http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60535
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
Assignee|unassigned at gcc dot gnu.org |jakub at gcc dot gnu.org
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Created attachment 32373
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=32373&action=edit
gcc49-pr60535.patch
Untested fix.
There are 3 remaining tests I haven't removed the dg-skip-if for yet:
c-c++-common/ubsan/null-4.c
c-c++-common/ubsan/overflow-int128.c
These 2 fail because with -flto we get <unknown> type names instead of say
complex double or int128_t (if I remember it well). Dunno if there is anything
that can be done about it though.
g++.dg/ubsan/pr59437.C
This one shows a bug either in the -fvtable-* verification stuff, or in cgraph,
but doesn't look related to ubsan:
==27993== Invalid write of size 8
==27993== at 0x89AEEC: bitmap_initialize_stat(bitmap_head*, bitmap_obstack*)
(bitmap.h:277)
==27993== by 0x89BA7C: bitmap_obstack_alloc_stat(bitmap_obstack*)
(bitmap.c:376)
==27993== by 0xDCB7B2:
mark_def_dom_walker::mark_def_dom_walker(cdi_direction) (tree-into-ssa.c:2234)
==27993== by 0xDCBA80: rewrite_into_ssa() (tree-into-ssa.c:2331)
==27993== by 0xDCBD70: (anonymous namespace)::pass_build_ssa::execute()
(tree-into-ssa.c:2403)
==27993== by 0xC56F9D: execute_one_pass(opt_pass*) (passes.c:2229)
==27993== by 0xC571B6: execute_pass_list(opt_pass*) (passes.c:2282)
==27993== by 0xC4B58E: gcc::pass_manager::execute_early_local_passes()
(passes.c:135)
==27993== by 0x92BCA4: cgraph_process_new_functions() (cgraphunit.c:338)
==27993== by 0x80DDE3: vtv_generate_init_routine()
(vtable-class-hierarchy.c:1191)
==27993== by 0x6B534E: cp_write_global_declarations() (decl2.c:4619)
==27993== by 0xD42091: compile_file() (toplev.c:562)
==27993== Address 0xbc0cdf0 is 96 bytes inside a block of size 4,064 free'd
==27993== at 0x4A07577: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==27993== by 0x3C5FA84857: obstack_free (in /usr/lib64/libc-2.18.so)
==27993== by 0x89B901: bitmap_obstack_release(bitmap_obstack*)
(bitmap.c:358)
==27993== by 0x92C95C: analyze_function(cgraph_node*) (cgraphunit.c:665)
==27993== by 0x92BC0B: cgraph_process_new_functions() (cgraphunit.c:334)
==27993== by 0x80DDE3: vtv_generate_init_routine()
(vtable-class-hierarchy.c:1191)
==27993== by 0x6B534E: cp_write_global_declarations() (decl2.c:4619)
==27993== by 0xD42091: compile_file() (toplev.c:562)
==27993== by 0xD441E9: do_compile() (toplev.c:1914)
==27993== by 0xD44354: toplev_main(int, char**) (toplev.c:1990)
==27993== by 0x14BD71B: main (main.c:36)
Apparently this is related to the default obstack freeing and use after free,
either vtable*.c calls cgraph at a pointer where it is not supposed to (or
needs to conditionalize it on cgraph_state), or cgraph doesn't handle nesting
properly.
