[LLVMbugs] [Bug 6743] New: jump threading segfault
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Tue Mar 30 07:31:28 PDT 2010
http://llvm.org/bugs/show_bug.cgi?id=6743
Summary: jump threading segfault
Product: new-bugs
Version: trunk
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P
Component: new bugs
AssignedTo: unassignedbugs at nondot.org
ReportedBy: regehr at cs.utah.edu
CC: llvmbugs at cs.uiuc.edu
See below a testcase that crashes clang r99887 on Ubuntu 9.10 on x86.
regehr at john-home:~/volatile/bugs/tmp295$ valgrind -q --trace-children=yes clang
-O1 small.c
==17885== Invalid read of size 1
==17885== at 0x8D14D09: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd0ec is 4 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 4
==17885== at 0x8D14D19: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd0f4 is 12 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 4
==17885== at 0x8D14B5A: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd0f4 is 12 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 1
==17885== at 0x8D14B70: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd0ec is 4 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 1
==17885== at 0x8D14BE0: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd0ec is 4 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 1
==17885== at 0x8BF51D3: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd0ec is 4 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 1
==17885== at 0x8BF51E0: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd0ec is 4 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 1
==17885== at 0x8E4505A: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd0ec is 4 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 1
==17885== at 0x8E453C5: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd0ec is 4 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 4
==17885== at 0x8D14D92: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd100 is 24 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 4
==17885== at 0x8E4529A: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x43bd10c is 36 bytes inside a block of size 44 free'd
==17885== at 0x402454D: operator delete(void*) (vg_replace_malloc.c:346)
==17885== by 0x8E974CA: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885==
==17885== Invalid read of size 4
==17885== at 0x8E452A1: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== Address 0x20 is not stack'd, malloc'd or (recently) free'd
==17885==
0 clang 0x08f089d8
Stack dump:
0. Program arguments:
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang -cc1 -triple
i386-pc-linux-gnu -S -disable-free -main-file-name small.c -mrelocation-model
static -mdisable-fp-elim -mconstructor-aliases -target-cpu pentium4
-resource-dir
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/lib/clang/1.5 -O1
-fmessage-length 80 -fgnu-runtime -fdiagnostics-show-option -fcolor-diagnostics
-o /tmp/cc-GI1KEJ.s -x c small.c
1. <eof> parser at end of file
2. Per-module optimization passes
3. Running pass 'CallGraph Pass Manager' on module 'small.c'.
4. Running pass 'Jump Threading' on function '@func_43'
==17885==
==17885== Process terminating with default action of signal 11 (SIGSEGV)
==17885== Access not within mapped region at address 0x20
==17885== at 0x8E452A1: ??? (in
/home/regehr/z/compiler-install/llvm-gcc-r99887-install/bin/clang)
==17885== If you believe this happened as a result of a stack
==17885== overflow in your program's main thread (unlikely but
==17885== possible), you can try to increase the size of the
==17885== main thread stack using the --main-stacksize= flag.
==17885== The main thread stack size used in this run was 8388608.
==17885== Invalid free() / delete / delete[]
==17885== at 0x4024836: free (vg_replace_malloc.c:325)
==17885== by 0x42AC7C4: ??? (in /lib/tls/i686/cmov/libc-2.10.1.so)
==17885== by 0x401F432: _vgnU_freeres (vg_preloaded.c:62)
==17885== by 0x435204F: ???
==17885== Address 0xffffffff is not stack'd, malloc'd or (recently) free'd
==17885==
clang: error: compiler command failed due to signal 11 (use -v to see
invocation)
==17882== Invalid free() / delete / delete[]
==17882== at 0x4024836: free (vg_replace_malloc.c:325)
==17882== by 0x42AC7C4: ??? (in /lib/tls/i686/cmov/libc-2.10.1.so)
==17882== by 0x401F432: _vgnU_freeres (vg_preloaded.c:62)
==17882== by 0x4237DC3: _Exit (_exit.S:30)
==17882== by 0x41D00CE: exit (exit.c:100)
==17882== by 0x41B7B5D: (below main) (libc-start.c:252)
==17882== Address 0xffffffff is not stack'd, malloc'd or (recently) free'd
==17882==
regehr at john-home:~/volatile/bugs/tmp295$ cat small.c
int g_28;
int g_31;
void func_43 (void)
{
int *l_49 = &g_31;
int *l_50 = &g_28;
lbl_51:
*l_50 ^= 0;
*l_50 = 0 || *l_49;
if (g_28 ^ 1) {
for (g_31 = 0; 1; g_31 += 1) {
if (g_28) goto lbl_51;
return;
}
}
}
regehr at john-home:~/volatile/bugs/tmp295$ clang -v
clang version 1.5 (trunk 99887)
Target: i386-pc-linux-gnu
Thread model: posix
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the llvm-bugs
mailing list