hot/cold related segfault

Alan Modra amodra@bigpond.net.au
Mon Apr 4 11:46:00 GMT 2005 

I've been seeing this sort of thing since the hot/cold block
partitioning patch went in.

Program received signal SIGSEGV, Segmentation fault.
0x00000080000f75ec in .strcmp () from /lib64/libc.so.6
2: unlikely_text_section_name = 0x10909190 <Address 0x10909190 out of bounds>
(gdb) bt
#0  0x00000080000f75ec in .strcmp () from /lib64/libc.so.6
#1  0x00000000103afdd0 in in_unlikely_text_section ()
    at /src/gcc-virgin/gcc/varasm.c:318
#2  0x00000000103b0184 in named_section_real (
    name=0x1ffffffd110 ".rodata.str1.8", flags=98305, decl=0x0)
    at /src/gcc-virgin/gcc/varasm.c:444
#3  0x00000000103b7e38 in mergeable_string_section (decl=Variable "decl" is not available.
)
    at /src/gcc-virgin/gcc/varasm.c:736
#4  0x00000000103eb7b0 in rs6000_elf_select_section (decl=0x10758c10, 
    reloc=277909904, align=3346859950012129582)
    at /src/gcc-virgin/gcc/config/rs6000/rs6000.c:15977
#5  0x00000000103bbf20 in output_constant_def_contents (symbol=Variable "symbol" is not available.
)
    at /src/gcc-virgin/gcc/varasm.c:2793
#6  0x00000000103bc2e8 in output_constant_def (exp=0x800069ce40, defer=0)
    at /src/gcc-virgin/gcc/varasm.c:2763

The cause being the free of unlikely_text_section_name in
rest_of_handle_final.  With just the right conditions, the free might
return memory to the operating system.  A later access then segfaults.
Applying the following as obvious.

	* passes.c (rest_of_handle_final): NULL unlikely_text_section_name
	after freeing.

Index: gcc/passes.c
===================================================================
RCS file: /cvs/gcc/gcc/gcc/passes.c,v
retrieving revision 2.81
diff -u -p -r2.81 passes.c
--- gcc/passes.c	3 Apr 2005 10:27:42 -0000	2.81
+++ gcc/passes.c	4 Apr 2005 10:58:42 -0000
@@ -330,7 +330,10 @@ rest_of_handle_final (void)
   timevar_push (TV_SYMOUT);
   (*debug_hooks->function_decl) (current_function_decl);
   if (unlikely_text_section_name)
-    free (unlikely_text_section_name);
+    {
+      free (unlikely_text_section_name);
+      unlikely_text_section_name = NULL;
+    }
   timevar_pop (TV_SYMOUT);
 
   ggc_collect ();

-- 
Alan Modra
IBM OzLabs - Linux Technology Centre

More information about the Gcc-patches mailing list