http://gcc.gnu.org/bugzilla/show_bug.cgi?id=46987
Summary: [4.6 Regression] g++.dg/torture/covariant-1.C ICE:
double free or corruption with -fno-inline
Product: gcc
Version: 4.6.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
AssignedTo: unassig...@gcc.gnu.org
ReportedBy: zso...@seznam.cz
CC: jamb...@gcc.gnu.org
Host: x86_64-pc-linux-gnu
Target: x86_64-pc-linux-gnu
Created attachment 22791
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=22791
reduced testcase
Compiler output (with valgrind):
$ gcc -O -fno-inline covariant-1.ii
==12570== Invalid read of size 4
==12570== at 0xAB822A: get_constant_value (tree-ssa-ccp.c:307)
==12570== by 0xB1990B: substitute_and_fold (tree-ssa-propagate.c:888)
==12570== by 0xABAF2E: do_ssa_ccp (tree-ssa-ccp.c:884)
==12570== by 0x93A1A5: execute_one_pass (passes.c:1553)
==12570== by 0x93A494: execute_pass_list (passes.c:1608)
==12570== by 0x93A4A6: execute_pass_list (passes.c:1609)
==12570== by 0xA7A945: tree_rest_of_compilation (tree-optimize.c:422)
==12570== by 0xC3ED41: cgraph_expand_function (cgraphunit.c:1508)
==12570== by 0xC41419: cgraph_optimize (cgraphunit.c:1567)
==12570== by 0xC41999: cgraph_finalize_compilation_unit (cgraphunit.c:1031)
==12570== by 0x5B75CC: cp_write_global_declarations (decl2.c:3974)
==12570== by 0xA24205: toplev_main (toplev.c:591)
==12570== Address 0x825cea0 is 0 bytes after a block of size 704 alloc'd
==12570== at 0x4C24EE1: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==12570== by 0x11F1FA8: xcalloc (xmalloc.c:162)
==12570== by 0xABA95B: do_ssa_ccp (tree-ssa-ccp.c:767)
==12570== by 0x93A1A5: execute_one_pass (passes.c:1553)
==12570== by 0x93A494: execute_pass_list (passes.c:1608)
==12570== by 0x93A4A6: execute_pass_list (passes.c:1609)
==12570== by 0xA7A945: tree_rest_of_compilation (tree-optimize.c:422)
==12570== by 0xC3ED41: cgraph_expand_function (cgraphunit.c:1508)
==12570== by 0xC41419: cgraph_optimize (cgraphunit.c:1567)
==12570== by 0xC41999: cgraph_finalize_compilation_unit (cgraphunit.c:1031)
==12570== by 0x5B75CC: cp_write_global_declarations (decl2.c:3974)
==12570== by 0xA24205: toplev_main (toplev.c:591)
==12570==
==12570== Invalid write of size 8
==12570== at 0xAB827F: get_constant_value (tree-ssa-ccp.c:308)
==12570== by 0xB1990B: substitute_and_fold (tree-ssa-propagate.c:888)
==12570== by 0xABAF2E: do_ssa_ccp (tree-ssa-ccp.c:884)
==12570== by 0x93A1A5: execute_one_pass (passes.c:1553)
==12570== by 0x93A494: execute_pass_list (passes.c:1608)
==12570== by 0x93A4A6: execute_pass_list (passes.c:1609)
==12570== by 0xA7A945: tree_rest_of_compilation (tree-optimize.c:422)
==12570== by 0xC3ED41: cgraph_expand_function (cgraphunit.c:1508)
==12570== by 0xC41419: cgraph_optimize (cgraphunit.c:1567)
==12570== by 0xC41999: cgraph_finalize_compilation_unit (cgraphunit.c:1031)
==12570== by 0x5B75CC: cp_write_global_declarations (decl2.c:3974)
==12570== by 0xA24205: toplev_main (toplev.c:591)
==12570== Address 0x825cea0 is 0 bytes after a block of size 704 alloc'd
==12570== at 0x4C24EE1: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==12570== by 0x11F1FA8: xcalloc (xmalloc.c:162)
==12570== by 0xABA95B: do_ssa_ccp (tree-ssa-ccp.c:767)
==12570== by 0x93A1A5: execute_one_pass (passes.c:1553)
==12570== by 0x93A494: execute_pass_list (passes.c:1608)
==12570== by 0x93A4A6: execute_pass_list (passes.c:1609)
==12570== by 0xA7A945: tree_rest_of_compilation (tree-optimize.c:422)
==12570== by 0xC3ED41: cgraph_expand_function (cgraphunit.c:1508)
==12570== by 0xC41419: cgraph_optimize (cgraphunit.c:1567)
==12570== by 0xC41999: cgraph_finalize_compilation_unit (cgraphunit.c:1031)
==12570== by 0x5B75CC: cp_write_global_declarations (decl2.c:3974)
==12570== by 0xA24205: toplev_main (toplev.c:591)
==12570==
Tested revisions:
r167954 - crash
r167898 - crash
r165699 - OK
4.5 r166509 - OK
