From e4c68cc7dcb6617740ee26f359a34c37c6981685 Mon Sep 17 00:00:00 2001 From: Richard Sandiford Date: Fri, 7 Aug 2020 10:39:38 +0100 Subject: [PATCH] ipa-devirt: Fix crash in obj_type_ref_class [PR95114] MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The testcase has failed since r9-5035, because obj_type_ref_class tries to look up an ODR type when no ODR type information is available. (The information was available earlier in the compilation, but was freed during pass_ipa_free_lang_data.) We then crash dereferencing the null get_odr_type result. The test passes with -O2. However, it fails again if -fdump-tree-all is used, since obj_type_ref_class is called indirectly from the dump routines. Other code creates ODR type entries on the fly by passing “true” as the insert parameter. But obj_type_ref_class can't do that unconditionally, since it should have no side-effects when used from the dumping code. Following a suggestion from Honza, this patch adds parameters to say whether the routines are being called from dump routines and uses those to derive the insert parameter. gcc/ PR middle-end/95114 * tree.h (virtual_method_call_p): Add a default-false parameter that indicates whether the function is being called from dump routines. (obj_type_ref_class): Likewise. * tree.c (virtual_method_call_p): Likewise. * ipa-devirt.c (obj_type_ref_class): Likewise. Lazily add ODR type information for the type when the parameter is false. * tree-pretty-print.c (dump_generic_node): Update calls to virtual_method_call_p and obj_type_ref_class accordingly. gcc/testsuite/ PR middle-end/95114 * g++.target/aarch64/pr95114.C: New test. (cherry picked from commit 5834e96a08fd8b86a42428f38a95903d2f1de202) --- gcc/ipa-devirt.c | 9 ++++++--- gcc/testsuite/g++.target/aarch64/pr95114.C | 3 +++ gcc/tree-pretty-print.c | 5 +++-- gcc/tree.c | 7 ++++--- gcc/tree.h | 4 ++-- 5 files changed, 18 insertions(+), 10 deletions(-) create mode 100644 gcc/testsuite/g++.target/aarch64/pr95114.C diff --git a/gcc/ipa-devirt.c b/gcc/ipa-devirt.c index 3e040e273058..356641b51a56 100644 --- a/gcc/ipa-devirt.c +++ b/gcc/ipa-devirt.c @@ -2003,10 +2003,11 @@ add_type_duplicate (odr_type val, tree type) return build_bases; } -/* REF is OBJ_TYPE_REF, return the class the ref corresponds to. */ +/* REF is OBJ_TYPE_REF, return the class the ref corresponds to. + FOR_DUMP_P is true when being called from the dump routines. */ tree -obj_type_ref_class (const_tree ref) +obj_type_ref_class (const_tree ref, bool for_dump_p) { gcc_checking_assert (TREE_CODE (ref) == OBJ_TYPE_REF); ref = TREE_TYPE (ref); @@ -2022,8 +2023,10 @@ obj_type_ref_class (const_tree ref) tree ret = TREE_TYPE (ref); if (!in_lto_p && !TYPE_STRUCTURAL_EQUALITY_P (ret)) ret = TYPE_CANONICAL (ret); + else if (odr_type ot = get_odr_type (ret, !for_dump_p)) + ret = ot->type; else - ret = get_odr_type (ret)->type; + gcc_assert (for_dump_p); return ret; } diff --git a/gcc/testsuite/g++.target/aarch64/pr95114.C b/gcc/testsuite/g++.target/aarch64/pr95114.C new file mode 100644 index 000000000000..1689159e47cd --- /dev/null +++ b/gcc/testsuite/g++.target/aarch64/pr95114.C @@ -0,0 +1,3 @@ +template struct foo { virtual void f() = 0; }; +extern foo<__Int8x8_t> &x; +void f() { x.f(); } diff --git a/gcc/tree-pretty-print.c b/gcc/tree-pretty-print.c index b06b595d151a..2190635b4327 100644 --- a/gcc/tree-pretty-print.c +++ b/gcc/tree-pretty-print.c @@ -2943,10 +2943,11 @@ dump_generic_node (pretty_printer *pp, tree node, int spc, dump_flags_t flags, libstdc++-prettyprinters/shared_ptr.cc with and without -g, for example, at occurrences of OBJ_TYPE_REF. */ if (!(flags & (TDF_SLIM | TDF_COMPARE_DEBUG)) - && virtual_method_call_p (node)) + && virtual_method_call_p (node, true)) { pp_string (pp, "("); - dump_generic_node (pp, obj_type_ref_class (node), spc, flags, false); + dump_generic_node (pp, obj_type_ref_class (node, true), + spc, flags, false); pp_string (pp, ")"); } dump_generic_node (pp, OBJ_TYPE_REF_OBJECT (node), spc, flags, false); diff --git a/gcc/tree.c b/gcc/tree.c index 32e94e481322..d8d90bf06368 100644 --- a/gcc/tree.c +++ b/gcc/tree.c @@ -12995,10 +12995,11 @@ lhd_gcc_personality (void) OBJ_TYPE_REF representing an virtual call of C++ method. (As opposed to OBJ_TYPE_REF representing objc calls through a cast where middle-end devirtualization machinery - can't apply.) */ + can't apply.) FOR_DUMP_P is true when being called from + the dump routines. */ bool -virtual_method_call_p (const_tree target) +virtual_method_call_p (const_tree target, bool for_dump_p) { if (TREE_CODE (target) != OBJ_TYPE_REF) return false; @@ -13011,7 +13012,7 @@ virtual_method_call_p (const_tree target) /* If we do not have BINFO associated, it means that type was built without devirtualization enabled. Do not consider this a virtual call. */ - if (!TYPE_BINFO (obj_type_ref_class (target))) + if (!TYPE_BINFO (obj_type_ref_class (target, for_dump_p))) return false; return true; } diff --git a/gcc/tree.h b/gcc/tree.h index 2f8e37bb356f..8d25916ff9d4 100644 --- a/gcc/tree.h +++ b/gcc/tree.h @@ -5043,8 +5043,8 @@ extern location_t *block_nonartificial_location (tree); extern location_t tree_nonartificial_location (tree); extern tree block_ultimate_origin (const_tree); extern tree get_binfo_at_offset (tree, poly_int64, tree); -extern bool virtual_method_call_p (const_tree); -extern tree obj_type_ref_class (const_tree ref); +extern bool virtual_method_call_p (const_tree, bool = false); +extern tree obj_type_ref_class (const_tree ref, bool = false); extern bool types_same_for_odr (const_tree type1, const_tree type2); extern bool contains_bitfld_component_ref_p (const_tree); extern bool block_may_fallthru (const_tree); -- 2.47.2