From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20449 invoked by alias); 4 Jun 2011 02:12:52 -0000 Received: (qmail 20439 invoked by uid 22791); 4 Jun 2011 02:12:51 -0000 X-SWARE-Spam-Status: No, hits=-2.7 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 X-Spam-Check-By: sourceware.org Received: from localhost (HELO gcc.gnu.org) (127.0.0.1) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Sat, 04 Jun 2011 02:12:37 +0000 From: "andi-gcc at firstfloor dot org" To: gcc-bugs@gcc.gnu.org Subject: [Bug middle-end/49282] New: malloc corruption in large lto1-wpa run during inline edge heap resize X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: middle-end X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: andi-gcc at firstfloor dot org X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Message-ID: X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Date: Sat, 04 Jun 2011 02:12:00 -0000 Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-bugs-owner@gcc.gnu.org X-SW-Source: 2011-06/txt/msg00231.txt.bz2 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=49282 Summary: malloc corruption in large lto1-wpa run during inline edge heap resize Product: gcc Version: 4.7.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: middle-end AssignedTo: unassigned@gcc.gnu.org ReportedBy: andi-gcc@firstfloor.org A large lto1-wpa run with 20110603 results now in malloc.c:3551: munmap_chunk: Assertion `ret == 0' failed. on x86-64-linux. When I run with MALLOC_CHECK_=2 it seems to get a bit further, but eventually aborts (and deadlocks because the abort->internal_error handler calls malloc again) Here's the original trace for the malloc that aborts (with MALLOC_CHECK_=2) Any suggestions for patches to try to revert? Note full bisect is difficult because this run depends on some earlier fixes. Not uploading a test case currently because it's quite large. #10 0x00002b236701d4e5 in raise () from /lib64/libc.so.6 #11 0x00002b236701e9b0 in abort () from /lib64/libc.so.6 #12 0x00002b236705df1a in ?? () from /lib64/libc.so.6 #13 0x00002b23670640d7 in ?? () from /lib64/libc.so.6 #14 0x0000000000b2684d in xrealloc (oldmem=Unhandled dwarf expression opcode 0xf3 ) at ../../gcc/libiberty/xmalloc.c:179 #15 0x000000000083e528 in vec_heap_o_reserve_1 (vec=0x2b23ea786010, reserve=Unhandled dwarf ex pression opcode 0xf3 ) at ../../gcc/gcc/vec.c:313 #16 0x00000000005ea27f in VEC_inline_edge_summary_t_heap_reserve_exact ( alloc_=, vec_=) at ../../gcc/gcc/ipa-inline.h:128 #17 VEC_inline_edge_summary_t_heap_safe_grow (alloc_=, vec_=) at ../../gcc/gcc/ipa-inline.h:128 #18 VEC_inline_edge_summary_t_heap_safe_grow_cleared (alloc_=, vec_=) at ../../gcc/gcc/ipa-inline.h:128 #19 inline_summary_alloc (alloc_=, vec_=) at ../../gcc/gcc/ipa-inline-analysis.c:646 #20 0x00000000005ea3c1 in inline_edge_duplication_hook (src=0x2b2499f41680, dst=0x2b243e2d7680, data=Unhandled dwarf expression opcode 0xf3 ) at ../../gcc/gcc/ipa-inline-analysis.c:853 #21 0x00000000004e995c in cgraph_call_edge_duplication_hooks (cs2=0x2b243e2d7680, cs1=0x2b2499f41680) at ../../gcc/gcc/cgraph.c:376 #22 cgraph_clone_edge (cs2=0x2b243e2d7680, cs1=0x2b2499f41680) at ../../gcc/gcc/cgraph.c:2127 #23 0x00000000004e9c1d in cgraph_clone_node (n=0x2b2499f286f0, decl=0x2b2395b15500, count=Unha ndled dwarf expression opcode 0xf3 ) at ../../gcc/gcc/cgraph.c:2196 #24 0x00000000005eeb9f in clone_inlined_nodes (e=0x2b2499f4a6e8, duplicate=1 '\001', update_original=1 '\001', overall_size=0x102e488)