[Bug c++/113599] [14 Regression] Wrong computation of member offset through pointer-to-member since r14-5503
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113599 Jakub Jelinek changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED|RESOLVED --- Comment #7 from Jakub Jelinek --- Fixed.
[Bug c++/113599] [14 Regression] Wrong computation of member offset through pointer-to-member since r14-5503
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113599 --- Comment #6 from GCC Commits --- The master branch has been updated by Jakub Jelinek : https://gcc.gnu.org/g:fd620bd3351c6b9821c299035ed17e655d7954b5 commit r14-8439-gfd620bd3351c6b9821c299035ed17e655d7954b5 Author: Jakub Jelinek Date: Fri Jan 26 00:08:36 2024 +0100 c++: Fix up build_m_component_ref [PR113599] The following testcase reduced from GDB is miscompiled starting with r14-5503 PR112427 change. The problem is in the build_m_component_ref hunk, which changed - datum = fold_build_pointer_plus (fold_convert (ptype, datum), component); + datum = cp_convert (ptype, datum, complain); + if (!processing_template_decl) + datum = build2 (POINTER_PLUS_EXPR, ptype, + datum, convert_to_ptrofftype (component)); + datum = cp_fully_fold (datum); Component is e, (sizetype) e is 16, offset of c inside of C. ptype is A *, pointer to type of C::c and datum is Now, previously the above created ((A *) ) p+ (sizetype) e which is correct, but in the new code cp_convert sees that C has A as base class and instead of returning (A *) , it returns where D.2800 is the FIELD_DECL for the A base at offset 8 into C. So, instead of computing ((A *) ) p+ (sizetype) e it computes p+ (sizetype) e, which is ((A *) ) p+ 24. The following patch fixes it by using convert instead of cp_convert which eventually calls build_nop (ptype, datum). 2024-01-26 Jakub Jelinek PR c++/113599 * typeck2.cc (build_m_component_ref): Use convert instead of cp_convert for pointer conversion. * g++.dg/expr/ptrmem11.C: New test.
[Bug c++/113599] [14 Regression] Wrong computation of member offset through pointer-to-member since r14-5503
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113599 --- Comment #5 from Patrick Palka --- D'oh, sorry for the breakage. (In reply to Jakub Jelinek from comment #3) > If no checking is needed, then it could be just datum = build_nop (ptype, > datum); > if we don't want folding. Makes sense to me. We already checked that the object type types is compatible with the poniter-to-member class type via lookup_base, so a simple cast without any extra checking should suffice here. That's what calling 'convert' instead of 'cp_convert' would have done too.
[Bug c++/113599] [14 Regression] Wrong computation of member offset through pointer-to-member since r14-5503
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113599 Jakub Jelinek changed: What|Removed |Added Assignee|unassigned at gcc dot gnu.org |jakub at gcc dot gnu.org Status|NEW |ASSIGNED --- Comment #4 from Jakub Jelinek --- Created attachment 57213 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=57213=edit gcc14-pr113599.patch I'd go with this.
[Bug c++/113599] [14 Regression] Wrong computation of member offset through pointer-to-member since r14-5503
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113599 --- Comment #3 from Jakub Jelinek --- The problem is in that typeck2.cc change: - datum = fold_build_pointer_plus (fold_convert (ptype, datum), component); + datum = cp_convert (ptype, datum, complain); + if (!processing_template_decl) + datum = build2 (POINTER_PLUS_EXPR, ptype, + datum, convert_to_ptrofftype (component)); datum is and ptype is A * from the #c1 testcase. So, previously, we would correctly build (and fold) a POINTER_PLUS_EXPR of (A *) and (sizetype) e (where e is 16, offsetof C::c in C). But, because C has A base, cp_convert of to A * doesn't create (A *) , but returns where D.2800 is the A base in C, which is at offset 8 in the structure. If we add to that 16, we get something at offset 24 rather than the offset 16. I understand the desire to get some error checking on the pointer to pointer conversion, but cp_convert in this case calls cp_convert_pointer which does the base lookups and build_base_path etc. If no checking is needed, then it could be just datum = build_nop (ptype, datum); if we don't want folding.
[Bug c++/113599] [14 Regression] Wrong computation of member offset through pointer-to-member since r14-5503
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113599
Tom de Vries changed:
What|Removed |Added
CC||vries at gcc dot gnu.org
--- Comment #2 from Tom de Vries ---
FWIW, the inherit order is relevant, after applying this change we get the
expected result:
...
-struct thread_info : public dummy, public intrusive_list_node {
+struct thread_info : public intrusive_list_node, public dummy {
...
This could be used as workaround.
[Bug c++/113599] [14 Regression] Wrong computation of member offset through pointer-to-member since r14-5503
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113599
Jakub Jelinek changed:
What|Removed |Added
Last reconfirmed||2024-01-25
Target Milestone|--- |14.0
Priority|P3 |P1
Version|unknown |14.0
Status|UNCONFIRMED |NEW
Ever confirmed|0 |1
Summary|Wrong computation of member |[14 Regression] Wrong
|offset through |computation of member
|pointer-to-member |offset through
||pointer-to-member since
||r14-5503
CC||jakub at gcc dot gnu.org,
||ppalka at gcc dot gnu.org
--- Comment #1 from Jakub Jelinek ---
Started with r14-5503-gd3f48f682271ed94ab6e9f6bc62418a62bd8ff26
Slightly shortened testcase which aborts on error:
struct A { void *a; };
struct B { void *b; };
struct C : public B, public A { A c; };
static C d;
int
main ()
{
auto C::*e = ::c;
auto f = &(d.*e);
auto g =
if (f != g)
__builtin_abort ();
}
