https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97379
--- Comment #2 from Aldy Hernandez <aldyh at gcc dot gnu.org> ---
There's a read of a freed block while accessing the default_slot in
calc_switch_ranges.
default_slot->intersect (def_range);
It seems the default_slot got swiped from under us, and the valgrind
dump indicates the free came from the get_or_insert in the same
function:
irange *&slot = m_edge_table->get_or_insert (e, &existed);
So it looks like the get_or_insert is actually freeing the value of
the previously allocated default_slot. Looking down the chain
from get_or_insert, we see it calls hash_table<>::expand, which
actually does a free while doing a resize of sorts:
if (!m_ggc)
Allocator <value_type> ::data_free (oentries);
else
ggc_free (oentries);
Not keeping a pointer to the default slot across multiple calls to
get_or_insert fixes the problem, though I do see other seemingly unrelated
valgrind errors:
==967361== Conditional jump or move depends on uninitialised value(s)
==967361== at 0x22BAB24: sparseset_bit_p(sparseset_def*, unsigned long)
(sparseset.h:147)
==967361== by 0x22BABB7: sparseset_set_bit(sparseset_def*, unsigned long)
(sparseset.h:166)
==967361== by 0x22BCCCA: register_active_defs(df_ref_d*) (fwprop.c:943)
==967361== by 0x22BCD88: update_df_init(rtx_insn*, rtx_insn*) (fwprop.c:961)
==967361== by 0x22BCFF5: try_fwprop_subst(df_ref_d*, rtx_def**, rtx_def*,
rtx_insn*, bool) (fwprop.c:1028)
==967361== by 0x22BE0DE: forward_propagate_and_simplify(df_ref_d*,
rtx_insn*, rtx_def*) (fwprop.c:1427)
==967361== by 0x22BE349: forward_propagate_into(df_ref_d*, bool)
(fwprop.c:1490)
==967361== by 0x22BE65E: fwprop(bool) (fwprop.c:1580)
==967361== by 0x22BE6F3: (anonymous
namespace)::pass_rtl_fwprop::execute(function*) (fwprop.c:1615)
==967361== by 0x11A304E: execute_one_pass(opt_pass*) (passes.c:2509)
==967361== by 0x11A3373: execute_pass_list_1(opt_pass*) (passes.c:2597)
==967361== by 0x11A33A4: execute_pass_list_1(opt_pass*) (passes.c:2598)
==967361==
==967361== Use of uninitialised value of size 8
==967361== at 0x22BAB38: sparseset_bit_p(sparseset_def*, unsigned long)
(sparseset.h:147)
==967361== by 0x22BABB7: sparseset_set_bit(sparseset_def*, unsigned long)
(sparseset.h:166)
==967361== by 0x22BCCCA: register_active_defs(df_ref_d*) (fwprop.c:943)
==967361== by 0x22BCD88: update_df_init(rtx_insn*, rtx_insn*) (fwprop.c:961)
==967361== by 0x22BCFF5: try_fwprop_subst(df_ref_d*, rtx_def**, rtx_def*,
rtx_insn*, bool) (fwprop.c:1028)
==967361== by 0x22BE0DE: forward_propagate_and_simplify(df_ref_d*,
rtx_insn*, rtx_def*) (fwprop.c:1427)
==967361== by 0x22BE349: forward_propagate_into(df_ref_d*, bool)
(fwprop.c:1490)
==967361== by 0x22BE65E: fwprop(bool) (fwprop.c:1580)
==967361== by 0x22BE6F3: (anonymous
namespace)::pass_rtl_fwprop::execute(function*) (fwprop.c:1615)
==967361== by 0x11A304E: execute_one_pass(opt_pass*) (passes.c:2509)
==967361== by 0x11A3373: execute_pass_list_1(opt_pass*) (passes.c:2597)
==967361== by 0x11A33A4: execute_pass_list_1(opt_pass*) (passes.c:2598)
==967361==
==967361== Conditional jump or move depends on uninitialised value(s)
==967361== at 0x101A415: sparseset_bit_p(sparseset_def*, unsigned long)
(sparseset.h:147)
==967361== by 0x101AEE9: mark_pseudo_regno_live(int) (ira-lives.c:326)
==967361== by 0x101B187: mark_pseudo_reg_live(rtx_def*, unsigned int)
(ira-lives.c:410)
==967361== by 0x101B1F5: mark_ref_live(df_ref_d*) (ira-lives.c:424)
==967361== by 0x101DCB6: process_bb_node_lives(ira_loop_tree_node*)
(ira-lives.c:1425)
==967361== by 0xFE97D9: ira_traverse_loop_tree(bool, ira_loop_tree_node*,
void (*)(ira_loop_tree_node*), void (*)(ira_loop_tree_node*))
(ira-build.c:1801)
==967361== by 0x101E9E4: ira_create_allocno_live_ranges() (ira-lives.c:1725)
==967361== by 0xFEDC33: ira_build() (ira-build.c:3428)
==967361== by 0xFE229F: ira(_IO_FILE*) (ira.c:5359)
==967361== by 0xFE2B20: (anonymous namespace)::pass_ira::execute(function*)
(ira.c:5672)
==967361== by 0x11A304E: execute_one_pass(opt_pass*) (passes.c:2509)
==967361== by 0x11A3373: execute_pass_list_1(opt_pass*) (passes.c:2597)
