subject:"\[Bug ipa\/68220\] \[5\/6 Regression\] Devirtualization ICE in record_target_from

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

2015-11-06 Thread hubicka at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68220

--- Comment #6 from Jan Hubicka  ---
Author: hubicka
Date: Fri Nov  6 16:04:38 2015
New Revision: 229859

URL: https://gcc.gnu.org/viewcvs?rev=229859&root=gcc&view=rev
Log:

PR ipa/68057
PR ipa/68220
* ipa-polymorphic-call.c
(ipa_polymorphic_call_context::restrict_to_inner_type): Fix ordering
issue when offset is out of range.
(contains_type_p): Fix out of range check, clear dynamic flag.
* g++.dg/lto/pr68057_0.C: New testcase.
* g++.dg/lto/pr68057_1.C: New testcase.
* g++.dg/torture/pr68220.C: New testcase.

Added:
trunk/gcc/testsuite/g++.dg/lto/pr68057_0.C
trunk/gcc/testsuite/g++.dg/lto/pr68057_1.C
trunk/gcc/testsuite/g++.dg/torture/pr68220.C
Modified:
trunk/gcc/ChangeLog
trunk/gcc/ipa-polymorphic-call.c
trunk/gcc/testsuite/ChangeLog

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

2015-11-05 Thread hubicka at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68220

--- Comment #5 from Jan Hubicka  ---
I am testing the following. This bug crept in when adding the dynamic types:
Index: ipa-polymorphic-call.c
===
--- ipa-polymorphic-call.c  (revision 229820)
+++ ipa-polymorphic-call.c  (working copy)
@@ -154,6 +154,8 @@ ipa_polymorphic_call_context::restrict_t
   && tree_to_shwi (TYPE_SIZE (outer_type)) >= 0
   && tree_to_shwi (TYPE_SIZE (outer_type)) <= offset)
{
+ bool der = maybe_derived_type; /* clear_outer_type will reset it.  */
+ bool dyn = dynamic;
  clear_outer_type (otr_type);
  type = otr_type;
  cur_offset = 0;
@@ -162,7 +164,7 @@ ipa_polymorphic_call_context::restrict_t
For dynamic types, we really do not have information about
size of the memory location.  It is possible that completely
different type is stored after outer_type.  */
- if (!maybe_derived_type && !dynamic)
+ if (!der && !dyn)
{
 clear_speculation ();
 invalid = true;
@@ -467,6 +469,7 @@ contains_type_p (tree outer_type, HOST_W
   context.offset = offset;
   context.outer_type = TYPE_MAIN_VARIANT (outer_type);
   context.maybe_derived_type = false;
+  context.dynamic = false;
   return context.restrict_to_inner_class (otr_type, consider_placement_new,
consider_bases);
 }

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

2015-11-05 Thread hubicka at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68220

--- Comment #4 from Jan Hubicka  ---
OK, we have:

(gdb) p context
$4 = {offset = 0, speculative_offset = 96, outer_type = 0x76c77c78,
speculative_outer_type = 0x76cd5348, maybe_in_construction = 1,
maybe_derived_type = 1, 
  speculative_maybe_derived_type = 1, invalid = 0, dynamic = 1}

and the code gets lost in analyzing speculative_outer_type, because there is
simply no binfo on the address:

  constant 64>
unit size  constant 8>
align 64 symtab 0 alias set 3 canonical type 0x76cd5348
fields 
public unsigned DI size  unit size

align 64 symtab 0 alias set 4 canonical type 0x76c34540>
unsigned virtual DI file /aux/hubicka/t.C line 225 col 8 size
 unit size 
align 64 offset_align 128
offset 
bit offset  context 
chain 
used nonlocal decl_4 VOID file /aux/hubicka/t.C line 225 col 17
align 1 context  result

   >> context 
full-name "struct Fragment"
needs-constructor needs-destructor X() X(constX&) this=(X&) n_parents=0
use_template=0 interface-only
pointer_to_this  reference_to_this
 chain >

Well, the type is simply too small. The assert is simply too overactive, but
restrict_to_inner_type could probably drop the info when it knows the offset is
off the range.

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

2015-11-05 Thread hubicka at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68220

Jan Hubicka  changed:

   What|Removed |Added

 Status|NEW |ASSIGNED
 CC||hubicka at gcc dot gnu.org

--- Comment #3 from Jan Hubicka  ---
Mine.

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

2015-11-05 Thread trippels at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68220

--- Comment #2 from Markus Trippelsdorf  ---
Created attachment 36654
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=36654&action=edit
somewhat reduced testcase

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

2015-11-05 Thread rguenth at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68220

Richard Biener  changed:

   What|Removed |Added

   Target Milestone|--- |5.3
Summary|[5.2.1 Regression]  |[5/6 Regression]
   |Devirtualization ICE in |Devirtualization ICE in
   |record_target_from_binfo,   |record_target_from_binfo,
   |at ipa-devirt.c:2389|at ipa-devirt.c:2389

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

[Bug ipa/68220] [5/6 Regression] Devirtualization ICE in record_target_from_binfo, at ipa-devirt.c:2389

6 matches

Site Navigation

Mail list logo

Footer information