| Message ID | 20150618095415.GA28183@msticlxl57.ims.intel.com |
|---|---|
| State | New |
| Headers | show |
Ping 2015-06-18 12:54 GMT+03:00 Ilya Enkovich <enkovich.gnu@gmail.com>: > Hi, > > In early_inliner we do recompute inline summaries for edges after optimize_inline_calls, but check this summary exists in case new edges appear. But then it calls inline_update_overall_summary which also going through edges inline summaries but with no check this time causing segfault. This patch fixes it. Bootstrapped and regtested for x86_64-unknown-linux-gnu. Is it OK for trunk and gcc-5-branch? > > Thanks, > Ilya > -- > gcc/ > > 2015-06-18 Ilya Enkovich <enkovich.gnu@gmail.com> > > PR ipa/66566 > * ipa-inline-analysis.c (estimate_calls_size_and_time): Check > edge summary is available. > > gcc/testsuite/ > > 2015-06-18 Ilya Enkovich <enkovich.gnu@gmail.com> > > PR ipa/66566 > * gcc.target/i386/mpx/pr66566.c: New test. > > > diff --git a/gcc/ipa-inline-analysis.c b/gcc/ipa-inline-analysis.c > index bbde855..e910ac5 100644 > --- a/gcc/ipa-inline-analysis.c > +++ b/gcc/ipa-inline-analysis.c > @@ -3122,6 +3122,9 @@ estimate_calls_size_and_time (struct cgraph_node *node, int *size, > struct cgraph_edge *e; > for (e = node->callees; e; e = e->next_callee) > { > + if (inline_edge_summary_vec.length () <= (unsigned) e->uid) > + continue; > + > struct inline_edge_summary *es = inline_edge_summary (e); > > /* Do not care about zero sized builtins. */ > @@ -3153,6 +3156,9 @@ estimate_calls_size_and_time (struct cgraph_node *node, int *size, > } > for (e = node->indirect_calls; e; e = e->next_callee) > { > + if (inline_edge_summary_vec.length () <= (unsigned) e->uid) > + continue; > + > struct inline_edge_summary *es = inline_edge_summary (e); > if (!es->predicate > || evaluate_predicate (es->predicate, possible_truths)) > diff --git a/gcc/testsuite/gcc.target/i386/mpx/pr66566.c b/gcc/testsuite/gcc.target/i386/mpx/pr66566.c > new file mode 100644 > index 0000000..a405c20 > --- /dev/null > +++ b/gcc/testsuite/gcc.target/i386/mpx/pr66566.c > @@ -0,0 +1,12 @@ > +/* { dg-do compile } */ > +/* { dg-options "-O2 -fcheck-pointer-bounds -mmpx" } */ > + > +union jsval_layout > +{ > + void *asPtr; > +}; > +union jsval_layout a; > +union jsval_layout b; > +union jsval_layout __inline__ fn1() { return b; } > + > +void fn2() { a = fn1(); }
Ping 2015-07-13 11:47 GMT+03:00 Ilya Enkovich <enkovich.gnu@gmail.com>: > Ping > > 2015-06-18 12:54 GMT+03:00 Ilya Enkovich <enkovich.gnu@gmail.com>: >> Hi, >> >> In early_inliner we do recompute inline summaries for edges after optimize_inline_calls, but check this summary exists in case new edges appear. But then it calls inline_update_overall_summary which also going through edges inline summaries but with no check this time causing segfault. This patch fixes it. Bootstrapped and regtested for x86_64-unknown-linux-gnu. Is it OK for trunk and gcc-5-branch? >> >> Thanks, >> Ilya >> -- >> gcc/ >> >> 2015-06-18 Ilya Enkovich <enkovich.gnu@gmail.com> >> >> PR ipa/66566 >> * ipa-inline-analysis.c (estimate_calls_size_and_time): Check >> edge summary is available. >> >> gcc/testsuite/ >> >> 2015-06-18 Ilya Enkovich <enkovich.gnu@gmail.com> >> >> PR ipa/66566 >> * gcc.target/i386/mpx/pr66566.c: New test. >> >> >> diff --git a/gcc/ipa-inline-analysis.c b/gcc/ipa-inline-analysis.c >> index bbde855..e910ac5 100644 >> --- a/gcc/ipa-inline-analysis.c >> +++ b/gcc/ipa-inline-analysis.c >> @@ -3122,6 +3122,9 @@ estimate_calls_size_and_time (struct cgraph_node *node, int *size, >> struct cgraph_edge *e; >> for (e = node->callees; e; e = e->next_callee) >> { >> + if (inline_edge_summary_vec.length () <= (unsigned) e->uid) >> + continue; >> + >> struct inline_edge_summary *es = inline_edge_summary (e); >> >> /* Do not care about zero sized builtins. */ >> @@ -3153,6 +3156,9 @@ estimate_calls_size_and_time (struct cgraph_node *node, int *size, >> } >> for (e = node->indirect_calls; e; e = e->next_callee) >> { >> + if (inline_edge_summary_vec.length () <= (unsigned) e->uid) >> + continue; >> + >> struct inline_edge_summary *es = inline_edge_summary (e); >> if (!es->predicate >> || evaluate_predicate (es->predicate, possible_truths)) >> diff --git a/gcc/testsuite/gcc.target/i386/mpx/pr66566.c b/gcc/testsuite/gcc.target/i386/mpx/pr66566.c >> new file mode 100644 >> index 0000000..a405c20 >> --- /dev/null >> +++ b/gcc/testsuite/gcc.target/i386/mpx/pr66566.c >> @@ -0,0 +1,12 @@ >> +/* { dg-do compile } */ >> +/* { dg-options "-O2 -fcheck-pointer-bounds -mmpx" } */ >> + >> +union jsval_layout >> +{ >> + void *asPtr; >> +}; >> +union jsval_layout a; >> +union jsval_layout b; >> +union jsval_layout __inline__ fn1() { return b; } >> + >> +void fn2() { a = fn1(); }
On 07/20/2015 06:08 AM, Ilya Enkovich wrote: > Ping > > 2015-07-13 11:47 GMT+03:00 Ilya Enkovich <enkovich.gnu@gmail.com>: >> Ping >> >> 2015-06-18 12:54 GMT+03:00 Ilya Enkovich <enkovich.gnu@gmail.com>: >>> Hi, >>> >>> In early_inliner we do recompute inline summaries for edges after optimize_inline_calls, but check this summary exists in case new edges appear. But then it calls inline_update_overall_summary which also going through edges inline summaries but with no check this time causing segfault. This patch fixes it. Bootstrapped and regtested for x86_64-unknown-linux-gnu. Is it OK for trunk and gcc-5-branch? >>> >>> Thanks, >>> Ilya >>> -- >>> gcc/ >>> >>> 2015-06-18 Ilya Enkovich <enkovich.gnu@gmail.com> >>> >>> PR ipa/66566 >>> * ipa-inline-analysis.c (estimate_calls_size_and_time): Check >>> edge summary is available. >>> >>> gcc/testsuite/ >>> >>> 2015-06-18 Ilya Enkovich <enkovich.gnu@gmail.com> >>> >>> PR ipa/66566 >>> * gcc.target/i386/mpx/pr66566.c: New test. OK. jeff
diff --git a/gcc/ipa-inline-analysis.c b/gcc/ipa-inline-analysis.c index bbde855..e910ac5 100644 --- a/gcc/ipa-inline-analysis.c +++ b/gcc/ipa-inline-analysis.c @@ -3122,6 +3122,9 @@ estimate_calls_size_and_time (struct cgraph_node *node, int *size, struct cgraph_edge *e; for (e = node->callees; e; e = e->next_callee) { + if (inline_edge_summary_vec.length () <= (unsigned) e->uid) + continue; + struct inline_edge_summary *es = inline_edge_summary (e); /* Do not care about zero sized builtins. */ @@ -3153,6 +3156,9 @@ estimate_calls_size_and_time (struct cgraph_node *node, int *size, } for (e = node->indirect_calls; e; e = e->next_callee) { + if (inline_edge_summary_vec.length () <= (unsigned) e->uid) + continue; + struct inline_edge_summary *es = inline_edge_summary (e); if (!es->predicate || evaluate_predicate (es->predicate, possible_truths)) diff --git a/gcc/testsuite/gcc.target/i386/mpx/pr66566.c b/gcc/testsuite/gcc.target/i386/mpx/pr66566.c new file mode 100644 index 0000000..a405c20 --- /dev/null +++ b/gcc/testsuite/gcc.target/i386/mpx/pr66566.c @@ -0,0 +1,12 @@ +/* { dg-do compile } */ +/* { dg-options "-O2 -fcheck-pointer-bounds -mmpx" } */ + +union jsval_layout +{ + void *asPtr; +}; +union jsval_layout a; +union jsval_layout b; +union jsval_layout __inline__ fn1() { return b; } + +void fn2() { a = fn1(); }