[Bug fortran/108109] New: [ICE] gfortran compilation fails calling 'free()' with 'malloc(): mismatching next->prev_size (unsorted)'
burnus at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Wed Dec 14 18:37:33 GMT 2022
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108109
Bug ID: 108109
Summary: [ICE] gfortran compilation fails calling 'free()' with
'malloc(): mismatching next->prev_size (unsorted)'
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Keywords: ice-on-invalid-code
Severity: normal
Priority: P3
Component: fortran
Assignee: unassigned at gcc dot gnu.org
Reporter: burnus at gcc dot gnu.org
Target Milestone: ---
Created attachment 54092
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=54092&action=edit
Testcase - compile with 'gfortran test.f90'
Fails with GCC 13, 12 and 11.
Found when looking at https://github.com/olcf/openmp-gpu-library , namely the
MatrixMultiply_OpenMP_HIP_ROCm/MM_GPU_Library_Module.f90 example.
Lacking some modules, it fails to compile (expected) but during error recovery,
it seems as if the memory is somehow corrupting, crashing GCC as follows
without a backtrace:
corrupted size vs. prev_size
corrupted size vs. prev_size
gfortran: internal compiler error: Aborted signal terminated program f951
The slightly reduced attached testcase fails likewise.
* * *
There is no backtrace, but running it in gdb shows:
#1 0x00007ffff77b0859 in __GI_abort () at abort.c:79
#2 0x00007ffff781b26e in __libc_message (action=action@entry=do_abort,
fmt=fmt@entry=0x7ffff7945298 "%s\n") at ../sysdeps/posix/libc_fatal.c:155
#3 0x00007ffff78232fc in malloc_printerr (str=str@entry=0x7ffff7947aa0
"malloc(): mismatching next->prev_size (unsorted)") at malloc.c:5347
#4 0x00007ffff782635c in _int_malloc (av=av@entry=0x7ffff797ab80 <main_arena>,
bytes=bytes@entry=2792) at malloc.c:3741
#5 0x00007ffff7829b95 in __libc_calloc (n=<optimized out>,
elem_size=<optimized out>) at malloc.c:3428
#6 0x0000000002006b35 in xcalloc (nelem=1, elsize=2792) at
../../repos/gcc-trunk-commit/libiberty/xmalloc.c:164
#7 0x000000000097efaf in gfc_get_namespace (parent=parent@entry=0x2d069d0,
parent_types=parent_types@entry=0)
at ../../repos/gcc-trunk-commit/gcc/fortran/symbol.cc:2869
#8 0x0000000000981df6 in gfc_copy_formal_args_intr (dest=dest@entry=0x2d1eb60,
src=src@entry=0x7ffff6f9ec90, actual=actual@entry=0x0,
copy_type=copy_type@entry=false) at
../../repos/gcc-trunk-commit/gcc/fortran/symbol.cc:4683
#9 0x000000000094c128 in gfc_resolve_intrinsic (sym=sym@entry=0x2d1eb60,
loc=loc@entry=0x2d1eb70)
at ../../repos/gcc-trunk-commit/gcc/fortran/resolve.cc:1887
#10 0x000000000094d94c in resolve_symbol (sym=<error reading variable:
dwarf2_find_location_expression: Corrupted DWARF expression.>)
at ../../repos/gcc-trunk-commit/gcc/fortran/resolve.cc:15788
#11 0x0000000000978853 in do_traverse_symtree (st=<optimized out>, st_func=0x0,
sym_func=0x94cd70 <resolve_symbol(gfc_symbol*)>)
at ../../repos/gcc-trunk-commit/gcc/fortran/symbol.cc:4186
#12 0x0000000000958b1f in resolve_types (ns=0x2d069d0) at
../../repos/gcc-trunk-commit/gcc/fortran/resolve.cc:17551
#13 0x000000000095f6ed in gfc_resolve (ns=0x2d069d0) at
../../repos/gcc-trunk-commit/gcc/fortran/resolve.cc:17666
#14 0x000000000094cd5e in gfc_resolve (ns=<optimized out>) at
../../repos/gcc-trunk-commit/gcc/fortran/resolve.cc:17653
* * *
The call looks harmless:
#6 0x0000000002006b35 in xcalloc (nelem=1, elsize=2792) at
../../repos/gcc-trunk-commit/libiberty/xmalloc.c:164
164 newmem = calloc (nelem, elsize);
(gdb)
#7 0x000000000097efaf in gfc_get_namespace (parent=parent@entry=0x2d069d0,
parent_types=parent_types@entry=0)
at ../../repos/gcc-trunk-commit/gcc/fortran/symbol.cc:2869
2869 ns = XCNEW (gfc_namespace);
which implies the actual issue is likely much before!
More information about the Gcc-bugs
mailing list