[LLVMbugs] [Bug 4575] New: llvm-gcc: user-after-free in tree conversion causing ICE
bugzilla-daemon at cs.uiuc.edu
bugzilla-daemon at cs.uiuc.edu
Sat Jul 18 06:27:22 PDT 2009
http://llvm.org/bugs/show_bug.cgi?id=4575
Summary: llvm-gcc: user-after-free in tree conversion causing ICE
Product: new-bugs
Version: unspecified
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: new bugs
AssignedTo: unassignedbugs at nondot.org
ReportedBy: edwintorok at gmail.com
CC: llvmbugs at cs.uiuc.edu
Created an attachment (id=3210)
--> (http://llvm.org/bugs/attachment.cgi?id=3210)
gzipped wxluxgui.i
With SVN r76312 llvm-g++ ICEs when compiling either wxluxgui.cpp or
wxluxapp.cpp
from Luxrender (www.luxrender.net):
$ /usr/local/bin/llvm-g++ wxluxgui.i -c -emit-llvm -O0
/home/edwin/lux/n/lux-a66b768345ed/renderer/wxluxgui.cpp:3755: internal
compiler error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See <URL:http://llvm.org/bugs/> for instructions.
It doesn't fail always when compiling this file, but it does fail when
compiling either this one or wxluxapp.cpp (thus never being able to compile
luxrenderer).
Valgrind messages:
==9040== Invalid read of size 8
==9040== at 0x747520: T.2842 (DenseMap.h:366)
==9040== by 0x74BC1F: TypeConverter::ConvertRECORD(tree_node*, tree_node*)
(llvm-types.cpp:1728)
==9040== by 0x74C6D5: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:707)
==9040== by 0x74CBCB: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:836)
==9040== by 0x74F529: TypeConverter::ConvertFunctionType(tree_node*,
tree_node*, tree_node*, unsigned int&, llvm::AttrListPtr&)
(llvm-types.cpp:1214)
==9040== by 0x71D15E: make_decl_llvm (llvm-backend.cpp:1543)
==9040== by 0x6FA116: assemble_alias (varasm.c:5283)
==9040== by 0x485963: use_thunk (method.c:310)
==9040== by 0x489FC9: expand_body (semantics.c:3189)
==9040== by 0x23D8BCFF: ???
==9040== by 0x1: ???
==9040== by 0xEF0CBB: (within
/usr/local/libexec/gcc/x86_64-unknown-linux-gnu/4.2.1/cc1plus)
==9040== Address 0x4c41268 is 120 bytes inside a block of size 1,024 free'd
==9040== at 0x4A0711D: operator delete(void*) (vg_replace_malloc.c:342)
==9040== by 0x74751F: T.2842 (DenseMap.h:469)
==9040== by 0x74BC1F: TypeConverter::ConvertRECORD(tree_node*, tree_node*)
(llvm-types.cpp:1728)
==9040== by 0x74C6D5: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:707)
==9040== by 0x74CBCB: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:836)
==9040== by 0x74F529: TypeConverter::ConvertFunctionType(tree_node*,
tree_node*, tree_node*, unsigned int&, llvm::AttrListPtr&)
(llvm-types.cpp:1214)
==9040== by 0x71D15E: make_decl_llvm (llvm-backend.cpp:1543)
==9040== by 0x6FA116: assemble_alias (varasm.c:5283)
==9040== by 0x485963: use_thunk (method.c:310)
==9040== by 0x489FC9: expand_body (semantics.c:3189)
==9040== by 0x23D8BCFF: ???
==9040== by 0x1: ???
==9040==
==9040== Invalid read of size 8
==9040== at 0x74BC2B: TypeConverter::ConvertRECORD(tree_node*, tree_node*)
(llvm-types.cpp:1731)
==9040== by 0x74C6D5: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:707)
==9040== by 0x74CBCB: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:836)
==9040== by 0x74F529: TypeConverter::ConvertFunctionType(tree_node*,
tree_node*, tree_node*, unsigned int&, llvm::AttrListPtr&)
(llvm-types.cpp:1214)
==9040== by 0x71D15E: make_decl_llvm (llvm-backend.cpp:1543)
==9040== by 0x6FA116: assemble_alias (varasm.c:5283)
==9040== by 0x485963: use_thunk (method.c:310)
==9040== by 0x489FC9: expand_body (semantics.c:3189)
==9040== by 0x23D8BCFF: ???
==9040== by 0x1: ???
==9040== by 0xEF0CBB: (within
/usr/local/libexec/gcc/x86_64-unknown-linux-gnu/4.2.1/cc1plus)
==9040== by 0x247946BF: ???
==9040== Address 0x4c41268 is 120 bytes inside a block of size 1,024 free'd
==9040== at 0x4A0711D: operator delete(void*) (vg_replace_malloc.c:342)
==9040== by 0x74751F: T.2842 (DenseMap.h:469)
==9040== by 0x74BC1F: TypeConverter::ConvertRECORD(tree_node*, tree_node*)
(llvm-types.cpp:1728)
==9040== by 0x74C6D5: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:707)
==9040== by 0x74CBCB: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:836)
==9040== by 0x74F529: TypeConverter::ConvertFunctionType(tree_node*,
tree_node*, tree_node*, unsigned int&, llvm::AttrListPtr&)
(llvm-types.cpp:1214)
==9040== by 0x71D15E: make_decl_llvm (llvm-backend.cpp:1543)
==9040== by 0x6FA116: assemble_alias (varasm.c:5283)
==9040== by 0x485963: use_thunk (method.c:310)
==9040== by 0x489FC9: expand_body (semantics.c:3189)
==9040== by 0x23D8BCFF: ???
==9040== by 0x1: ???
==9040==
==9040== Invalid read of size 8
==9040== at 0x74BC34: TypeConverter::ConvertRECORD(tree_node*, tree_node*)
(llvm-types.cpp:1732)
==9040== by 0x74C6D5: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:707)
==9040== by 0x74CBCB: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:836)
==9040== by 0x74F529: TypeConverter::ConvertFunctionType(tree_node*,
tree_node*, tree_node*, unsigned int&, llvm::AttrListPtr&)
(llvm-types.cpp:1214)
==9040== by 0x71D15E: make_decl_llvm (llvm-backend.cpp:1543)
==9040== by 0x6FA116: assemble_alias (varasm.c:5283)
==9040== by 0x485963: use_thunk (method.c:310)
==9040== by 0x489FC9: expand_body (semantics.c:3189)
==9040== by 0x23D8BCFF: ???
==9040== by 0x1: ???
==9040== by 0xEF0CBB: (within
/usr/local/libexec/gcc/x86_64-unknown-linux-gnu/4.2.1/cc1plus)
==9040== by 0x247946BF: ???
==9040== Address 0x4c41268 is 120 bytes inside a block of size 1,024 free'd
==9040== at 0x4A0711D: operator delete(void*) (vg_replace_malloc.c:342)
==9040== by 0x74751F: T.2842 (DenseMap.h:469)
==9040== by 0x74BC1F: TypeConverter::ConvertRECORD(tree_node*, tree_node*)
(llvm-types.cpp:1728)
==9040== by 0x74C6D5: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:707)
==9040== by 0x74CBCB: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:836)
==9040== by 0x74F529: TypeConverter::ConvertFunctionType(tree_node*,
tree_node*, tree_node*, unsigned int&, llvm::AttrListPtr&)
(llvm-types.cpp:1214)
==9040== by 0x71D15E: make_decl_llvm (llvm-backend.cpp:1543)
==9040== by 0x6FA116: assemble_alias (varasm.c:5283)
==9040== by 0x485963: use_thunk (method.c:310)
==9040== by 0x489FC9: expand_body (semantics.c:3189)
==9040== by 0x23D8BCFF: ???
==9040== by 0x1: ???
==9040==
==9040== Invalid read of size 8
==9040== at 0x74BC40: TypeConverter::ConvertRECORD(tree_node*, tree_node*)
(llvm-types.cpp:1733)
==9040== by 0x74C6D5: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:707)
==9040== by 0x74CBCB: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:836)
==9040== by 0x74F529: TypeConverter::ConvertFunctionType(tree_node*,
tree_node*, tree_node*, unsigned int&, llvm::AttrListPtr&)
(llvm-types.cpp:1214)
==9040== by 0x71D15E: make_decl_llvm (llvm-backend.cpp:1543)
==9040== by 0x6FA116: assemble_alias (varasm.c:5283)
==9040== by 0x485963: use_thunk (method.c:310)
==9040== by 0x489FC9: expand_body (semantics.c:3189)
==9040== by 0x23D8BCFF: ???
==9040== by 0x1: ???
==9040== by 0xEF0CBB: (within
/usr/local/libexec/gcc/x86_64-unknown-linux-gnu/4.2.1/cc1plus)
==9040== by 0x247946BF: ???
==9040== Address 0x4c41268 is 120 bytes inside a block of size 1,024 free'd
==9040== at 0x4A0711D: operator delete(void*) (vg_replace_malloc.c:342)
==9040== by 0x74751F: T.2842 (DenseMap.h:469)
==9040== by 0x74BC1F: TypeConverter::ConvertRECORD(tree_node*, tree_node*)
(llvm-types.cpp:1728)
==9040== by 0x74C6D5: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:707)
==9040== by 0x74CBCB: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:836)
==9040== by 0x74F529: TypeConverter::ConvertFunctionType(tree_node*,
tree_node*, tree_node*, unsigned int&, llvm::AttrListPtr&)
(llvm-types.cpp:1214)
==9040== by 0x71D15E: make_decl_llvm (llvm-backend.cpp:1543)
==9040== by 0x6FA116: assemble_alias (varasm.c:5283)
==9040== by 0x485963: use_thunk (method.c:310)
==9040== by 0x489FC9: expand_body (semantics.c:3189)
==9040== by 0x23D8BCFF: ???
==9040== by 0x1: ???
==9040==
==9040== Invalid read of size 8
==9040== at 0x74BC50: TypeConverter::ConvertRECORD(tree_node*, tree_node*)
(llvm-types.cpp:1736)
==9040== by 0x74C6D5: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:707)
==9040== by 0x74CBCB: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:836)
==9040== by 0x74F529: TypeConverter::ConvertFunctionType(tree_node*,
tree_node*, tree_node*, unsigned int&, llvm::AttrListPtr&)
(llvm-types.cpp:1214)
==9040== by 0x71D15E: make_decl_llvm (llvm-backend.cpp:1543)
==9040== by 0x6FA116: assemble_alias (varasm.c:5283)
==9040== by 0x485963: use_thunk (method.c:310)
==9040== by 0x489FC9: expand_body (semantics.c:3189)
==9040== by 0x23D8BCFF: ???
==9040== by 0x1: ???
==9040== by 0xEF0CBB: (within
/usr/local/libexec/gcc/x86_64-unknown-linux-gnu/4.2.1/cc1plus)
==9040== by 0x247946BF: ???
==9040== Address 0x4c41268 is 120 bytes inside a block of size 1,024 free'd
==9040== at 0x4A0711D: operator delete(void*) (vg_replace_malloc.c:342)
==9040== by 0x74751F: T.2842 (DenseMap.h:469)
==9040== by 0x74BC1F: TypeConverter::ConvertRECORD(tree_node*, tree_node*)
(llvm-types.cpp:1728)
==9040== by 0x74C6D5: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:707)
==9040== by 0x74CBCB: TypeConverter::ConvertType(tree_node*)
(llvm-types.cpp:836)
==9040== by 0x74F529: TypeConverter::ConvertFunctionType(tree_node*,
tree_node*, tree_node*, unsigned int&, llvm::AttrListPtr&)
(llvm-types.cpp:1214)
==9040== by 0x71D15E: make_decl_llvm (llvm-backend.cpp:1543)
==9040== by 0x6FA116: assemble_alias (varasm.c:5283)
==9040== by 0x485963: use_thunk (method.c:310)
==9040== by 0x489FC9: expand_body (semantics.c:3189)
==9040== by 0x23D8BCFF: ???
==9040== by 0x1: ???
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the llvm-bugs
mailing list