http://gcc.gnu.org/bugzilla/show_bug.cgi?id=51077
Bug #: 51077
Summary: [4.6/4.7 Regression] Endless recursion with
__builtin_object_size
Classification: Unclassified
Product: gcc
Version: 4.6.2
Status: UNCONFIRMED
Keywords: ice-on-valid-code
Severity: normal
Priority: P3
Component: middle-end
AssignedTo: ja...@gcc.gnu.org
ReportedBy: ja...@gcc.gnu.org
struct S { unsigned char s, t[256]; };
void
foo (const struct S *x, struct S *y, int z)
{
int i;
for (i = 0; i < 8; i++)
{
const struct S *a = &x[i];
__builtin___memcpy_chk (y->t, a->t, z, __builtin_object_size (y->t, 0));
y = (struct S *) &y->t[z];
}
}
ICEs at -O2 starting with
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=179850
(aka PR50700 fix).
Yet untested fix:
--- gcc/tree-object-size.c.jj 2011-10-12 20:28:20.000000000 +0200
+++ gcc/tree-object-size.c 2011-11-10 11:53:37.106777916 +0100
@@ -175,7 +175,7 @@ addr_object_size (struct object_size_inf
unsigned HOST_WIDE_INT sz;
if (!osi || (object_size_type & 1) != 0
- || TREE_CODE (pt_var) != SSA_NAME)
+ || TREE_CODE (TREE_OPERAND (pt_var, 0)) != SSA_NAME)
{
sz = compute_builtin_object_size (TREE_OPERAND (pt_var, 0),
object_size_type & ~1);
TREE_CODE (pt_var) != SSA_NAME is always 1, because a few lines above this
we check that TREE_CODE (pt_var) == MEM_REF.
