| Summary: | [4.3 Regression] ICE in vuses_compare, at tree-vn.c:118 | ||
|---|---|---|---|
| Product: | gcc | Reporter: | Richard Biener <rguenth> |
| Component: | middle-end | Assignee: | Richard Biener <rguenth> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | gcc-bugs |
| Priority: | P3 | Keywords: | alias, ice-on-valid-code |
| Version: | 4.3.0 | ||
| Target Milestone: | 4.3.0 | ||
| Host: | Target: | powerpc-*-* | |
| Build: | Known to work: | ||
| Known to fail: | Last reconfirmed: | 2007-12-04 14:03:39 | |
| Attachments: | reduced testcase | ||
|
Description
Richard Biener
2007-12-04 12:39:37 UTC
Created attachment 14696 [details]
reduced testcase
Appearantly the ICE is dependent on UIDs as if you remove an unused type decl the
ICE disappears.
The difference if I remove the gftp_transfer typedef from the dump after
critical edge splitting is (good vs. bad):
- D.1477_21 = 0B;
- *0B ={v} 0;
+ # VUSE <SMT.32_54, SMT.33_40>
+ D.1481_21 = *dest_19;
+ # SMT.32_41 = VDEF <SMT.32_54>
+ # SMT.33_42 = VDEF <SMT.33_40>
+ *D.1481_21 = 0;
The first real difference is after may_alias recomputation after SRA,
where despite same constraints the points-to solution for dest_1 is
different:
-dest_1, name memory tag: NMT.35, is dereferenced, points-to vars: { SMT.32 }
+dest_1, name memory tag: NMT.35, is dereferenced, points-to vars: { SMT.32 SMT.33 }
The IL shows this in
<bb 8>:
- # SMT.32_48 = PHI <SMT.32_54(3), SMT.32_44(7)>
# argp$0$gpr_30 = PHI <argp$0$gpr_27(3), argp$0$gpr_28(7)>
# argp$0$overflow_arg_area_24 = PHI <argp$0$overflow_arg_area_2(3), argp$0$overflow_arg_area_4(7)>
- # SMT.33_29 = PHI <SMT.33_55(3), SMT.33_55(7)>
+ # SMT.33_29 = PHI <SMT.33_55(3), SMT.33_40(7)>
# SFT.25_26 = PHI <SFT.25_53(3), SFT.25_25(7)>
# SFT.22_23 = PHI <SFT.22_52(3), SFT.22_22(7)>
# dest_1 = PHI <dest_50(3), dest_19(7)>
numargs_20 = numargs_51 + -1;
- # VUSE <SMT.32_48>
- D.1477_21 = *dest_1;
- # SMT.32_41 = VDEF <SMT.32_48>
+ # VUSE <SMT.32_54, SMT.33_29>
+ D.1481_21 = *dest_1;
+ # SMT.32_41 = VDEF <SMT.32_54>
# SMT.33_42 = VDEF <SMT.33_29>
- *D.1477_21 = 0;
+ *D.1481_21 = 0;
and finally store_ccp in one case optimizes this to
@@ -79,11 +93,8 @@
# SMT.32_44 = VDEF <SMT.32_54>
*dest_19 = 0B;
numargs_20 = numargs_51 + -1;
- # VUSE <SMT.32_44>
- D.1477_21 = *dest_19;
- # SMT.32_41 = VDEF <SMT.32_44>
- # SMT.33_42 = VDEF <SMT.33_55>
- *D.1477_21 = 0;
+ D.1477_21 = 0B;
+ *0B ={v} 0;
if (numargs_20 > 0)
goto <bb 3>;
else
which avoids the ICE in SCCVN which looks like:
#2 0x0000000000abf95e in vuses_compare (pa=0x2ba6ff3a3ba8, pb=0x2ba6ff3a3bb0)
at /space/rguenther/src/svn/trunk/gcc/tree-vn.c:118
118 int sn = SSA_NAME_VERSION (vusea) - SSA_NAME_VERSION (vuseb);
(gdb) print vusea
$1 = (const tree) 0x2ba6ff392e10
(gdb) call debug_generic_expr (vusea)
SMT.32
(gdb) call debug_generic_expr (vuseb)
SMT.33_40
that is, one VUSE isn't in SSA form - but was inserted by PRE:
(gdb) call debug_generic_expr (stmt)
# VUSE <SMT.32, SMT.33_40> { SMT.32 SMT.33 }
storetmp.46_60 = *dest_19
I suppose for some reason virtual operand pruning isn't doing the same
for the inserted stmt as for the original stmt where the operands were
copied from. Indeed, we have the appearant mismatch here (crited):
# SMT.33_40 = VDEF <SMT.33_55>
*dest_19 = 0B;
..
# VUSE <SMT.32_54, SMT.33_40>
D.1481_21 = *dest_19;
The issue is that the loaded_syms bitmap doesn't agree with the VUSEs:
(gdb) call debug_generic_expr (stmt)
# VUSE <SMT.33_40> { SMT.32 SMT.33 }
storetmp.46_60 = *dest_19
as in create_ssa_artificial_load_stmt we make sure to kill build_vuses, but
not to clear the build_loads bitmap. With that fixed we generate
# VUSE <SMT.33_40> { SMT.33 }
storetmp.46_60 = *dest_19
which looks better, but later still ICEs, because the operand scanner
re-inserts the load of SMT.32.
So one could argue that for the original statement where we copy the
virtual operands from
# SMT.33_40 = VDEF <SMT.33_55> { SMT.33 }
*dest_19 = 0B
that this is missing a VDEF of SMT.32 (the alias sets of both SMT.32 and
*dest_19 are 3).
Note also that even during the first may_alias pass(!) we do not have
flow-sensitive information for dest_19:
NOTE: no flow-sensitive alias info for dest_19 in *dest_19 = 0B;
that is, we only use a fallback SMT here. And the failure mode is exactly
as I have predicted - we add the aliases of SMT.32 (SMT.33), but not SMT.32
itself!
Mine.
Subject: Bug 34334 Author: rguenth Date: Tue Dec 4 17:20:34 2007 New Revision: 130602 URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=130602 Log: 2007-12-04 Richard Guenther <rguenther@suse.de> PR middle-end/34334 PR middle-end/34222 * tree-ssa-operands.c (get_addr_dereference_operands): If we fall back to using the SMTs aliases, make sure to add virtual operands for the SMT itself. (create_ssa_artificial_load_stmt): Fix typo. Make sure to also clear the loaded and stored symbols bitmaps. * gcc.c-torture/compile/pr34334.c: New testcase. * g++.dg/torture/pr34222.C: New testcase. Added: trunk/gcc/testsuite/g++.dg/torture/pr34222.C trunk/gcc/testsuite/gcc.c-torture/compile/pr34334.c Modified: trunk/gcc/ChangeLog trunk/gcc/testsuite/ChangeLog trunk/gcc/tree-ssa-operands.c Fixed. |