public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug sanitizer/59415] New: ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null
@ 2013-12-07 0:17 burnus at gcc dot gnu.org
2013-12-07 0:55 ` [Bug sanitizer/59415] " burnus at gcc dot gnu.org
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: burnus at gcc dot gnu.org @ 2013-12-07 0:17 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59415
Bug ID: 59415
Summary: ICE segfault in verify_bb_vtables for g++ -S
-fvtable-verify=std -fsanitize=null
Product: gcc
Version: 4.9.0
Status: UNCONFIRMED
Keywords: ice-on-valid-code
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: burnus at gcc dot gnu.org
CC: cmtice at google dot com, dodji at gcc dot gnu.org,
dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org,
kcc at gcc dot gnu.org, mpolacek at gcc dot gnu.org
Created attachment 31395
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=31395&action=edit
test.ii / compiled with g++ -fvtable-verify=std -fsanitize=null
$ g++ -S -fvtable-verify=std -fsanitize=null test.ii
fails for the attached file on x86-64-gnu-linux with:
test.ii: In member function '_CharT* basic_string<_CharT, _Traits,
_Alloc>::_M_data() const [with _CharT = char; _Traits = char_traits<char>;
_Alloc = allocator<char>]':
test.ii:34:11: internal compiler error: Segmentation fault
_CharT* _M_data() const {
^
0xbafabf crash_signal
../../gcc/toplev.c:336
0xe19e37 verify_bb_vtables
../../gcc/vtable-verify.c:592
0xe19e37 vtable_verify_main()
../../gcc/vtable-verify.c:750
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug sanitizer/59415] ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null
2013-12-07 0:17 [Bug sanitizer/59415] New: ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null burnus at gcc dot gnu.org
@ 2013-12-07 0:55 ` burnus at gcc dot gnu.org
2013-12-08 18:31 ` mpolacek at gcc dot gnu.org
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: burnus at gcc dot gnu.org @ 2013-12-07 0:55 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59415
--- Comment #1 from Tobias Burnus <burnus at gcc dot gnu.org> ---
It fails in
575 verify_bb_vtables (basic_block bb)
...
589 if (gimple_code (stmt) == GIMPLE_CALL)
590 {
591 tree fncall = gimple_call_fn (stmt);
592 if (TREE_CODE (fncall) == OBJ_TYPE_REF)
There, one has:
(gdb) p debug_bb(bb)
<bb 2>:
UBSAN_NULL (this_1(D), 3);
_2 = this_1(D)->_M_dataplus._M_p;
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug sanitizer/59415] ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null
2013-12-07 0:17 [Bug sanitizer/59415] New: ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null burnus at gcc dot gnu.org
2013-12-07 0:55 ` [Bug sanitizer/59415] " burnus at gcc dot gnu.org
@ 2013-12-08 18:31 ` mpolacek at gcc dot gnu.org
2013-12-09 12:44 ` mpolacek at gcc dot gnu.org
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: mpolacek at gcc dot gnu.org @ 2013-12-08 18:31 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59415
Marek Polacek <mpolacek at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed| |2013-12-08
Assignee|unassigned at gcc dot gnu.org |mpolacek at gcc dot gnu.org
Target Milestone|--- |4.9.0
Ever confirmed|0 |1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug sanitizer/59415] ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null
2013-12-07 0:17 [Bug sanitizer/59415] New: ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null burnus at gcc dot gnu.org
2013-12-07 0:55 ` [Bug sanitizer/59415] " burnus at gcc dot gnu.org
2013-12-08 18:31 ` mpolacek at gcc dot gnu.org
@ 2013-12-09 12:44 ` mpolacek at gcc dot gnu.org
2013-12-09 14:44 ` mpolacek at gcc dot gnu.org
2013-12-09 14:45 ` mpolacek at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: mpolacek at gcc dot gnu.org @ 2013-12-09 12:44 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59415
--- Comment #2 from Marek Polacek <mpolacek at gcc dot gnu.org> ---
Reduced:
void
foo (void)
{
throw 0;
}
I have a fix.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug sanitizer/59415] ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null
2013-12-07 0:17 [Bug sanitizer/59415] New: ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null burnus at gcc dot gnu.org
` (2 preceding siblings ...)
2013-12-09 12:44 ` mpolacek at gcc dot gnu.org
@ 2013-12-09 14:44 ` mpolacek at gcc dot gnu.org
2013-12-09 14:45 ` mpolacek at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: mpolacek at gcc dot gnu.org @ 2013-12-09 14:44 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59415
--- Comment #3 from Marek Polacek <mpolacek at gcc dot gnu.org> ---
Author: mpolacek
Date: Mon Dec 9 14:44:03 2013
New Revision: 205805
URL: http://gcc.gnu.org/viewcvs?rev=205805&root=gcc&view=rev
Log:
PR sanitizer/59415
* vtable-verify.c (verify_bb_vtables): Check the return value
of gimple_call_fn. Use is_gimple_call instead of gimple_code.
testsuite/
* g++.dg/ubsan/pr59415.C: New test.
Added:
trunk/gcc/testsuite/g++.dg/ubsan/pr59415.C
Modified:
trunk/gcc/ChangeLog
trunk/gcc/testsuite/ChangeLog
trunk/gcc/vtable-verify.c
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug sanitizer/59415] ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null
2013-12-07 0:17 [Bug sanitizer/59415] New: ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null burnus at gcc dot gnu.org
` (3 preceding siblings ...)
2013-12-09 14:44 ` mpolacek at gcc dot gnu.org
@ 2013-12-09 14:45 ` mpolacek at gcc dot gnu.org
4 siblings, 0 replies; 6+ messages in thread
From: mpolacek at gcc dot gnu.org @ 2013-12-09 14:45 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59415
Marek Polacek <mpolacek at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #4 from Marek Polacek <mpolacek at gcc dot gnu.org> ---
Fixed.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2013-12-09 14:45 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-12-07 0:17 [Bug sanitizer/59415] New: ICE segfault in verify_bb_vtables for g++ -S -fvtable-verify=std -fsanitize=null burnus at gcc dot gnu.org
2013-12-07 0:55 ` [Bug sanitizer/59415] " burnus at gcc dot gnu.org
2013-12-08 18:31 ` mpolacek at gcc dot gnu.org
2013-12-09 12:44 ` mpolacek at gcc dot gnu.org
2013-12-09 14:44 ` mpolacek at gcc dot gnu.org
2013-12-09 14:45 ` mpolacek at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).