[Bug tree-optimization/101597] New: r12-2132-ga110855667782dac[12 Regression] ICE in evrp since

marxin at gcc dot gnu.org via Gcc-bugs Fri, 23 Jul 2021 03:53:09 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101597


            Bug ID: 101597
           Summary: r12-2132-ga110855667782dac[12 Regression] ICE in evrp
                    since
           Product: gcc
           Version: 12.0
            Status: UNCONFIRMED
          Keywords: ice-on-valid-code
          Severity: normal
          Priority: P3
         Component: tree-optimization
          Assignee: unassigned at gcc dot gnu.org
          Reporter: marxin at gcc dot gnu.org
                CC: msebor at gcc dot gnu.org
  Target Milestone: ---

The following fails:

$ cat unified.ii
extern "C" void *memcpy(void *, const void *, unsigned long);
template <int __v>
struct integral_constant {
  static constexpr int value = __v;
};
using false_type = integral_constant<false>;
struct PluginViewBase;
template <bool, typename, typename _Iffalse>
using conditional_t = _Iffalse;
template <typename>
constexpr bool is_const_v = false_type ::value;
namespace WTF {
template <typename ToType, typename FromType>
ToType bitwise_cast(FromType from) {
  ToType to;
  memcpy(&to, &from, sizeof(to));
  return to;
}
}  // namespace WTF
using WTF::bitwise_cast;
bool isOfType___trans_tmp_2;
namespace WTF {
template <typename, typename>
struct TypeCastTraits;
template <typename ArgType>
bool is(ArgType &source) {
  return TypeCastTraits<const int, ArgType>::isOfType(source);
}
template <typename Reference, typename T>
using match_constness_t = conditional_t<is_const_v<Reference>, T, T>;
template <typename, typename Source>
match_constness_t<Source, PluginViewBase> &downcast(Source &source) {
  return static_cast<match_constness_t<Source, PluginViewBase> &>(source);
}
}  // namespace WTF
using WTF::downcast;
using WTF::is;
class PreciseAllocation;
struct HeapCell {
  PreciseAllocation &preciseAllocation() const;
  int &vm() const;
};
struct WeakSet {
  void vm();
};
struct PreciseAllocation {
  static PreciseAllocation *fromCell(void *cell) {
    char *__trans_tmp_1 = bitwise_cast<char *>(cell);
    return bitwise_cast<PreciseAllocation *>(__trans_tmp_1 - halfAlignment);
  }
  void vm() { m_weakSet.vm(); }
  static constexpr unsigned halfAlignment = 2;
  WeakSet m_weakSet;
};
PreciseAllocation &HeapCell::preciseAllocation() const {
  return *PreciseAllocation::fromCell(const_cast<HeapCell *>(this));
}
int &HeapCell::vm() const { preciseAllocation().vm(); }
struct Node {
  virtual bool isPluginElement() { return false; }
};
struct Widget {};
namespace WTF {
template <typename ArgType>
struct TypeCastTraits<const int, ArgType> {
  static bool isOfType(ArgType &source) {
    isOfType___trans_tmp_2 = source.isPluginElement();
    return isOfType___trans_tmp_2;
  }
};
}  // namespace WTF
struct JSHTMLElement {
  Node &wrapped();
};
struct PluginViewBase : Widget {
  virtual HeapCell *scriptObject(HeapCell *);
};
HeapCell pluginScriptObjectFromPluginViewBase_globalObject;
JSHTMLElement pluginScriptObjectFromPluginViewBase_jsHTMLElement;
HeapCell *pluginScriptObjectFromPluginViewBase___trans_tmp_3;
Node &pluginScriptObjectFromPluginViewBase_element =
    pluginScriptObjectFromPluginViewBase_jsHTMLElement.wrapped();
Widget *pluginScriptObjectFromPluginViewBase_pluginWidget;
HeapCell *pluginScriptObjectFromPluginViewBase() {
  if (!is(pluginScriptObjectFromPluginViewBase_element)) return nullptr;
  pluginScriptObjectFromPluginViewBase___trans_tmp_3 =
      downcast<PluginViewBase>(
          *pluginScriptObjectFromPluginViewBase_pluginWidget)
          .scriptObject(&pluginScriptObjectFromPluginViewBase_globalObject);
  return pluginScriptObjectFromPluginViewBase___trans_tmp_3;
}
void pluginElementCustomGetCallData() {
  if (HeapCell *scriptObject = pluginScriptObjectFromPluginViewBase())
    scriptObject->vm();
}

$ g++ unified.ii -fno-checking -c -Warray-bounds -O3
unified.ii: In member function ‘int& HeapCell::vm() const’:
unified.ii:58:55: warning: no return statement in function returning non-void
[-Wreturn-type]
   58 | int &HeapCell::vm() const { preciseAllocation().vm(); }
      |                                                       ^
In member function ‘void PreciseAllocation::vm()’,
    inlined from ‘int& HeapCell::vm() const’ at unified.ii:58:51,
    inlined from ‘void pluginElementCustomGetCallData()’ at unified.ii:94:21:
unified.ii:51:27: warning: array subscript -2 is outside array bounds of
‘HeapCell [9223372036854775807]’ [-Warray-bounds]
   51 |   void vm() { m_weakSet.vm(); }
      |               ~~~~~~~~~~~~^~
‘
during GIMPLE pass: vrp
In function ‘void pluginElementCustomGetCallData()’:
Segmentation fault
   92 | void pluginElementCustomGetCallData() {
      |      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
0x11a348a crash_signal
        /home/marxin/Programming/gcc/gcc/toplev.c:328
0x7ffff786239f ???
        ../sysdeps/unix/sysv/linux/sigaction.c:10
0xa440a4 tree_check(tree_node*, char const*, int, char const*, tree_code)
        /home/marxin/Programming/gcc/gcc/tree.h:3372
0xa440a4 resolve_virtual_fun_from_obj_type_ref
        /home/marxin/Programming/gcc/gcc/cp/error.c:2153
0xa48f17 dump_expr
        /home/marxin/Programming/gcc/gcc/cp/error.c:2953
0xa4e862 expr_to_string(tree_node*)
        /home/marxin/Programming/gcc/gcc/cp/error.c:3224
0xa4f15c cp_printer
        /home/marxin/Programming/gcc/gcc/cp/error.c:4390
0x1e43257 pp_format(pretty_printer*, text_info*)
        /home/marxin/Programming/gcc/gcc/pretty-print.c:1475
0x1e27e4d diagnostic_report_diagnostic(diagnostic_context*, diagnostic_info*)
        /home/marxin/Programming/gcc/gcc/diagnostic.c:1331
0x1e283d8 diagnostic_impl
        /home/marxin/Programming/gcc/gcc/diagnostic.c:1493
0x1e2879b inform(unsigned int, char const*, ...)
        /home/marxin/Programming/gcc/gcc/diagnostic.c:1572
0xcbc6eb access_ref::inform_access(access_mode) const
        /home/marxin/Programming/gcc/gcc/builtins.c:4633
0xcbc7f6 access_ref::inform_access(access_mode) const
        /home/marxin/Programming/gcc/gcc/builtins.c:4465
0x1c36756 array_bounds_checker::check_mem_ref(unsigned int, tree_node*, bool)
        /home/marxin/Programming/gcc/gcc/gimple-array-bounds.cc:536
0x1c36a01 array_bounds_checker::check_addr_expr(unsigned int, tree_node*)
        /home/marxin/Programming/gcc/gcc/gimple-array-bounds.cc:582
0x1c36af7 array_bounds_checker::check_array_bounds(tree_node**, int*, void*)
        /home/marxin/Programming/gcc/gcc/gimple-array-bounds.cc:738
0x14b23ed walk_tree_1(tree_node**, tree_node* (*)(tree_node**, int*, void*),
void*, hash_set<tree_node*, false, default_hash_traits<tree_node*> >*,
tree_node* (*)(tree_node**, int*, tree_node* (*)(tree_node**, int*, void*),
void*, hash_set<tree_node*, false, default_hash_traits<tree_node*> >*))
        /home/marxin/Programming/gcc/gcc/tree.c:10971
0xecd7f0 walk_gimple_op(gimple*, tree_node* (*)(tree_node**, int*, void*),
walk_stmt_info*)
        /home/marxin/Programming/gcc/gcc/gimple-walk.c:202
0x1c344e8 check_array_bounds_dom_walker::before_dom_children(basic_block_def*)
        /home/marxin/Programming/gcc/gcc/gimple-array-bounds.cc:798
0x1c1faf7 dom_walker::walk(basic_block_def*)
        /home/marxin/Programming/gcc/gcc/domwalk.c:309
Please submit a full bug report,
with preprocessed source if appropriate.
Please include the complete backtrace with any bug report.
See <https://gcc.gnu.org/bugs/> for instructions.

[Bug tree-optimization/101597] New: r12-2132-ga110855667782dac[12 Regression] ICE in evrp since

Reply via email to