Hi,
In early_inliner we do recompute inline summaries for edges after
optimize_inline_calls, but check this summary exists in case new edges appear.
But then it calls inline_update_overall_summary which also going through edges
inline summaries but with no check this time causing segfault. This patch
fixes it. Bootstrapped and regtested for x86_64-unknown-linux-gnu. Is it OK
for trunk and gcc-5-branch?
Thanks,
Ilya
--
gcc/
2015-06-18 Ilya Enkovich <enkovich....@gmail.com>
PR ipa/66566
* ipa-inline-analysis.c (estimate_calls_size_and_time): Check
edge summary is available.
gcc/testsuite/
2015-06-18 Ilya Enkovich <enkovich....@gmail.com>
PR ipa/66566
* gcc.target/i386/mpx/pr66566.c: New test.
diff --git a/gcc/ipa-inline-analysis.c b/gcc/ipa-inline-analysis.c
index bbde855..e910ac5 100644
--- a/gcc/ipa-inline-analysis.c
+++ b/gcc/ipa-inline-analysis.c
@@ -3122,6 +3122,9 @@ estimate_calls_size_and_time (struct cgraph_node *node,
int *size,
struct cgraph_edge *e;
for (e = node->callees; e; e = e->next_callee)
{
+ if (inline_edge_summary_vec.length () <= (unsigned) e->uid)
+ continue;
+
struct inline_edge_summary *es = inline_edge_summary (e);
/* Do not care about zero sized builtins. */
@@ -3153,6 +3156,9 @@ estimate_calls_size_and_time (struct cgraph_node *node,
int *size,
}
for (e = node->indirect_calls; e; e = e->next_callee)
{
+ if (inline_edge_summary_vec.length () <= (unsigned) e->uid)
+ continue;
+
struct inline_edge_summary *es = inline_edge_summary (e);
if (!es->predicate
|| evaluate_predicate (es->predicate, possible_truths))
diff --git a/gcc/testsuite/gcc.target/i386/mpx/pr66566.c
b/gcc/testsuite/gcc.target/i386/mpx/pr66566.c
new file mode 100644
index 0000000..a405c20
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/pr66566.c
@@ -0,0 +1,12 @@
+/* { dg-do compile } */
+/* { dg-options "-O2 -fcheck-pointer-bounds -mmpx" } */
+
+union jsval_layout
+{
+ void *asPtr;
+};
+union jsval_layout a;
+union jsval_layout b;
+union jsval_layout __inline__ fn1() { return b; }
+
+void fn2() { a = fn1(); }
