cc1': double free or corruption (fasttop): 0x0000000003c15810 *)

jakub at gcc dot gnu.org Tue, 29 Nov 2016 00:17:22 -0800

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78548


Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |NEW
   Last reconfirmed|2016-11-28 00:00:00         |2016-11-29
                 CC|                            |aldyh at gcc dot gnu.org,
                   |                            |jakub at gcc dot gnu.org
     Ever confirmed|0                           |1

--- Comment #4 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
==7340== Invalid read of size 4
==7340==    at 0x10EC264: vec<pred_info, va_heap, vl_embed>::length() const
(vec.h:458)
==7340==    by 0x10EB994: vec<pred_info, va_heap, vl_ptr>::length() const (in
/usr/src/gcc/obj/gcc/cc1)
==7340==    by 0x10E8CBE: simplify_preds_2(vec<vec<pred_info, va_heap, vl_ptr>,
va_heap, vl_ptr>*) (tree-ssa-uninit.c:1589)
==7340==    by 0x10E9615: simplify_preds(vec<vec<pred_info, va_heap, vl_ptr>,
va_heap, vl_ptr>*, gimple*, bool) (tree-ssa-uninit.c:1809)
==7340==    by 0x10EA66D: uninit_ops_invalidate_phi_use(gphi*, unsigned int,
vec<vec<pred_info, va_heap, vl_ptr>, va_heap, vl_ptr>) (tree-ssa-uninit.c:2290)
==7340==    by 0x10EA812: is_use_properly_guarded(gimple*, basic_block_def*,
gphi*, unsigned int, vec<vec<pred_info, va_heap, vl_ptr>, va_heap, vl_ptr>*,
hash_set<gphi*, default_hash_traits<gphi*> >*) (tree-ssa-uninit.c:2365)
==7340==    by 0x10EAA4D: find_uninit_use(gphi*, unsigned int, vec<gphi*,
va_heap, vl_ptr>*, hash_set<gphi*, default_hash_traits<gphi*> >*)
(tree-ssa-uninit.c:2434)
==7340==    by 0x10EACAA: warn_uninitialized_phi(gphi*, vec<gphi*, va_heap,
vl_ptr>*, hash_set<gphi*, default_hash_traits<gphi*> >*)
(tree-ssa-uninit.c:2504)
==7340==    by 0x10EB1B3: (anonymous
namespace)::pass_late_warn_uninitialized::execute(function*)
(tree-ssa-uninit.c:2612)
==7340==    by 0xD36EB2: execute_one_pass(opt_pass*) (passes.c:2370)
==7340==    by 0xD37201: execute_pass_list_1(opt_pass*) (passes.c:2459)
==7340==    by 0xD37232: execute_pass_list_1(opt_pass*) (passes.c:2460)
==7340==  Address 0xbc8b534 is 4 bytes inside a block of size 104 free'd
==7340==    at 0x4A07D6A: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==7340==    by 0x10EC2FA: void va_heap::release<pred_info>(vec<pred_info,
va_heap, vl_embed>*&) (vec.h:307)
==7340==    by 0x10EBA07: vec<pred_info, va_heap, vl_ptr>::release()
(vec.h:1497)
==7340==    by 0x10E7992: destroy_predicate_vecs(vec<vec<pred_info, va_heap,
vl_ptr>, va_heap, vl_ptr>*) (tree-ssa-uninit.c:859)
==7340==    by 0x10E9511: simplify_preds_4(vec<vec<pred_info, va_heap, vl_ptr>,
va_heap, vl_ptr>*) (tree-ssa-uninit.c:1777)
==7340==    by 0x10E963D: simplify_preds(vec<vec<pred_info, va_heap, vl_ptr>,
va_heap, vl_ptr>*, gimple*, bool) (tree-ssa-uninit.c:1817)
==7340==    by 0x10EA66D: uninit_ops_invalidate_phi_use(gphi*, unsigned int,
vec<vec<pred_info, va_heap, vl_ptr>, va_heap, vl_ptr>) (tree-ssa-uninit.c:2290)
==7340==    by 0x10EA812: is_use_properly_guarded(gimple*, basic_block_def*,
gphi*, unsigned int, vec<vec<pred_info, va_heap, vl_ptr>, va_heap, vl_ptr>*,
hash_set<gphi*, default_hash_traits<gphi*> >*) (tree-ssa-uninit.c:2365)
==7340==    by 0x10EAA4D: find_uninit_use(gphi*, unsigned int, vec<gphi*,
va_heap, vl_ptr>*, hash_set<gphi*, default_hash_traits<gphi*> >*)
(tree-ssa-uninit.c:2434)
==7340==    by 0x10EACAA: warn_uninitialized_phi(gphi*, vec<gphi*, va_heap,
vl_ptr>*, hash_set<gphi*, default_hash_traits<gphi*> >*)
(tree-ssa-uninit.c:2504)
==7340==    by 0x10EB1B3: (anonymous
namespace)::pass_late_warn_uninitialized::execute(function*)
(tree-ssa-uninit.c:2612)
==7340==    by 0xD36EB2: execute_one_pass(opt_pass*) (passes.c:2370)

is the first bug reported by valgrind and the fatal action is likely a double
free:
==7340== Invalid free() / delete / delete[] / realloc()
==7340==    at 0x4A07D6A: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==7340==    by 0x10EC2FA: void va_heap::release<pred_info>(vec<pred_info,
va_heap, vl_embed>*&) (vec.h:307)
==7340==    by 0x10EBA07: vec<pred_info, va_heap, vl_ptr>::release()
(vec.h:1497)
==7340==    by 0x10E7992: destroy_predicate_vecs(vec<vec<pred_info, va_heap,
vl_ptr>, va_heap, vl_ptr>*) (tree-ssa-uninit.c:859)
==7340==    by 0x10EA280: normalize_preds(vec<vec<pred_info, va_heap, vl_ptr>,
va_heap, vl_ptr>, gimple*, bool) (tree-ssa-uninit.c:2149)
==7340==    by 0x10EA68D: uninit_ops_invalidate_phi_use(gphi*, unsigned int,
vec<vec<pred_info, va_heap, vl_ptr>, va_heap, vl_ptr>) (tree-ssa-uninit.c:2292)
==7340==    by 0x10EA812: is_use_properly_guarded(gimple*, basic_block_def*,
gphi*, unsigned int, vec<vec<pred_info, va_heap, vl_ptr>, va_heap, vl_ptr>*,
hash_set<gphi*, default_hash_traits<gphi*> >*) (tree-ssa-uninit.c:2365)
==7340==    by 0x10EAA4D: find_uninit_use(gphi*, unsigned int, vec<gphi*,
va_heap, vl_ptr>*, hash_set<gphi*, default_hash_traits<gphi*> >*)
(tree-ssa-uninit.c:2434)
==7340==    by 0x10EACAA: warn_uninitialized_phi(gphi*, vec<gphi*, va_heap,
vl_ptr>*, hash_set<gphi*, default_hash_traits<gphi*> >*)
(tree-ssa-uninit.c:2504)
==7340==    by 0x10EB1B3: (anonymous
namespace)::pass_late_warn_uninitialized::execute(function*)
(tree-ssa-uninit.c:2612)
==7340==    by 0xD36EB2: execute_one_pass(opt_pass*) (passes.c:2370)
==7340==    by 0xD37201: execute_pass_list_1(opt_pass*) (passes.c:2459)
==7340==  Address 0xbc8b530 is 0 bytes inside a block of size 104 free'd
==7340==    at 0x4A07D6A: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==7340==    by 0x10EC2FA: void va_heap::release<pred_info>(vec<pred_info,
va_heap, vl_embed>*&) (vec.h:307)
==7340==    by 0x10EBA07: vec<pred_info, va_heap, vl_ptr>::release()
(vec.h:1497)
==7340==    by 0x10E7992: destroy_predicate_vecs(vec<vec<pred_info, va_heap,
vl_ptr>, va_heap, vl_ptr>*) (tree-ssa-uninit.c:859)
==7340==    by 0x10E9511: simplify_preds_4(vec<vec<pred_info, va_heap, vl_ptr>,
va_heap, vl_ptr>*) (tree-ssa-uninit.c:1777)
==7340==    by 0x10E963D: simplify_preds(vec<vec<pred_info, va_heap, vl_ptr>,
va_heap, vl_ptr>*, gimple*, bool) (tree-ssa-uninit.c:1817)
==7340==    by 0x10EA66D: uninit_ops_invalidate_phi_use(gphi*, unsigned int,
vec<vec<pred_info, va_heap, vl_ptr>, va_heap, vl_ptr>) (tree-ssa-uninit.c:2290)
==7340==    by 0x10EA812: is_use_properly_guarded(gimple*, basic_block_def*,
gphi*, unsigned int, vec<vec<pred_info, va_heap, vl_ptr>, va_heap, vl_ptr>*,
hash_set<gphi*, default_hash_traits<gphi*> >*) (tree-ssa-uninit.c:2365)
==7340==    by 0x10EAA4D: find_uninit_use(gphi*, unsigned int, vec<gphi*,
va_heap, vl_ptr>*, hash_set<gphi*, default_hash_traits<gphi*> >*)
(tree-ssa-uninit.c:2434)
==7340==    by 0x10EACAA: warn_uninitialized_phi(gphi*, vec<gphi*, va_heap,
vl_ptr>*, hash_set<gphi*, default_hash_traits<gphi*> >*)
(tree-ssa-uninit.c:2504)
==7340==    by 0x10EB1B3: (anonymous
namespace)::pass_late_warn_uninitialized::execute(function*)
(tree-ssa-uninit.c:2612)
==7340==    by 0xD36EB2: execute_one_pass(opt_pass*) (passes.c:2370)

[Bug c/78548] [7 Regression ]ICE on valid C code on x86_64-linux-gnu at -O2 and -O3 in 64-bit mode with -Wall (*** Error in `/usr/local/gcc-trunk/libexec/gcc/x86_64-pc-linux-gnu/7.0.0/cc1': double free or corruption (fasttop): 0x0000000003c15810 ***)

Reply via email to

[Bug c/78548] [7 Regression ]ICE on valid C code on x86_64-linux-gnu at -O2 and -O3 in 64-bit mode with -Wall (* Error in `/usr/local/gcc-trunk/libexec/gcc/x86_64-pc-linux-gnu/7.0.0/cc1': double free or corruption (fasttop): 0x0000000003c15810 *)