User account creation filtered due to spam.

Bug 58598 - ICE: SIGSEGV (write after free) with -O -flto -fno-fat-lto-objects -fvtable-verify=std
Summary: ICE: SIGSEGV (write after free) with -O -flto -fno-fat-lto-objects -fvtable-v...
Status: UNCONFIRMED
Alias: None
Product: gcc
Classification: Unclassified
Component: middle-end (show other bugs)
Version: 4.9.0
: P3 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords: ice-on-valid-code, lto
Depends on:
Blocks:
 
Reported: 2013-10-02 20:47 UTC by Zdenek Sojka
Modified: 2016-08-13 05:59 UTC (History)
1 user (show)

See Also:
Host: x86_64-pc-linux-gnu
Target: x86_64-pc-linux-gnu
Build:
Known to work:
Known to fail: 4.9.0
Last reconfirmed:


Attachments
reduced testcase (46 bytes, text/x-csrc)
2013-10-02 20:47 UTC, Zdenek Sojka
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Zdenek Sojka 2013-10-02 20:47:59 UTC
Created attachment 30949 [details]
reduced testcase

Compiler output:
gcc -O -flto -fno-fat-lto-objects -fvtable-verify=std -wrapper valgrind,-q testcase.C 
==3463== Invalid write of size 8
==3463==    at 0x7F05C1: bitmap_obstack_alloc_stat(bitmap_obstack*) (bitmap.h:277)
==3463==    by 0xC5C141: (anonymous namespace)::pass_build_ssa::execute() (tree-into-ssa.c:2242)
==3463==    by 0xB05269: execute_one_pass(opt_pass*) (passes.c:2201)
==3463==    by 0xB05445: execute_pass_list(opt_pass*) (passes.c:2253)
==3463==    by 0x86D76D: cgraph_process_new_functions() (cgraphunit.c:324)
==3463==    by 0x780316: vtv_generate_init_routine() (vtable-class-hierarchy.c:1187)
==3463==    by 0x670815: cp_write_global_declarations() (decl2.c:4369)
==3463==    by 0xBF7DCC: compile_file() (toplev.c:560)
==3463==    by 0xBF9CB9: toplev_main(int, char**) (toplev.c:1893)
==3463==    by 0x5A3C60C: (below main) (in /lib64/libc-2.15.so)
==3463==  Address 0x6159070 is 96 bytes inside a block of size 4,064 free'd
==3463==    at 0x4C2B3EC: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==3463==    by 0x5A9CFD4: obstack_free (in /lib64/libc-2.15.so)
==3463==    by 0x86CE82: analyze_function(cgraph_node*) (cgraphunit.c:652)
==3463==    by 0x86D72F: cgraph_process_new_functions() (cgraphunit.c:320)
==3463==    by 0x780316: vtv_generate_init_routine() (vtable-class-hierarchy.c:1187)
==3463==    by 0x670815: cp_write_global_declarations() (decl2.c:4369)
==3463==    by 0xBF7DCC: compile_file() (toplev.c:560)
==3463==    by 0xBF9CB9: toplev_main(int, char**) (toplev.c:1893)
==3463==    by 0x5A3C60C: (below main) (in /lib64/libc-2.15.so)
==3463== 
==3463== Invalid write of size 8
==3463==    at 0x7F05C9: bitmap_obstack_alloc_stat(bitmap_obstack*) (bitmap.h:277)
==3463==    by 0xC5C141: (anonymous namespace)::pass_build_ssa::execute() (tree-into-ssa.c:2242)
==3463==    by 0xB05269: execute_one_pass(opt_pass*) (passes.c:2201)
==3463==    by 0xB05445: execute_pass_list(opt_pass*) (passes.c:2253)
==3463==    by 0x86D76D: cgraph_process_new_functions() (cgraphunit.c:324)
==3463==    by 0x780316: vtv_generate_init_routine() (vtable-class-hierarchy.c:1187)
==3463==    by 0x670815: cp_write_global_declarations() (decl2.c:4369)
==3463==    by 0xBF7DCC: compile_file() (toplev.c:560)
==3463==    by 0xBF9CB9: toplev_main(int, char**) (toplev.c:1893)
==3463==    by 0x5A3C60C: (below main) (in /lib64/libc-2.15.so)
==3463==  Address 0x6159068 is 88 bytes inside a block of size 4,064 free'd
==3463==    at 0x4C2B3EC: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==3463==    by 0x5A9CFD4: obstack_free (in /lib64/libc-2.15.so)
==3463==    by 0x86CE82: analyze_function(cgraph_node*) (cgraphunit.c:652)
==3463==    by 0x86D72F: cgraph_process_new_functions() (cgraphunit.c:320)
==3463==    by 0x780316: vtv_generate_init_routine() (vtable-class-hierarchy.c:1187)                                                                 
==3463==    by 0x670815: cp_write_global_declarations() (decl2.c:4369)                                                                               
==3463==    by 0xBF7DCC: compile_file() (toplev.c:560)                                                                                               
==3463==    by 0xBF9CB9: toplev_main(int, char**) (toplev.c:1893)                                                                                    
==3463==    by 0x5A3C60C: (below main) (in /lib64/libc-2.15.so)                                                                                      
==3463==                                                                                                                                             
....

Crashes randomly.

Tested revisions:
r203053 - crash
Comment 1 Andrew Pinski 2016-08-13 05:59:21 UTC
Does this work now?