Hi, somehow I lost two hunks in the patch allowing IPA-CP to process functions with variable number of arguments and one of these omissions caused PR 50301 (416.gamess LTO miscompilation). The two hunks check the number of actual arguments in two places of IPA-CP which are not executed so often and where we currently can get an out-of-bounds VECtor failure.
Bootstrapped and tested on x86_64-linux, I have verified gmaess LTO-builds with it. OK for trunk? Thanks, Martin 2011-09-06 Martin Jambor <mjam...@suse.cz> PR middle-end/50301 * ipa-cp.c (find_more_values_for_callers_subset): Check jump function index bounds. (perhaps_add_new_callers): Likewise. Index: src/gcc/ipa-cp.c =================================================================== --- src.orig/gcc/ipa-cp.c +++ src/gcc/ipa-cp.c @@ -2052,8 +2052,12 @@ find_more_values_for_callers_subset (str struct ipa_jump_func *jump_func; tree t; + if (i >= ipa_get_cs_argument_count (IPA_EDGE_REF (cs))) + { + newval = NULL_TREE; + break; + } jump_func = ipa_get_ith_jump_func (IPA_EDGE_REF (cs), i); - t = ipa_value_from_jfunc (IPA_NODE_REF (cs->caller), jump_func); if (!t || (newval @@ -2123,6 +2127,11 @@ perhaps_add_new_callers (struct cgraph_n if (!val) continue; + if (i >= ipa_get_cs_argument_count (args)) + { + insufficient = true; + break; + } jump_func = ipa_get_ith_jump_func (args, i); t = ipa_value_from_jfunc (caller_info, jump_func); if (!t || !values_equal_for_ipcp_p (val, t))