public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "marxin at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug ipa/65236] New: [5 Regression]: IPA ICF causes miscompilation in Chromium built with -Os Date: Fri, 27 Feb 2015 13:49:00 -0000 [thread overview] Message-ID: <bug-65236-4@http.gcc.gnu.org/bugzilla/> (raw) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65236 Bug ID: 65236 Summary: [5 Regression]: IPA ICF causes miscompilation in Chromium built with -Os Product: gcc Version: 5.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: ipa Assignee: marxin at gcc dot gnu.org Reporter: marxin at gcc dot gnu.org Starting from r221040 ICF introduced new wrapper (thunk) created for a couple of symbols in chromium (protoc binary). Semantic equality hit:std::__cxx11::string google::protobuf::MessageLite::SerializePartialAsString() const->std::__cxx11::string google::protobuf::MessageLite::SerializeAsString() const Assembler symbol names:_ZNK6google8protobuf11MessageLite24SerializePartialAsStringEv->_ZNK6google8protobuf11MessageLite17SerializeAsStringEv std::__cxx11::string google::protobuf::MessageLite::SerializePartialAsString() const (const struct MessageLiteD.25422 * const thisD.27459) { <bb 2>: _9 = &MEM[(struct basic_string *)output_3(D)].D.16928._M_local_buf; MEM[(struct _Alloc_hider *)output_3(D)]._M_p = _9; MEM[(size_type *)output_3(D) + 8B] = 0; MEM[(char_type &)output_3(D) + 16] = 0; _7 = google::protobuf::MessageLite::AppendPartialToString (this_5(D), output_3(D)); if (_7 != 0) goto <bb 4>; else goto <bb 3>; <bb 3>: MEM[(size_type *)output_3(D) + 8B] = 0; _4 = MEM[(const struct basic_string *)output_3(D)]; MEM[(char_type &)_4] = 0; <bb 4>: return output_3(D); } std::__cxx11::string google::protobuf::MessageLite::SerializeAsString() const (const struct MessageLiteD.25422 * const thisD.27454) { <bb 2>: _8 = &MEM[(struct basic_string *)output_3(D)].D.16928._M_local_buf; MEM[(struct _Alloc_hider *)output_3(D)]._M_p = _8; MEM[(size_type *)output_3(D) + 8B] = 0; MEM[(char_type &)output_3(D) + 16] = 0; _4 = google::protobuf::MessageLite::AppendPartialToString (this_5(D), output_3(D)); if (_4 != 0) goto <bb 4>; else goto <bb 3>; <bb 3>: MEM[(size_type *)output_3(D) + 8B] = 0; _6 = MEM[(const struct basic_string *)output_3(D)]; MEM[(char_type &)_6] = 0; <bb 4>: return output_3(D); } Unified; Wrapper has been created. Optimized dump: Removing basic block 5 std::__cxx11::string google::protobuf::MessageLite::SerializePartialAsString() const (const struct MessageLite * const this) { char * const _4; bool _7; char[16] * _9; <bb 2>: _9 = &MEM[(struct basic_string *)output_3(D)].D.16928._M_local_buf; MEM[(struct _Alloc_hider *)output_3(D)]._M_p = _9; MEM[(size_type *)output_3(D) + 8B] = 0; MEM[(char_type &)output_3(D) + 16] = 0; _7 = google::protobuf::MessageLite::AppendPartialToString (this_5(D), output_3(D)); if (_7 != 0) goto <bb 4>; else goto <bb 3>; <bb 3>: MEM[(size_type *)output_3(D) + 8B] = 0; _4 = MEM[(const struct basic_string *)output_3(D)]; MEM[(char_type &)_4] = 0; <bb 4>: return output_3(D); } ;; Function std::__cxx11::string google::protobuf::MessageLite::SerializeAsString() const (_ZNK6google8protobuf11MessageLite17SerializeAsStringEv, funcdef_no=1252, decl_uid=25508, cgraph_uid=355, symbol_order=356) std::__cxx11::string google::protobuf::MessageLite::SerializeAsString() const (const struct MessageLite * const this) { <bb 2>: *output_2(D) = google::protobuf::MessageLite::SerializePartialAsString (this_3(D)); [tail call] return output_2(D); } Unfortunately, emitted assembly is miscompiled with double free (memory corruption) error. I'm going to attach RTL dumps. Martin
next reply other threads:[~2015-02-27 13:08 UTC|newest] Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top 2015-02-27 13:49 marxin at gcc dot gnu.org [this message] 2015-02-27 13:50 ` [Bug ipa/65236] " marxin at gcc dot gnu.org 2015-02-27 16:45 ` marxin at gcc dot gnu.org 2015-02-27 23:49 ` hubicka at gcc dot gnu.org 2015-02-28 1:02 ` hubicka at gcc dot gnu.org 2015-02-28 21:40 ` hubicka at gcc dot gnu.org 2015-02-28 22:46 ` hubicka at gcc dot gnu.org 2015-03-02 8:46 ` rguenth at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-65236-4@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).