[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp since r13-2500
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778
--- Comment #14 from Richard Biener ---
In this case speculative call expansion is wrecking abnormal edges. Instead
of distributing an abnormal edge to both calls we leave it on the merge block
of the if ().
The actual issue seems to be that when early inlining
void S::foo (struct S * const this)
{
int (*) () * _1;
int (*) () _2;
;; basic block 2, loop depth 0
;;pred: ENTRY
_1 = this_4(D)->_vptr.S;
_2 = *_1;
OBJ_TYPE_REF(_2;(struct S)this_4(D)->0B) (this_4(D));
return;
into qux at
;; basic block 6, loop depth 0
;;pred: 2
;;4
# a.1_4(ab) = PHI
S::foo (y_13(D));
;;succ: 7
;;5
while S::foo (y_13(D)) is marked as ctrl-altering due to the abnormal edge
the inlined OBJ_TYPE_REF(_2;(struct S)this_4(D)->0B) (this_4(D)) call is
not. We're set up to purge edges, but the indirect call expansion done
fails to mark inlined calls it adds abnormal edges from as control-altering.
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp since r13-2500
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 --- Comment #16 from GCC Commits --- The master branch has been updated by Richard Biener : https://gcc.gnu.org/g:a48f934211434cac1be951c207ee76e4b4340fac commit r15-9422-ga48f934211434cac1be951c207ee76e4b4340fac Author: Richard Biener Date: Mon Apr 14 11:42:18 2025 +0200 tree-optimization/119778 - properly mark abnormal edge sources during inlining When inlining a call that abnormally transfers control-flow we make all inlined calls that can possibly transfer abnormal control-flow do so as well. But we failed to mark the calls as altering control-flow. This results in inconsistent behavior later and possibly wrong-code (we'd eventually prune those edges). PR tree-optimization/119778 * tree-inline.cc (copy_edges_for_bb): Mark calls that are source of abnormal edges as altering control-flow. * g++.dg/torture/pr119778.C: New testcase.
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp since r13-2500
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 --- Comment #15 from Richard Biener --- (In reply to Jakub Jelinek from comment #13) > Perhaps both, making it also more robust? It's also wrong-code, so IMO we do want to catch those cases. I did once put in an assert into CFG verificaation that empty BBs cannot have two outgoing edges, but I don't remember what became of that.
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp since r13-2500
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 --- Comment #13 from Jakub Jelinek --- Perhaps both, making it also more robust?
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp since r13-2500
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 Richard Biener changed: What|Removed |Added Priority|P3 |P2 --- Comment #12 from Richard Biener --- So this is again (I've fixed may of those issues), a problem of failed abnormal edge pruning. We have an empty BB with two outgoing edges. We can try to be more robust against this of course, but let's try to fix passes failing to prune those.
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp since r13-2500
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 Jakub Jelinek changed: What|Removed |Added CC||jakub at gcc dot gnu.org --- Comment #11 from Jakub Jelinek --- Better int setjmp (jmp_buf *); even.
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp since r13-2500
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778
--- Comment #10 from Jakub Jelinek ---
Slightly cleaned up testcase:
struct jmp_buf { long l[16]; };
extern "C" void setjmp (jmp_buf *);
struct S {
void foo () { bar (); }
virtual char bar () { return 0; }
};
void baz ();
jmp_buf *a;
void
qux (bool x, S *y)
{
if (x)
setjmp (a);
y->foo ();
baz ();
}
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp since r13-2500
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 Richard Biener changed: What|Removed |Added Status|NEW |ASSIGNED Assignee|unassigned at gcc dot gnu.org |rguenth at gcc dot gnu.org --- Comment #9 from Richard Biener --- I will have a look.
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp since r13-2500
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 Sam James changed: What|Removed |Added Summary|[13/14/15 regression] |[13/14/15 regression] |-Wuninitialized crashed |-Wuninitialized crashed |with longjmp/setjmp |with longjmp/setjmp since ||r13-2500 Keywords|needs-bisection | CC||rguenth at gcc dot gnu.org --- Comment #8 from Sam James --- r13-2500-g0a4a2667dc115c
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 mcccs at gmx dot com changed: What|Removed |Added CC||mcccs at gmx dot com --- Comment #6 from mcccs at gmx dot com --- Bisecting on GCC 13 branch (13.2-13.3) points at https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=5ee6e01fba873580f0ee6c88a3f733e79af2e8a3 Can 13.1 (and 13.2) be moved to "known to work" please? This can be verified on Compiler Explorer (I bisected with the original attachment, by the time I started apinski didn't have uploaded the reductions)
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 --- Comment #7 from Andrew Pinski --- (In reply to mcccs from comment #6) > Bisecting on GCC 13 branch (13.2-13.3) points at > https://gcc.gnu.org/git/?p=gcc.git;a=commit; > h=5ee6e01fba873580f0ee6c88a3f733e79af2e8a3 > > Can 13.1 (and 13.2) be moved to "known to work" please? This can be verified > on Compiler Explorer my reduced testcase fails for 13.1.0 while worked with GCC 12.4.0. Plus that --param uninit-max-chain-len change is just a tuning argument so it was latent before that.
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 --- Comment #3 from Andrew Pinski --- Created attachment 61095 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=61095&action=edit First step in reducing
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 Andrew Pinski changed: What|Removed |Added Known to work||12.4.0 Known to fail||13.1.0 Ever confirmed|0 |1 Last reconfirmed||2025-04-13 Status|UNCONFIRMED |NEW --- Comment #5 from Andrew Pinski --- Confirmed.
[Bug tree-optimization/119778] [13/14/15 regression] -Wuninitialized crashed with longjmp/setjmp
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119778 Andrew Pinski changed: What|Removed |Added Attachment #61095|0 |1 is obsolete|| --- Comment #4 from Andrew Pinski --- Created attachment 61096 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=61096&action=edit Final reduction
