http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59309
--- Comment #1 from H.J. Lu <hjl.tools at gmail dot com> --- Breakpoint 4, 0x00000000007fb146 in gimplify_cilk_spawn (spawn_p=<optimized out>, before=<optimized out>, after=<optimized out>) at /export/gnu/import/git/gcc/gcc/c-family/cilk.c:774 774 if (*arg_array == NULL_TREE) (gdb) bt #0 0x00000000007fb146 in gimplify_cilk_spawn (spawn_p=<optimized out>, before=<optimized out>, after=<optimized out>) at /export/gnu/import/git/gcc/gcc/c-family/cilk.c:774 #1 0x0000000000d72f04 in gimplify_modify_expr (expr_p=expr_p@entry=0x7ffff55cc3b8, pre_p=pre_p@entry=0x7fffffffb540, post_p=post_p@entry=0x7fffffffa9a0, want_value=<optimized out>) at /export/gnu/import/git/gcc/gcc/gimplify.c:4442 #2 0x0000000000d5371d in gimplify_expr (expr_p=0x7ffff55cc3b8, pre_p=pre_p@entry=0x7fffffffb540, post_p=<optimized out>, post_p@entry=0x0, gimple_test_f=gimple_test_f@entry=0xd40450 <is_gimple_stmt(tree)>, fallback=fallback@entry=0) at /export/gnu/import/git/gcc/gcc/gimplify.c:7436 #3 0x0000000000d5df5b in gimplify_stmt (stmt_p=<optimized out>, seq_p=seq_p@entry=0x7fffffffb540) at /export/gnu/import/git/gcc/gcc/gimplify.c:5353 #4 0x0000000000d543f4 in gimplify_statement_list (pre_p=0x7fffffffb540, expr_p=0x7ffff55c39b8) at /export/gnu/import/git/gcc/gcc/gimplify.c:1405 #5 gimplify_expr (expr_p=0x7ffff55c39b8, pre_p=pre_p@entry=0x7fffffffb540, post_p=<optimized out>, post_p@entry=0x0, gimple_test_f=gimple_test_f@entry=0xd40450 <is_gimple_stmt(tree)>, fallback=fallback@entry=0) at /export/gnu/import/git/gcc/gcc/gimplify.c:7844 #6 0x0000000000d5df5b in gimplify_stmt (stmt_p=<optimized out>, seq_p=seq_p@entry=0x7fffffffb540) at /export/gnu/import/git/gcc/gcc/gimplify.c:5353 #7 0x0000000000d68320 in gimplify_cond_expr (expr_p=expr_p@entry=0x7ffff55cc418, pre_p=pre_p@entry=0x7fffffffc6e0, fallback=fallback@entry=0) at /export/gnu/import/git/gcc/gcc/gimplify.c:3085 #8 0x0000000000d53773 in gimplify_expr (expr_p=0x7ffff55cc418, pre_p=pre_p@entry=0x7fffffffc6e0, post_p=<optimized out>, post_p@entry=0x0, gimple_test_f=gimple_test_f@entry=0xd40450 <is_gimple_stmt(tree)>, fallback=fallback@entry=0) at /export/gnu/import/git/gcc/gcc/gimplify.c:7379 #9 0x0000000000d5df5b in gimplify_stmt (stmt_p=<optimized out>, seq_p=seq_p@entry=0x7fffffffc6e0) ---Type <return> to continue, or q <return> to quit--- at /export/gnu/import/git/gcc/gcc/gimplify.c:5353 #10 0x0000000000d543f4 in gimplify_statement_list (pre_p=0x7fffffffc6e0, expr_p=0x7fffffffc620) at /export/gnu/import/git/gcc/gcc/gimplify.c:1405 #11 gimplify_expr (expr_p=0x7fffffffc620, pre_p=pre_p@entry=0x7fffffffc6e0, post_p=<optimized out>, post_p@entry=0x0, gimple_test_f=gimple_test_f@entry=0xd40450 <is_gimple_stmt(tree)>, fallback=fallback@entry=0) at /export/gnu/import/git/gcc/gcc/gimplify.c:7844 #12 0x0000000000d5df5b in gimplify_stmt (stmt_p=stmt_p@entry=0x7fffffffc620, seq_p=seq_p@entry=0x7fffffffc6e0) at /export/gnu/import/git/gcc/gcc/gimplify.c:5353 #13 0x0000000000d53b80 in gimplify_and_add (seq_p=0x7fffffffc6e0, t=0x7ffff55cd3a0) at /export/gnu/import/git/gcc/gcc/gimplify.c:384 #14 gimplify_expr (expr_p=0x7ffff55cc4f0, pre_p=pre_p@entry=0x7fffffffcfa0, post_p=<optimized out>, post_p@entry=0x0, gimple_test_f=gimple_test_f@entry=0xd40450 <is_gimple_stmt(tree)>, fallback=fallback@entry=0) at /export/gnu/import/git/gcc/gcc/gimplify.c:7766 #15 0x0000000000d5df5b in gimplify_stmt (stmt_p=<optimized out>, seq_p=seq_p@entry=0x7fffffffcfa0) at /export/gnu/import/git/gcc/gcc/gimplify.c:5353 #16 0x0000000000d543f4 in gimplify_statement_list (pre_p=0x7fffffffcfa0, expr_p=0x7ffff55c39e0) at /export/gnu/import/git/gcc/gcc/gimplify.c:1405 #17 gimplify_expr (expr_p=0x7ffff55c39e0, pre_p=pre_p@entry=0x7fffffffcfa0, post_p=<optimized out>, post_p@entry=0x0, gimple_test_f=gimple_test_f@entry=0xd40450 <is_gimple_stmt(tree)>, fallback=fallback@entry=0) at /export/gnu/import/git/gcc/gcc/gimplify.c:7844 #18 0x0000000000d5df5b in gimplify_stmt (stmt_p=<optimized out>, seq_p=seq_p@entry=0x7fffffffcfa0) at /export/gnu/import/git/gcc/gcc/gimplify.c:5353 #19 0x0000000000d603e9 in gimplify_bind_expr (expr_p=expr_p@entry=0x7ffff55c8798, ---Type <return> to continue, or q <return> to quit--- pre_p=pre_p@entry=0x7fffffffd780) at /export/gnu/import/git/gcc/gcc/gimplify.c:1072 #20 0x0000000000d538a5 in gimplify_expr (expr_p=0x7ffff55c8798, pre_p=pre_p@entry=0x7fffffffd780, post_p=<optimized out>, post_p@entry=0x0, gimple_test_f=gimple_test_f@entry=0xd40450 <is_gimple_stmt(tree)>, fallback=fallback@entry=0) at /export/gnu/import/git/gcc/gcc/gimplify.c:7626 #21 0x0000000000d5df5b in gimplify_stmt (stmt_p=stmt_p@entry=0x7ffff55c8798, seq_p=seq_p@entry=0x7fffffffd780) at /export/gnu/import/git/gcc/gcc/gimplify.c:5353 #22 0x0000000000d61f4b in gimplify_body (fndecl=fndecl@entry=0x7ffff55c8700, do_parms=do_parms@entry=true) at /export/gnu/import/git/gcc/gcc/gimplify.c:8536 #23 0x0000000000d62d93 in gimplify_function_tree (fndecl=fndecl@entry=0x7ffff55c8700) at /export/gnu/import/git/gcc/gcc/gimplify.c:8674 #24 0x0000000000957c48 in analyze_function (node=node@entry=0x7ffff5952ea0) at /export/gnu/import/git/gcc/gcc/cgraphunit.c:649 #25 0x000000000095b1b5 in analyze_functions () at /export/gnu/import/git/gcc/gcc/cgraphunit.c:1017 #26 0x000000000095ef6c in finalize_compilation_unit () at /export/gnu/import/git/gcc/gcc/cgraphunit.c:2271 #27 0x000000000061fc9d in c_write_global_declarations () at /export/gnu/import/git/gcc/gcc/c/c-decl.c:10388 #28 0x00000000012076b5 in compile_file () at /export/gnu/import/git/gcc/gcc/toplev.c:561 #29 0x000000000120c144 in do_compile () at /export/gnu/import/git/gcc/gcc/toplev.c:1893 #30 toplev_main (argc=23, argv=0x7fffffffdf18) at /export/gnu/import/git/gcc/gcc/toplev.c:1969 #31 0x0000003cdda21b45 in __libc_start_main () from /lib64/libc.so.6 #32 0x000000000059b721 in _start () (gdb) c Continuing. ================================================================= ==8174==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200001e8b0 at pc 0x7fb14b bp 0x7fffffffa2d0 sp 0x7fffffffa2c8 READ of size 8 at 0x60200001e8b0 thread T0 #0 0x7fb14a (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0x7fb14a) #1 0xd72f03 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd72f03) #2 0xd5371c (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd5371c) #3 0xd5df5a (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd5df5a) #4 0xd543f3 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd543f3) #5 0xd5df5a (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd5df5a) #6 0xd6831f (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd6831f) #7 0xd53772 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd53772) #8 0xd5df5a (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd5df5a) #9 0xd543f3 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd543f3) #10 0xd5df5a (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd5df5a) #11 0xd53b7f (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd53b7f) #12 0xd5df5a (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd5df5a) #13 0xd543f3 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd543f3) #14 0xd5df5a (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd5df5a) #15 0xd603e8 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd603e8) #16 0xd538a4 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd538a4) #17 0xd5df5a (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd5df5a) #18 0xd61f4a (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd61f4a) #19 0xd62d92 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0xd62d92) #20 0x957c47 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0x957c47) #21 0x95b1b4 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0x95b1b4) #22 0x95ef6b (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0x95ef6b) #23 0x61fc9c (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0x61fc9c) #24 0x12076b4 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0x12076b4) #25 0x120c143 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0x120c143) #26 0x3cdda21b44 (/lib64/libc.so.6+0x3cdda21b44) #27 0x59b720 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0x59b720) 0x60200001e8b1 is located 0 bytes to the right of 1-byte region [0x60200001e8b0,0x60200001e8b1) allocated by thread T0 here: #0 0x5c51d4 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0x5c51d4) #1 0x224d367 (/export/build/gnu/gcc-asan/build-x86_64-linux/gcc/cc1+0x224d367) Shadow bytes around the buggy address: 0x0c047fffbcc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fffbcd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fffbce0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fffbcf0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c047fffbd00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x0c047fffbd10: fa fa fa fa fa fa[01]fa fa fa 00 fa fa fa fd fd 0x0c047fffbd20: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd 0x0c047fffbd30: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd 0x0c047fffbd40: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd 0x0c047fffbd50: fa fa fd fa fa fa fd fa fa fa fd fd fa fa fd fd 0x0c047fffbd60: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 ASan internal: fe ==8174==ABORTING [Inferior 1 (process 8174) exited with code 01]