public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c++/108605] New: [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089
@ 2023-01-30 20:06 gscfq@t-online.de
2023-01-30 20:28 ` [Bug ipa/108605] " pinskia at gcc dot gnu.org
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: gscfq@t-online.de @ 2023-01-30 20:06 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108605
Bug ID: 108605
Summary: [13 Regression] ICE in ipa_push_agg_values_from_jfunc,
at ipa-cp.cc:2089
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c++
Assignee: unassigned at gcc dot gnu.org
Reporter: gscfq@t-online.de
Target Milestone: ---
Started between 20221016 and 20221023, at -O2+ :
$ cat z1.cc
typedef enum {A} E;
struct S {
E __attribute__ ((mode (__byte__))) a;
E __attribute__ ((mode (__byte__))) b;
E __attribute__ ((mode (__byte__))) c;
int d[2147483647];
E e;
};
void foo (S *s)
{
if (s->b && s->c != A)
__builtin_abort ();
}
void bar ()
{
struct S s[2];
s[0].a = A;
s[0].e = A;
foo (s);
}
$ g++-13-20230129 -c z1.cc -O2
during IPA pass: inline
z1.cc:20:1: internal compiler error: in ipa_push_agg_values_from_jfunc, at
ipa-cp.cc:2089
20 | }
| ^
0x1b03d95 ipa_push_agg_values_from_jfunc(ipa_node_params*, cgraph_node*,
ipa_agg_jump_function*, unsigned int, vec<ipa_argagg_value, va_heap, vl_ptr>*)
../../gcc/ipa-cp.cc:2088
0xc6f68d evaluate_properties_for_edge(cgraph_edge*, bool, unsigned int*,
unsigned int*, ipa_auto_call_arg_values*, bool)
../../gcc/ipa-fnsummary.cc:668
0xc83842 do_estimate_edge_size(cgraph_edge*)
../../gcc/ipa-inline-analysis.cc:335
0xc851ba estimate_edge_size
../../gcc/ipa-inline.h:79
0xc851ba estimate_edge_growth
../../gcc/ipa-inline.h:100
0xc851ba do_estimate_growth_1
../../gcc/ipa-inline-analysis.cc:434
0xc85835 cgraph_node::call_for_symbol_and_aliases(bool (*)(cgraph_node*,
void*), void*, bool)
../../gcc/cgraph.h:3416
0xc85835 estimate_growth(cgraph_node*)
../../gcc/ipa-inline-analysis.cc:472
0x1b237a8 inline_small_functions
../../gcc/ipa-inline.cc:1986
0x1b24151 ipa_inline
../../gcc/ipa-inline.cc:2754
0x1b24151 execute
../../gcc/ipa-inline.cc:3153
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089
2023-01-30 20:06 [Bug c++/108605] New: [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089 gscfq@t-online.de
@ 2023-01-30 20:28 ` pinskia at gcc dot gnu.org
2023-01-30 20:34 ` [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX pinskia at gcc dot gnu.org
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-01-30 20:28 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108605
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Slightly more reduced:
```
struct S {
char a;
char b;
char c;
int d[0x7fffffffu];
int e;
};
void foo (S *s)
{
if (s->b && s->c != 0)
__builtin_abort ();
}
void bar ()
{
struct S s[2];
s[0].a = 0;
s[0].e = 0;
foo (s);
}
```
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX
2023-01-30 20:06 [Bug c++/108605] New: [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089 gscfq@t-online.de
2023-01-30 20:28 ` [Bug ipa/108605] " pinskia at gcc dot gnu.org
@ 2023-01-30 20:34 ` pinskia at gcc dot gnu.org
2023-01-30 20:36 ` pinskia at gcc dot gnu.org
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-01-30 20:34 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108605
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jamborm at gcc dot gnu.org
Status|UNCONFIRMED |NEW
Summary|[13 Regression] ICE in |[13 Regression] ICE in
|ipa_push_agg_values_from_jf |ipa_push_agg_values_from_jf
|unc, at ipa-cp.cc:2089 |unc with offsets >= INT_MAX
Ever confirmed|0 |1
Target Milestone|--- |13.0
Last reconfirmed| |2023-01-30
--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
unsigned prev_unit_offset = 0;
That is obvious wrong, it should have been unsigned HOST_WIDE_INT ...
Introduced by r13-3359-g656b2338c8f248
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX
2023-01-30 20:06 [Bug c++/108605] New: [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089 gscfq@t-online.de
2023-01-30 20:28 ` [Bug ipa/108605] " pinskia at gcc dot gnu.org
2023-01-30 20:34 ` [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX pinskia at gcc dot gnu.org
@ 2023-01-30 20:36 ` pinskia at gcc dot gnu.org
2023-01-31 8:51 ` rguenth at gcc dot gnu.org
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-01-30 20:36 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108605
--- Comment #3 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Slightly modified testcase so it comes with both C and C++ front-ends:
```
struct S {
char a;
char b;
char c;
int d[0x7fffffffu];
int e;
};
void foo (struct S *s)
{
if (s->b && s->c != 0)
__builtin_abort ();
}
void bar ()
{
struct S s[2];
s[0].a = 0;
s[0].e = 0;
foo (s);
}
```
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX
2023-01-30 20:06 [Bug c++/108605] New: [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089 gscfq@t-online.de
` (2 preceding siblings ...)
2023-01-30 20:36 ` pinskia at gcc dot gnu.org
@ 2023-01-31 8:51 ` rguenth at gcc dot gnu.org
2023-02-10 17:39 ` [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX since r13-3359-g656b2338c8f248 jakub at gcc dot gnu.org
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: rguenth at gcc dot gnu.org @ 2023-01-31 8:51 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108605
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P3 |P1
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX since r13-3359-g656b2338c8f248
2023-01-30 20:06 [Bug c++/108605] New: [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089 gscfq@t-online.de
` (3 preceding siblings ...)
2023-01-31 8:51 ` rguenth at gcc dot gnu.org
@ 2023-02-10 17:39 ` jakub at gcc dot gnu.org
2023-02-10 18:26 ` jakub at gcc dot gnu.org
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: jakub at gcc dot gnu.org @ 2023-02-10 17:39 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108605
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jakub at gcc dot gnu.org
--- Comment #4 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
The use of unsigned for offsets is all around IPA:
ipa-param-manipulation.h: unsigned unit_offset;
ipa-param-manipulation.h: unsigned unit_offset;
ipa-param-manipulation.h: void register_replacement (tree base, unsigned
unit_offset, tree replacement);
ipa-param-manipulation.h: tree lookup_replacement (tree base, unsigned
unit_offset);
ipa-param-manipulation.h:
unsigned unit_offset);
ipa-prop.h: unsigned unit_offset;
ipa-prop.h: tree get_value (int index, unsigned unit_offset, bool by_ref)
const;
ipa-prop.h: tree get_value (int index, unsigned unit_offset) const;
ipa-prop.h: const ipa_argagg_value *get_elt (int index, unsigned unit_offset)
const;
ipa-cp.cc:ipa_argagg_value_list::get_elt (int index, unsigned unit_offset)
const
ipa-cp.cc: unsigned prev_unit_offset = 0;
ipa-cp.cc:ipa_argagg_value_list::get_value (int index, unsigned unit_offset)
const
ipa-cp.cc:ipa_argagg_value_list::get_value (int index, unsigned unit_offset,
ipa-cp.cc: unsigned other_offset = other.m_elts[i].unit_offset;
ipa-cp.cc: unsigned prev_unit_offset = 0;
ipa-cp.cc: unsigned prev_unit_offset = 0;
ipa-cp.cc: unsigned this_offset = elts[i].unit_offset;
ipa-cp.cc: unsigned prev_unit_offset = 0;
ipa-cp.cc: unsigned unit_offset = aglat->offset / BITS_PER_UNIT;
ipa-cp.cc: unsigned prev_unit_offset = 0;
ipa-param-manipulation.cc: unsigned unit_offset;
ipa-param-manipulation.cc:isra_get_ref_base_and_offset (tree expr, tree
*base_p, unsigned *unit_offset_p)
ipa-param-manipulation.cc:
unsigned unit_offset,
ipa-param-manipulation.cc:
unsigned unit_offset)
ipa-param-manipulation.cc:ipa_param_body_adjustments::lookup_replacement (tree
base, unsigned unit_offset)
ipa-param-manipulation.cc: unsigned unit_offset;
ipa-prop.cc: unsigned unit_offset = bit_offset / BITS_PER_UNIT;
ipa-sra.cc: unsigned unit_offset;
ipa-sra.cc: unsigned unit_offset;
ipa-sra.cc: unsigned unit_offset, unsigned unit_size)
ipa-sra.cc: unsigned offset = argacc->unit_offset + delta_offset;
From the above, only aglat->offset is actually HOST_WIDE_INT.
Now, I think it is just fine to use unsigned rather than say unsigned
HOST_WIDE_INT here, as long as we punt
on trying to optimize stuff which is above those offsets. E.g.
isra_get_ref_base_and_offset has
if (offset < 0 || (offset / BITS_PER_UNIT) > UINT_MAX)
return false;
*base_p = base;
*unit_offset_p = offset / BITS_PER_UNIT;
return true;
and so looks just fine to me. So, one possibility is just to fix wherever we
haven't done
similar check.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX since r13-3359-g656b2338c8f248
2023-01-30 20:06 [Bug c++/108605] New: [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089 gscfq@t-online.de
` (4 preceding siblings ...)
2023-02-10 17:39 ` [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX since r13-3359-g656b2338c8f248 jakub at gcc dot gnu.org
@ 2023-02-10 18:26 ` jakub at gcc dot gnu.org
2023-02-11 14:58 ` cvs-commit at gcc dot gnu.org
2023-02-11 14:59 ` jakub at gcc dot gnu.org
7 siblings, 0 replies; 9+ messages in thread
From: jakub at gcc dot gnu.org @ 2023-02-10 18:26 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108605
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
Assignee|unassigned at gcc dot gnu.org |jakub at gcc dot gnu.org
--- Comment #5 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Created attachment 54451
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=54451&action=edit
gcc13-pr108605.patch
Untested fix.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX since r13-3359-g656b2338c8f248
2023-01-30 20:06 [Bug c++/108605] New: [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089 gscfq@t-online.de
` (5 preceding siblings ...)
2023-02-10 18:26 ` jakub at gcc dot gnu.org
@ 2023-02-11 14:58 ` cvs-commit at gcc dot gnu.org
2023-02-11 14:59 ` jakub at gcc dot gnu.org
7 siblings, 0 replies; 9+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2023-02-11 14:58 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108605
--- Comment #6 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Jakub Jelinek <jakub@gcc.gnu.org>:
https://gcc.gnu.org/g:00a49047b504b27a8dd19d819c7bc48d54078767
commit r13-5818-g00a49047b504b27a8dd19d819c7bc48d54078767
Author: Jakub Jelinek <jakub@redhat.com>
Date: Sat Feb 11 15:57:54 2023 +0100
ipa-cp: Punt for too large offsets [PR108605]
Seems most of IPA uses unsigned type for byte offsets
ipa-param-manipulation.h: unsigned unit_offset;
ipa-param-manipulation.h: unsigned unit_offset;
ipa-param-manipulation.h: void register_replacement (tree base, unsigned
unit_offset, tree replacement);
ipa-param-manipulation.h: tree lookup_replacement (tree base, unsigned
unit_offset);
ipa-param-manipulation.h:
unsigned unit_offset);
ipa-prop.h: unsigned unit_offset;
ipa-prop.h: tree get_value (int index, unsigned unit_offset, bool by_ref)
const;
ipa-prop.h: tree get_value (int index, unsigned unit_offset) const;
ipa-prop.h: const ipa_argagg_value *get_elt (int index, unsigned
unit_offset) const;
ipa-cp.cc:ipa_argagg_value_list::get_elt (int index, unsigned unit_offset)
const
ipa-cp.cc: unsigned prev_unit_offset = 0;
ipa-cp.cc:ipa_argagg_value_list::get_value (int index, unsigned
unit_offset) const
ipa-cp.cc:ipa_argagg_value_list::get_value (int index, unsigned
unit_offset,
ipa-cp.cc: unsigned other_offset = other.m_elts[i].unit_offset;
ipa-cp.cc: unsigned prev_unit_offset = 0;
ipa-cp.cc: unsigned prev_unit_offset = 0;
ipa-cp.cc: unsigned this_offset = elts[i].unit_offset;
ipa-cp.cc: unsigned prev_unit_offset = 0;
ipa-cp.cc: unsigned unit_offset = aglat->offset / BITS_PER_UNIT;
ipa-cp.cc: unsigned prev_unit_offset = 0;
ipa-param-manipulation.cc: unsigned unit_offset;
ipa-param-manipulation.cc:isra_get_ref_base_and_offset (tree expr, tree
*base_p, unsigned *unit_offset_p)
ipa-param-manipulation.cc:
unsigned unit_offset,
ipa-param-manipulation.cc:
unsigned unit_offset)
ipa-param-manipulation.cc:ipa_param_body_adjustments::lookup_replacement
(tree base, unsigned unit_offset)
ipa-param-manipulation.cc: unsigned unit_offset;
ipa-prop.cc: unsigned unit_offset = bit_offset / BITS_PER_UNIT;
ipa-sra.cc: unsigned unit_offset;
ipa-sra.cc: unsigned unit_offset;
ipa-sra.cc: unsigned unit_offset, unsigned
unit_size)
ipa-sra.cc: unsigned offset = argacc->unit_offset + delta_offset;
so before converting a HOST_WIDE_INT bit offset to unsigned byte offset
we need to punt for too large offsets. Some places do that, e.g.
isra_get_ref_base_and_offset has
if (offset < 0 || (offset / BITS_PER_UNIT) > UINT_MAX)
return false;
but ipa_agg_value_from_jfunc doesn't.
The following patch fixes that.
2023-02-11 Jakub Jelinek <jakub@redhat.com>
PR ipa/108605
* ipa-cp.cc (ipa_agg_value_from_jfunc): Return NULL_TREE also if
item->offset bit position is too large to be representable as
unsigned int byte position.
* c-c++-common/pr108605.c: New test.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX since r13-3359-g656b2338c8f248
2023-01-30 20:06 [Bug c++/108605] New: [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089 gscfq@t-online.de
` (6 preceding siblings ...)
2023-02-11 14:58 ` cvs-commit at gcc dot gnu.org
@ 2023-02-11 14:59 ` jakub at gcc dot gnu.org
7 siblings, 0 replies; 9+ messages in thread
From: jakub at gcc dot gnu.org @ 2023-02-11 14:59 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108605
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #7 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Should be fixed now.
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2023-02-11 14:59 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-30 20:06 [Bug c++/108605] New: [13 Regression] ICE in ipa_push_agg_values_from_jfunc, at ipa-cp.cc:2089 gscfq@t-online.de
2023-01-30 20:28 ` [Bug ipa/108605] " pinskia at gcc dot gnu.org
2023-01-30 20:34 ` [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX pinskia at gcc dot gnu.org
2023-01-30 20:36 ` pinskia at gcc dot gnu.org
2023-01-31 8:51 ` rguenth at gcc dot gnu.org
2023-02-10 17:39 ` [Bug ipa/108605] [13 Regression] ICE in ipa_push_agg_values_from_jfunc with offsets >= INT_MAX since r13-3359-g656b2338c8f248 jakub at gcc dot gnu.org
2023-02-10 18:26 ` jakub at gcc dot gnu.org
2023-02-11 14:58 ` cvs-commit at gcc dot gnu.org
2023-02-11 14:59 ` jakub at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).