[Bug tree-optimization/112303] [14 Regression] ICE on valid code at -O3 on x86_64-linux-gnu: verify_flow_info failed since r14-3459-g0c78240fd7d519

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

From: "jakub at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug tree-optimization/112303] [14 Regression] ICE on valid code at -O3 on x86_64-linux-gnu: verify_flow_info failed since r14-3459-g0c78240fd7d519
Date: Tue, 26 Mar 2024 11:45:24 +0000	[thread overview]
Message-ID: <bug-112303-4-QZ3EyWPb8p@http.gcc.gnu.org/bugzilla/> (raw)
In-Reply-To: <bug-112303-4@http.gcc.gnu.org/bugzilla/>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112303

--- Comment #12 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
(In reply to Jakub Jelinek from comment #11)
> (In reply to Richard Biener from comment #10)
> > Looks like so, can you test that?  I think !(bb->count >= new_count) is good,
> > we're using this kind of compare regularly.
> 
> Sure, I'll test that.

Actually no, that doesn't help, nor the IMO better
  if (!new_count.initialized_p () || bb->count < new_count)
    new_count = bb->count;
because if say bb->count is not initialized but e->count is, we don't want to
overwrite it.
The thing is that new_count is actually not used unless e is non-NULL.

The actual problem is different, bb->count of one of the duplicated blocks is
initialized to the largest possible unitialized m_val (0x3ffffffffffffffe aka
2305843009213693950 (estimated locally, freq 144115188075855872.0000)
) and then scaled to uninitialized.
This is because in the second duplicate_loop_body_to_header_edge on the
testcase (with the #c9 patch to reproduce it even on the trunk) we have
(gdb) p count_le.debug ()
1729382256910270463 (estimated locally, freq 108086391056891904.0000)
(gdb) p count_out_orig.debug ()
576460752303423488 (estimated locally, freq 36028797018963968.0000)
but
1264          profile_count new_count_le = count_le + count_out_orig;
is
(gdb) p new_count_le.debug ()
uninitialized
because 0x17ffffffffffffff + 0x800000000000000 yields the largest possible
value.

If profile_count wants to use the 0x1fffffffffffffff value as unitialized,
shouldn't
it perform saturating arithmetics such that the counts will be never larger
than
0x1ffffffffffffffe unless it is really meant to be uninitialized?
I mean in all those spots like operator+ which just m_val + other.m_val and
similar without checking for overflow?  What about apply_scale etc.?

Honza?

next prev parent reply	other threads:[~2024-03-26 11:45 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-10-30 21:52 [Bug tree-optimization/112303] New: ICE on valid code at -O3 on x86_64-linux-gnu: verify_flow_info failed zhendong.su at inf dot ethz.ch
2023-10-30 21:55 ` [Bug tree-optimization/112303] " zhendong.su at inf dot ethz.ch
2023-10-30 21:59 ` [Bug tree-optimization/112303] [14 Regression] " pinskia at gcc dot gnu.org
2023-10-30 22:00 ` pinskia at gcc dot gnu.org
2023-10-31  3:21 ` sjames at gcc dot gnu.org
2023-10-31  5:15 ` [Bug tree-optimization/112303] [14 Regression] ICE on valid code at -O3 on x86_64-linux-gnu: verify_flow_info failed since r14-3459-g0c78240fd7d519 sjames at gcc dot gnu.org
2023-10-31  8:45 ` rguenth at gcc dot gnu.org
2023-10-31 11:08 ` zhendong.su at inf dot ethz.ch
2023-12-05 22:55 ` pinskia at gcc dot gnu.org
2023-12-05 23:02 ` jakub at gcc dot gnu.org
2023-12-06  7:35 ` rguenther at suse dot de
2024-03-05 11:19 ` jakub at gcc dot gnu.org
2024-03-26 10:36 ` rguenth at gcc dot gnu.org
2024-03-26 10:40 ` jakub at gcc dot gnu.org
2024-03-26 11:45 ` jakub at gcc dot gnu.org [this message]
2024-03-27 14:35 ` jakub at gcc dot gnu.org
2024-03-27 17:46 ` hubicka at ucw dot cz
2024-03-28 14:05 ` cvs-commit at gcc dot gnu.org
2024-03-30  3:55 ` cvs-commit at gcc dot gnu.org
2024-04-03 11:59 ` jakub at gcc dot gnu.org

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-112303-4-QZ3EyWPb8p@http.gcc.gnu.org/bugzilla/ \
    --to=gcc-bugzilla@gcc.gnu.org \
    --cc=gcc-bugs@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).