.x.  Doesn't reproduce with -mtune=i486, -mtune=i586 or -mtune=i686, so as a workaround just use -mtune=i686, you aren't running on i386 anyway, are you?  Or use unsigned int or unsigned long counter instead of unsigned short.

The bug is in the loop optimizer, where it incorrectly determines in check_dbra_loop that the induction variable is always non-negative, when HImode 0xf808 obivously is negative and so when the loop is reversed and after
HImode subtraction of 1 from 0xf808 (decw) the jns obviously doesn't loop back when it should.

I think this got broken by
patch, for LTU we should check that the comparison value isn't when considered as signed less than 0.
Comment 2 Jakub Jelinek 2009-03-16 11:56:39 EDT
Created attachment 335362 [details]

Untested patch that cures this bug.
Comment 3 Jiri Pallich 2012-06-20 12:58:03 EDT
Thank you for submitting this issue for consideration in Red Hat Enterprise Linux. The release for which you requested us to review is now End of Life. 
Please See https://access.redhat.com/support/policy/updates/errata/

If you would like Red Hat to re-consider your feature request for an active release, please re-open the request via appropriate support channels and provide additional supporting details about the importance of this issue.

Note You need to log in before you can comment on or make changes to this bug.