http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60914
Bug ID: 60914
Summary: ICE: SIGSEGV (use after free) in
bitmap_obstack_alloc_stat() with -flto
-fvtable-verify=preinit
Product: gcc
Version: 4.10.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: zsojka at seznam dot cz
Created attachment 32649
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=32649&action=edit
reduced testcase
Compiler output (under valgrind):
$ gcc -O -flto -fvtable-verify=preinit testcase.C
==14546== Invalid write of size 8
==14546== at 0x8B8E31: bitmap_obstack_alloc_stat(bitmap_obstack*)
(bitmap.h:277)
==14546== by 0xD5A222: (anonymous
namespace)::pass_build_ssa::execute(function*) (tree-into-ssa.c:2234)
==14546== by 0xBFCF20: execute_one_pass(opt_pass*) (passes.c:2159)
==14546== by 0xBFD1C5: execute_pass_list(opt_pass*) (passes.c:2212)
==14546== by 0x93AE8E: cgraph_process_new_functions() [clone .part.42]
(cgraphunit.c:338)
==14546== by 0x845546: vtv_generate_init_routine()
(vtable-class-hierarchy.c:1191)
==14546== by 0x721E8D: cp_write_global_declarations() (decl2.c:4628)
==14546== by 0xCF096C: compile_file() (toplev.c:562)
==14546== by 0xCF293F: toplev_main(int, char**) (toplev.c:1914)
==14546== by 0x5A46BF4: (below main) (in /lib64/libc-2.17.so)
==14546== Address 0x64b4490 is 96 bytes inside a block of size 4,064 free'd
==14546== at 0x4C2B57C: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==14546== by 0x5AA8144: obstack_free (in /lib64/libc-2.17.so)
==14546== by 0x93A5A2: analyze_function(cgraph_node*) (cgraphunit.c:665)
==14546== by 0x93AE4F: cgraph_process_new_functions() [clone .part.42]
(cgraphunit.c:334)
==14546== by 0x845546: vtv_generate_init_routine()
(vtable-class-hierarchy.c:1191)
==14546== by 0x721E8D: cp_write_global_declarations() (decl2.c:4628)
==14546== by 0xCF096C: compile_file() (toplev.c:562)
==14546== by 0xCF293F: toplev_main(int, char**) (toplev.c:1914)
==14546== by 0x5A46BF4: (below main) (in /lib64/libc-2.17.so)
