https://gcc.gnu.org/bugzilla/show_bug.cgi?id=123888
--- Comment #21 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
The function is originally
static nsresult NewStandardURI(const nsACString& aSpec, const char* aCharset,
nsIURI* aBaseURI, int32_t aDefaultPort,
nsIURI** aURI) {
return NS_MutateURI(new nsStandardURL::Mutator())
.Apply(&nsIStandardURLMutator::Init, nsIStandardURL::URLTYPE_AUTHORITY,
aDefaultPort, aSpec, aCharset, aBaseURI, nullptr)
.Finalize(aURI);
}
and as I wrote, in the case when this crashes without devirtualization this
would call
_ZThn24_N7mozilla3net13nsStandardURL16TemplatedMutatorIS1_E4InitEjiRK12nsTSubstringIcEPKcP6nsIURIPP13nsIURIMutator
and Create is what is called in there.
That is nsStandardURI.h:
RefPtr<T> uri;
if (BaseURIMutator<T>::mURI) {
// We don't need a new URI object if we already have one
BaseURIMutator<T>::mURI.swap(uri);
} else {
uri = Create();
}
and Create is I think
T* Create() override { return new T(mMarkedFileURL); }
which I think is
_ZN7mozilla3net13nsStandardURL16TemplatedMutatorIS1_E6CreateEv.
The dumps have in other spots
libxul.so.ltrans3.ltrans.273t.optimized: if (PROF_26 ==
_ZThn8_N7mozilla3net13nsStandardURL16TemplatedMutatorIS1_E6CreateEv)
libxul.so.ltrans3.ltrans.273t.optimized: if (PROF_22 ==
_ZThn8_N7mozilla3net13nsStandardURL16TemplatedMutatorIS1_E6CreateEv)
libxul.so.ltrans7.ltrans.273t.optimized:;; Function Create
(_ZN7mozilla3net13nsStandardURL16TemplatedMutatorIS1_E6CreateEv.lto_priv.0,
funcdef_no=224, decl_uid=7990, cgraph_uid=576, symbol_order=531) (hot)
