Solid Sands: the day that GNU-C++ -Os broke

We spent a good day of debugging a few of our C++ tests before a pattern emerged. We are working on a project to support freestanding C and C++ environments with the SuperTest test and validation suite for C and C++ compilers. A freestanding environment is defined to support only a subset of the C and C++ libraries. Its goal is to allow applications to run on targets that do not have an extensive run-time system like a proper OS. Instead, it allows programs to run on 'bare-metal'. This is useful for all kinds of embedded applications.

One of the goals in this project is to minimize the memory requirements of the SuperTest, so we use the compiler with the memory optimization option -Os.

Several C++ tests, related to exception handling and inheritance, suddenly failed in the new freestanding configuration.

When tests fail like this, the first thing to suspect is our own changes. After all, the compiler used is the default g++ compiler on a fully up-to-date x86 Ubuntu environment. Many thousands (millions?) of mission-critical systems use GNU-C++ and Ubuntu. Space-X, just to name a high-profile example, uses C++ and Linux on x86 in their rockets too.

Here is one such test. Yes, we know this is not nice C++, but we are not in the business of writing nice C++. Our job is to go near the edge of the language specification to verify the correct behavior of its implementation.


    class A {

            virtual void f(){};


            int x;

            A(int in): x(in) {};


    class B: public A {


            int y;

            B(int in):A(in-1), y(in) {};


    int test(void) {

        int res;

        B b(2);

        A* bp = &b;

        void* vp = dynamic_cast(bp);

        if (  ((A*)vp)->x == 1

           && ((B*)vp)->y == 2

           ) {

            return 1;   // PASS

        } else {

            return 0;   // FAIL



    int main (void) {

        assert (test ());


The code is not complicated, but it has some unnecessary, though well-defined, type-casting. Class A is inherited by class B and both have their own instance variable, x and y respectively. The instantiation of an object of class B, in the second line of the function test, initializes these variables with the values 1 and 2. After two type casts, the if statement verifies these values.

Let us first admire the beauty of the x86-64 code generated by g++ for the function test() with the option -O1:


  mov DWORD PTR [rsp-8], 1

  mov DWORD PTR [rsp-4], 2

  mov rdx, QWORD PTR vtable for B[rip]

  movabs rax, 8589934593

  cmp QWORD PTR [rsp-8+rdx], rax

  sete al

  movzx eax, al


  rep ret

The compiler knows the layout of the object of type B. With the first two moves, it sets the values of the two variables x and y. Then it compares the values of object b’s fields with the 64-bit immediate 8589934593. In hexadecimal, this value is easier to understand: 0x200000001. The compiler does two comparisons of 32-bit values in one 64-bit comparison! That is a clever move. So far so good.

But now compile the code with -Os, for size optimization. The generated code becomes:


  mov rdx, QWORD PTR vtable for B[rip]

  mov DWORD PTR [rsp-8], 1

  movabs rax, 8589934593

  cmp QWORD PTR [rsp-8+rdx], rax

  sete al

  movzx eax, al


Do you see what is missing? Somehow, the compiler has forgotten to initialize b's variable y to 2! And thus our test-program fails at the assert.

This is a serious error. Due to the optimization that turns two comparisons into one, the compiler ‘forgets’ that the y field of the object b is used. A def-use analysis after the optimization of the two comparisons then sees no use of y. Therefore the compiler concludes that the initialization of the field y is redundant, and removes it. Is this behavior limited to comparison optimization in combination with some liberal type-casting? Perhaps, but there is no guarantee for that.

It is not the only error. There are also errors in the generated exception handling code when -Os is used. The version of GNU-C shown here is 7.3.0 because that is the current version on Ubuntu. We tried different versions of GNU-C, also for ARM64 targets and not Ubuntu related, and they are all affected. We must conclude that it is not safe to use g++ in combination with the -Os option for 64-bit targets.

Compiler developers run many tests to prevent that errors like these slip through. But compilers are complicated and they have so many configuration options that no compiler supplier can state upfront that your particular use case is verified.

If your application domain is mission-critical or even safety-critical, you need to set up compiler validation for the compiler and for the use cases that are specific to you. If that is beyond your scope, then at least verify that your compiler supplier uses SuperTest. SuperTest provides you with a better chance of staying ahead of compiler errors than any other method that we know of. Let's hope that Space-X does not use g++ with the -Os option.

More Information...

Latest News from Solid Sands

Solid Sands: SuperTest Vermeer Release Update #1 with enhanced usability features
Solid Sands introduces license-free service to ease compiler qualification
Solid Sands @ Renault Co-Innovation Days
Solid Sands: verification of optimization correctness with SuperTest
Solid Sands: next-generation release of SuperTest compiler test and validation suite
Solid Sands: the day that GNU-C++ -Os broke
Solid Sands: SuperTest helping Graphcore accelerate the future of AI
Solid Sands: SuperTest with native Windows support and requirements traceability for C and C++
Solid Sands: SuperTest suite used by UPMEM to speed up big-data analytics
Solid Sands: SuperTest helps Peloton enhance ‘big-rig’ safety and fuel efficiency
Solid Sands and AbsInt combine tools strengths
Solid Sands: CGtrainer for Code Generator Development

nVent Schroff at Embedded World 2019

The theme of the nVent Schroff booth at Embedded World 2019 was “Experience Expertise – Modularity, Performance, Protection and Design”. Join us as our experts give an overview of th...

Garz & Fricke Interview at Embedded World 2019 with Dr. Arne Dethlefs: We are strengthening our presence in North America

Through its US subsidiary, located in Minnesota, Garz & Fricke is providing support for its growing HMI and Panel-PC business in the USA and Canada while also strengthening its presence in North A...

SECO's innovations at embedded world 2019

In a much larger stand than in previous years, at embedded world 2019 SECO showcases its wide range of solutions and services for the industrial domain and IoT. Among the main innovations, in this vid...

Design and Manufacturing Services at Portwell

Since about two years Portwell is part of the Posiflex Group. Together with KIOSK, the US market leader in KIOSK systems, the Posiflex Group is a strong player in the Retail, KIOSK and Embedded market...

Arrow capabilities in design support

Florian Freund, Engineering Director DACH at Arrow Electronics talks us through Arrow’s transformation from distributor to Technology Platform Provider and how Arrow is positioned in both, Custo...

Arm launches PSA Certified to improve trust in IoT security

Arm’s Platform Security Architecture (PSA) has taken a step forward with the launch of PSA Certified, a scheme where independent labs will verify that IoT devices have the right level of securit...

DIN-Rail Embedded Computers from MEN Mikro

The DIN-Rail system from MEN is a selection of individual pre-fabricated modules that can variably combine features as required for a range of embedded Rail Onboard and Rail Wayside applications. The ...

Embedded Graphics Accelerates AI at the Edge

The adoption of graphics in embedded and AI applications are growing exponentially. While graphics are widely available in the market, product lifecycle, custom change and harsh operating environments...

ADLINK Optimizes Edge AI with Heterogeneous Computing Platforms

With increasing complexity of applications, no single type of computing core can fulfill all application requirements. To optimize AI performance at the edge, an optimized solution will often employ a...

Synchronized Debugging of Multi-Target Systems

The UDE Multi-Target Debug Solution from PLS provides synchronous debugging of AURIX multi-chip systems. A special adapter handles the communication between two MCUs and the UAD3+ access device and pr...

Smart Panel Fulfills Application Needs with Flexibility

To meet all requirement of vertical applications, ADLINK’s Smart Panel is engineered for flexible configuration and expansion to reduce R&D time and effort and accelerate time to market. The...

Artificial Intelligence

Morten Kreiberg-Block, Director of Supplier & Technology Marketing EMEA at Arrow Electronics talks about the power of AI and enabling platforms. Morten shares some examples of traditional designin...

Arrow’s IoT Technology Platform – Sensor to Sunset

Andrew Bickley, Director IoT EMEA at Arrow Electronics talks about challenges in the IoT world and how Arrow is facing those through the Sensor to Sunset approach. Over the lifecycle of the connected ...

AAEON – Spreading Intelligence in the connected World

AAEON is moving from creating the simple hardware to creating the great solutions within Artificial Intelligence and IoT. AAEON is offering the new solutions for emerging markets, like robotics, drone...

Arrow as a Technology Provider drive Solutions selling approach

Amir Sherman, Director of Engineering Solutions & Embedded Technology at Arrow Electronics talks about the transition started couple of years ago from a components’ distributor to Technology...

Riding the Technology wave

David Spragg, VP, Engineering – EMEA at Arrow Electronics talks about improvements in software and hardware enabling to utilize the AI capabilities. David shares how Arrow with its solutions is ...

ASIC Design Services explains their Core Deep Learning framework for FPGA design

In this video Robert Green from ASIC Design Services describes their Core Deep Learning (CDL) framework for FPGA design at electronica 2018 in Munich, Germany. CDL technology accelerates Convolutional...

Microchip explains some of their latest smart home and facility solutions

In this video Caesar from Microchip talks about the company's latest smart home solutions at electronica 2018 in Munich, Germany. One demonstrator shown highlights the convenience and functionalit...

Infineon explains their latest CoolGaN devices at electronica 2018

In this video Infineon talks about their new CoolGaN 600 V e-mode HEMTs and GaN EiceDRIVER ICs, offering a higher power density enabling smaller and lighter designs, lower overall system cost. The nor...

Analog Devices demonstrates a novel high-efficiency charge pump with hybrid tech

In this video Frederik Dostal from Analog Devices explains a very high-efficiency charge-pump demonstration at their boot at electronica 2018 in Munich, Germany. Able to achieve an operating efficienc...

wholesale jerseys