[Bug c/78548] New: ice on valid C code on x86_64-linux-gnu at -O2 and -O3 in 64-bit mode with -Wall (*** Error in `/usr/local/gcc-trunk/libexec/gcc/x86_64-pc-linux-gnu/7.0.0/cc1': double free or corruption (fasttop): 0x0000000003c15810 ***)

[chengniansun at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78548

            Bug ID: 78548
           Summary: ice on valid C code on x86_64-linux-gnu at -O2 and -O3
                    in 64-bit mode with -Wall (*** Error in
                    `/usr/local/gcc-trunk/libexec/gcc/x86_64-pc-linux-gnu/
                    7.0.0/cc1': double free or corruption (fasttop):
                    0x0000000003c15810 ***)
           Product: gcc
           Version: 7.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: chengniansun at gmail dot com
  Target Milestone: ---

The following program crashes gcc in the 64-bit mode, but causes gcc to hang in
the 32-bit mode. 

$ gcc-trunk -v
Using built-in specs.
COLLECT_GCC=gcc-trunk
COLLECT_LTO_WRAPPER=/usr/local/gcc-trunk/libexec/gcc/x86_64-pc-linux-gnu/7.0.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: ../gcc-source-trunk/configure --enable-languages=c,c++,lto
--prefix=/usr/local/gcc-trunk --disable-bootstrap
Thread model: posix
gcc version 7.0.0 20161127 (experimental) [trunk revision 242892] (GCC) 
$ 
$ gcc-trunk -Wall -w -O3 -m64 small.c
*** Error in `/usr/local/gcc-trunk/libexec/gcc/x86_64-pc-linux-gnu/7.0.0/cc1':
double free or corruption (fasttop): 0x0000000003c15810 ***
small.c: In function ‘main’:
small.c:6:5: internal compiler error: Aborted
 int main (  ) {
     ^~~~
0xbe8aff crash_signal
        ../../gcc-source-trunk/gcc/toplev.c:333
0xe0ba36 xcallocator<gimple*>::data_free(gimple**)
        ../../gcc-source-trunk/gcc/hash-table.h:273
0xe0ba36 ~hash_table
        ../../gcc-source-trunk/gcc/hash-table.h:627
0xe0ba36 ~hash_set
        ../../gcc-source-trunk/gcc/hash-set.h:25
0xe0ba36 find_def_preds
        ../../gcc-source-trunk/gcc/tree-ssa-uninit.c:775
0xe0ba36 is_use_properly_guarded
        ../../gcc-source-trunk/gcc/tree-ssa-uninit.c:2375
0xe0c17e find_uninit_use
        ../../gcc-source-trunk/gcc/tree-ssa-uninit.c:2434
0xe0c17e warn_uninitialized_phi
        ../../gcc-source-trunk/gcc/tree-ssa-uninit.c:2504
0xe0c17e execute
        ../../gcc-source-trunk/gcc/tree-ssa-uninit.c:2612
Please submit a full bug report,
with preprocessed source if appropriate.
Please include the complete backtrace with any bug report.
See <http://gcc.gnu.org/bugs.html> for instructions.
$ 
$ cat small.c
char a;
int b;
unsigned c, d;
short e;
int main_f;
int main (  ) {
L0:
    if ( e )     goto L1;
    b = c & d || a;
    if ( !c )     printf ( "", ( long long ) main_f );
    if ( d || !c )     {
        printf ( "%llu\n", ( long long ) main );
        goto L2;
    }
    unsigned g = b;
L1:
    b = g;
L2:
    if ( b )     goto L0;
  return 0;
}