c++: Fix value-init crash in template [PR93676]

Message ID 20200211195459.358172-1-polacek@redhat.com
State New
Headers show
Series
  • c++: Fix value-init crash in template [PR93676]
Related show

Commit Message

Marek Polacek Feb. 11, 2020, 7:54 p.m.
Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we
attempt to value-initialize in build_vec_init even when there's no
initializer but the type has a constexpr default constructor.  But
build_value_init doesn't work in templates, so I think let's avoid
this scenario; we'll go to the normal build_aggr_init path then.

Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

	PR c++/93676 - value-init crash in template.
	* init.c (build_vec_init): Don't perform value-init in a template.

	* g++.dg/cpp0x/nsdmi-template19.C: New test.
---
 gcc/cp/init.c                                 |  2 +-
 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C


base-commit: 7a775242ea296849a34ce27de179eaaec411e880
-- 
Marek Polacek • Red Hat, Inc. • 300 A St, Boston, MA

Comments

Jason Merrill Feb. 13, 2020, 11:24 p.m. | #1
On 2/11/20 8:54 PM, Marek Polacek wrote:
> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> attempt to value-initialize in build_vec_init even when there's no

> initializer but the type has a constexpr default constructor.  But

> build_value_init doesn't work in templates, so I think let's avoid

> this scenario; we'll go to the normal build_aggr_init path then.

> 

> Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

> 

> 	PR c++/93676 - value-init crash in template.

> 	* init.c (build_vec_init): Don't perform value-init in a template.


Hmm, we really shouldn't even be calling build_vec_init in a template, 
that builds up a lot of garbage that we'll throw away at the end of 
build_new.

Jason
Marek Polacek Feb. 19, 2020, 9:15 p.m. | #2
On Fri, Feb 14, 2020 at 12:24:30AM +0100, Jason Merrill wrote:
> On 2/11/20 8:54 PM, Marek Polacek wrote:

> > Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> > attempt to value-initialize in build_vec_init even when there's no

> > initializer but the type has a constexpr default constructor.  But

> > build_value_init doesn't work in templates, so I think let's avoid

> > this scenario; we'll go to the normal build_aggr_init path then.

> > 

> > Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

> > 

> > 	PR c++/93676 - value-init crash in template.

> > 	* init.c (build_vec_init): Don't perform value-init in a template.

> 

> Hmm, we really shouldn't even be calling build_vec_init in a template, that

> builds up a lot of garbage that we'll throw away at the end of build_new.


Ah, it's true that build_new will just creates a NEW_EXPR in a template and
doesn't use the result of build_new_1.  Unfortunately I can't just call
build_special_member_call like we do in build_new_1 since that crashes for
array types.  Maybe just return NULL_TREE then?  I was afraid we would miss
diagnostics but it seems to work.

Bootstrapped/regtested on x86_64-linux, ok for trunk?

-- >8 --
Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we
attempt to value-initialize in build_vec_init even when there's no
initializer but the type has a constexpr default constructor.  But
build_value_init doesn't work in templates, and build_vec_init
creates a lot of garbage that would not be used anyway, so don't
call it in a template.

	PR c++/93676 - value-init crash in template.
	* init.c (build_new_1): Don't call build_vec_init in a template.

	* g++.dg/cpp0x/nsdmi-template19.C: New test.
---
 gcc/cp/init.c                                 |  6 ++++++
 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++
 2 files changed, 19 insertions(+)
 create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

diff --git a/gcc/cp/init.c b/gcc/cp/init.c
index d480660445e..332a9b04679 100644
--- a/gcc/cp/init.c
+++ b/gcc/cp/init.c
@@ -3554,6 +3554,12 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,
                 error ("parenthesized initializer in array new");
 	      return error_mark_node;
             }
+	  /* We shouldn't call build_vec_init in a template: it could call
+	     build_value_init which doesn't work in templates, and it would
+	     create a lot of garbage that would not be used anyway, so return
+	     a null tree and let build_new create a NEW_EXPR instead.  */
+	  if (processing_template_decl)
+	    return NULL_TREE;
 	  init_expr
 	    = build_vec_init (data_addr,
 			      cp_build_binary_op (input_location,
diff --git a/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C
new file mode 100644
index 00000000000..f3e2cb87fd6
--- /dev/null
+++ b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C
@@ -0,0 +1,13 @@
+// PR c++/93676 - value-init crash in template.
+// { dg-do compile { target c++11 } }
+
+struct P {
+  int x = 0;
+};
+
+template<class T>
+struct S {
+  S() { new P[2][2]; }
+};
+
+S<int> s;

base-commit: 58f2e59ad36ca05444cb0a57ad1f13cc58e52755
-- 
Marek Polacek • Red Hat, Inc. • 300 A St, Boston, MA
Jason Merrill Feb. 20, 2020, 12:13 a.m. | #3
On 2/19/20 10:15 PM, Marek Polacek wrote:
> On Fri, Feb 14, 2020 at 12:24:30AM +0100, Jason Merrill wrote:

>> On 2/11/20 8:54 PM, Marek Polacek wrote:

>>> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

>>> attempt to value-initialize in build_vec_init even when there's no

>>> initializer but the type has a constexpr default constructor.  But

>>> build_value_init doesn't work in templates, so I think let's avoid

>>> this scenario; we'll go to the normal build_aggr_init path then.

>>>

>>> Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

>>>

>>> 	PR c++/93676 - value-init crash in template.

>>> 	* init.c (build_vec_init): Don't perform value-init in a template.

>>

>> Hmm, we really shouldn't even be calling build_vec_init in a template, that

>> builds up a lot of garbage that we'll throw away at the end of build_new.

> 

> Ah, it's true that build_new will just creates a NEW_EXPR in a template and

> doesn't use the result of build_new_1.  Unfortunately I can't just call

> build_special_member_call like we do in build_new_1 since that crashes for

> array types.


We should call it for strip_array_types (type).

Jason
Marek Polacek Feb. 20, 2020, 4:52 p.m. | #4
On Thu, Feb 20, 2020 at 12:13:07AM +0000, Jason Merrill wrote:
> On 2/19/20 10:15 PM, Marek Polacek wrote:

> > On Fri, Feb 14, 2020 at 12:24:30AM +0100, Jason Merrill wrote:

> > > On 2/11/20 8:54 PM, Marek Polacek wrote:

> > > > Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> > > > attempt to value-initialize in build_vec_init even when there's no

> > > > initializer but the type has a constexpr default constructor.  But

> > > > build_value_init doesn't work in templates, so I think let's avoid

> > > > this scenario; we'll go to the normal build_aggr_init path then.

> > > > 

> > > > Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

> > > > 

> > > > 	PR c++/93676 - value-init crash in template.

> > > > 	* init.c (build_vec_init): Don't perform value-init in a template.

> > > 

> > > Hmm, we really shouldn't even be calling build_vec_init in a template, that

> > > builds up a lot of garbage that we'll throw away at the end of build_new.

> > 

> > Ah, it's true that build_new will just creates a NEW_EXPR in a template and

> > doesn't use the result of build_new_1.  Unfortunately I can't just call

> > build_special_member_call like we do in build_new_1 since that crashes for

> > array types.

> 

> We should call it for strip_array_types (type).


Since build_special_member_call takes an expression we'd have to modify
its type which I think is not pretty, but it works.  Is this along the
lines you had in mind?

I think I still like the v1 patch best but if you're fine with the
following, then am I.

-- >8 --
Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we
attempt to value-initialize in build_vec_init even when there's no
initializer but the type has a constexpr default constructor.  But
build_value_init doesn't work in templates, and build_vec_init
creates a lot of garbage that would not be used anyway, so don't
call it in a template.

	PR c++/93676 - value-init crash in template.
	* init.c (build_new_1): Don't call build_vec_init in a template.

	* g++.dg/cpp0x/nsdmi-template19.C: New test.
---
 gcc/cp/init.c                                 |  6 +++++-
 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

diff --git a/gcc/cp/init.c b/gcc/cp/init.c
index d480660445e..c60f332313a 100644
--- a/gcc/cp/init.c
+++ b/gcc/cp/init.c
@@ -3511,13 +3511,17 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,
 	  explicit_value_init_p = true;
 	}
 
-      if (processing_template_decl && explicit_value_init_p)
+      if (processing_template_decl)
 	{
 	  /* build_value_init doesn't work in templates, and we don't need
 	     the initializer anyway since we're going to throw it away and
 	     rebuild it at instantiation time, so just build up a single
 	     constructor call to get any appropriate diagnostics.  */
 	  init_expr = cp_build_fold_indirect_ref (data_addr);
+	  /* Avoid an ICE when converting to a base in build_simple_base_path.
+	     We'll throw this all away anyway, and build_new will create
+	     a NEW_EXPR.  */
+	  TREE_TYPE (init_expr) = strip_array_types (TREE_TYPE (init_expr));
 	  if (type_build_ctor_call (elt_type))
 	    init_expr = build_special_member_call (init_expr,
 						   complete_ctor_identifier,
diff --git a/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C
new file mode 100644
index 00000000000..f3e2cb87fd6
--- /dev/null
+++ b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C
@@ -0,0 +1,13 @@
+// PR c++/93676 - value-init crash in template.
+// { dg-do compile { target c++11 } }
+
+struct P {
+  int x = 0;
+};
+
+template<class T>
+struct S {
+  S() { new P[2][2]; }
+};
+
+S<int> s;

base-commit: 4be779f59b04947324889b7e1488fb9a68c81d53
-- 
Marek Polacek • Red Hat, Inc. • 300 A St, Boston, MA
Jason Merrill Feb. 24, 2020, 10:15 p.m. | #5
On 2/20/20 11:52 AM, Marek Polacek wrote:
> On Thu, Feb 20, 2020 at 12:13:07AM +0000, Jason Merrill wrote:

>> On 2/19/20 10:15 PM, Marek Polacek wrote:

>>> On Fri, Feb 14, 2020 at 12:24:30AM +0100, Jason Merrill wrote:

>>>> On 2/11/20 8:54 PM, Marek Polacek wrote:

>>>>> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

>>>>> attempt to value-initialize in build_vec_init even when there's no

>>>>> initializer but the type has a constexpr default constructor.  But

>>>>> build_value_init doesn't work in templates, so I think let's avoid

>>>>> this scenario; we'll go to the normal build_aggr_init path then.

>>>>>

>>>>> Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

>>>>>

>>>>> 	PR c++/93676 - value-init crash in template.

>>>>> 	* init.c (build_vec_init): Don't perform value-init in a template.

>>>>

>>>> Hmm, we really shouldn't even be calling build_vec_init in a template, that

>>>> builds up a lot of garbage that we'll throw away at the end of build_new.

>>>

>>> Ah, it's true that build_new will just creates a NEW_EXPR in a template and

>>> doesn't use the result of build_new_1.  Unfortunately I can't just call

>>> build_special_member_call like we do in build_new_1 since that crashes for

>>> array types.

>>

>> We should call it for strip_array_types (type).

> 

> Since build_special_member_call takes an expression we'd have to modify

> its type which I think is not pretty, but it works.  Is this along the

> lines you had in mind?




> I think I still like the v1 patch best but if you're fine with the

> following, then am I.

> 

> -- >8 --

> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> attempt to value-initialize in build_vec_init even when there's no

> initializer but the type has a constexpr default constructor.  But

> build_value_init doesn't work in templates, and build_vec_init

> creates a lot of garbage that would not be used anyway, so don't

> call it in a template.

> 

> 	PR c++/93676 - value-init crash in template.

> 	* init.c (build_new_1): Don't call build_vec_init in a template.

> 

> 	* g++.dg/cpp0x/nsdmi-template19.C: New test.

> ---

>   gcc/cp/init.c                                 |  6 +++++-

>   gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++

>   2 files changed, 18 insertions(+), 1 deletion(-)

>   create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> 

> diff --git a/gcc/cp/init.c b/gcc/cp/init.c

> index d480660445e..c60f332313a 100644

> --- a/gcc/cp/init.c

> +++ b/gcc/cp/init.c

> @@ -3511,13 +3511,17 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,

>   	  explicit_value_init_p = true;

>   	}

>   

> -      if (processing_template_decl && explicit_value_init_p)

> +      if (processing_template_decl)

>   	{

>   	  /* build_value_init doesn't work in templates, and we don't need

>   	     the initializer anyway since we're going to throw it away and

>   	     rebuild it at instantiation time, so just build up a single

>   	     constructor call to get any appropriate diagnostics.  */

>   	  init_expr = cp_build_fold_indirect_ref (data_addr);

> +	  /* Avoid an ICE when converting to a base in build_simple_base_path.

> +	     We'll throw this all away anyway, and build_new will create

> +	     a NEW_EXPR.  */

> +	  TREE_TYPE (init_expr) = strip_array_types (TREE_TYPE (init_expr));


instead of this, how about casting data_addr to elt_type* before 
cp_build_fold_indirect_ref?

Jason
Marek Polacek Feb. 25, 2020, 5:52 p.m. | #6
On Mon, Feb 24, 2020 at 05:15:45PM -0500, Jason Merrill wrote:
> On 2/20/20 11:52 AM, Marek Polacek wrote:

> > On Thu, Feb 20, 2020 at 12:13:07AM +0000, Jason Merrill wrote:

> > > On 2/19/20 10:15 PM, Marek Polacek wrote:

> > > > On Fri, Feb 14, 2020 at 12:24:30AM +0100, Jason Merrill wrote:

> > > > > On 2/11/20 8:54 PM, Marek Polacek wrote:

> > > > > > Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> > > > > > attempt to value-initialize in build_vec_init even when there's no

> > > > > > initializer but the type has a constexpr default constructor.  But

> > > > > > build_value_init doesn't work in templates, so I think let's avoid

> > > > > > this scenario; we'll go to the normal build_aggr_init path then.

> > > > > > 

> > > > > > Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

> > > > > > 

> > > > > > 	PR c++/93676 - value-init crash in template.

> > > > > > 	* init.c (build_vec_init): Don't perform value-init in a template.

> > > > > 

> > > > > Hmm, we really shouldn't even be calling build_vec_init in a template, that

> > > > > builds up a lot of garbage that we'll throw away at the end of build_new.

> > > > 

> > > > Ah, it's true that build_new will just creates a NEW_EXPR in a template and

> > > > doesn't use the result of build_new_1.  Unfortunately I can't just call

> > > > build_special_member_call like we do in build_new_1 since that crashes for

> > > > array types.

> > > 

> > > We should call it for strip_array_types (type).

> > 

> > Since build_special_member_call takes an expression we'd have to modify

> > its type which I think is not pretty, but it works.  Is this along the

> > lines you had in mind?

> 

> 

> 

> > I think I still like the v1 patch best but if you're fine with the

> > following, then am I.

> > 

> > -- >8 --

> > Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> > attempt to value-initialize in build_vec_init even when there's no

> > initializer but the type has a constexpr default constructor.  But

> > build_value_init doesn't work in templates, and build_vec_init

> > creates a lot of garbage that would not be used anyway, so don't

> > call it in a template.

> > 

> > 	PR c++/93676 - value-init crash in template.

> > 	* init.c (build_new_1): Don't call build_vec_init in a template.

> > 

> > 	* g++.dg/cpp0x/nsdmi-template19.C: New test.

> > ---

> >   gcc/cp/init.c                                 |  6 +++++-

> >   gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++

> >   2 files changed, 18 insertions(+), 1 deletion(-)

> >   create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> > 

> > diff --git a/gcc/cp/init.c b/gcc/cp/init.c

> > index d480660445e..c60f332313a 100644

> > --- a/gcc/cp/init.c

> > +++ b/gcc/cp/init.c

> > @@ -3511,13 +3511,17 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,

> >   	  explicit_value_init_p = true;

> >   	}

> > -      if (processing_template_decl && explicit_value_init_p)

> > +      if (processing_template_decl)

> >   	{

> >   	  /* build_value_init doesn't work in templates, and we don't need

> >   	     the initializer anyway since we're going to throw it away and

> >   	     rebuild it at instantiation time, so just build up a single

> >   	     constructor call to get any appropriate diagnostics.  */

> >   	  init_expr = cp_build_fold_indirect_ref (data_addr);

> > +	  /* Avoid an ICE when converting to a base in build_simple_base_path.

> > +	     We'll throw this all away anyway, and build_new will create

> > +	     a NEW_EXPR.  */

> > +	  TREE_TYPE (init_expr) = strip_array_types (TREE_TYPE (init_expr));

> 

> instead of this, how about casting data_addr to elt_type* before

> cp_build_fold_indirect_ref?


That seems to work, thanks!

Bootstrapped/regtested on x86_64-linux, ok for trunk?

-- >8 --
Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we
attempt to value-initialize in build_vec_init even when there's no
initializer but the type has a constexpr default constructor.  But
build_value_init doesn't work in templates, and build_vec_init
creates a lot of garbage that would not be used anyway, so don't
call it in a template.

	PR c++/93676 - value-init crash in template.
	* init.c (build_new_1): Don't call build_vec_init in a template.

	* g++.dg/cpp0x/nsdmi-template19.C: New test.
---
 gcc/cp/init.c                                 |  6 +++++-
 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

diff --git a/gcc/cp/init.c b/gcc/cp/init.c
index d480660445e..31a130422af 100644
--- a/gcc/cp/init.c
+++ b/gcc/cp/init.c
@@ -3511,8 +3511,12 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,
 	  explicit_value_init_p = true;
 	}
 
-      if (processing_template_decl && explicit_value_init_p)
+      if (processing_template_decl)
 	{
+	  /* Avoid an ICE when converting to a base in build_simple_base_path.
+	     We'll throw this all away anyway, and build_new will create
+	     a NEW_EXPR.  */
+	  data_addr = build_nop (build_pointer_type (elt_type), data_addr);
 	  /* build_value_init doesn't work in templates, and we don't need
 	     the initializer anyway since we're going to throw it away and
 	     rebuild it at instantiation time, so just build up a single
diff --git a/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C
new file mode 100644
index 00000000000..f3e2cb87fd6
--- /dev/null
+++ b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C
@@ -0,0 +1,13 @@
+// PR c++/93676 - value-init crash in template.
+// { dg-do compile { target c++11 } }
+
+struct P {
+  int x = 0;
+};
+
+template<class T>
+struct S {
+  S() { new P[2][2]; }
+};
+
+S<int> s;

base-commit: a71f2193d0df71a86c4743aab22891bb0003112e
-- 
Marek Polacek • Red Hat, Inc. • 300 A St, Boston, MA
Jason Merrill Feb. 25, 2020, 6:27 p.m. | #7
On 2/25/20 12:52 PM, Marek Polacek wrote:
> On Mon, Feb 24, 2020 at 05:15:45PM -0500, Jason Merrill wrote:

>> On 2/20/20 11:52 AM, Marek Polacek wrote:

>>> On Thu, Feb 20, 2020 at 12:13:07AM +0000, Jason Merrill wrote:

>>>> On 2/19/20 10:15 PM, Marek Polacek wrote:

>>>>> On Fri, Feb 14, 2020 at 12:24:30AM +0100, Jason Merrill wrote:

>>>>>> On 2/11/20 8:54 PM, Marek Polacek wrote:

>>>>>>> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

>>>>>>> attempt to value-initialize in build_vec_init even when there's no

>>>>>>> initializer but the type has a constexpr default constructor.  But

>>>>>>> build_value_init doesn't work in templates, so I think let's avoid

>>>>>>> this scenario; we'll go to the normal build_aggr_init path then.

>>>>>>>

>>>>>>> Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

>>>>>>>

>>>>>>> 	PR c++/93676 - value-init crash in template.

>>>>>>> 	* init.c (build_vec_init): Don't perform value-init in a template.

>>>>>>

>>>>>> Hmm, we really shouldn't even be calling build_vec_init in a template, that

>>>>>> builds up a lot of garbage that we'll throw away at the end of build_new.

>>>>>

>>>>> Ah, it's true that build_new will just creates a NEW_EXPR in a template and

>>>>> doesn't use the result of build_new_1.  Unfortunately I can't just call

>>>>> build_special_member_call like we do in build_new_1 since that crashes for

>>>>> array types.

>>>>

>>>> We should call it for strip_array_types (type).

>>>

>>> Since build_special_member_call takes an expression we'd have to modify

>>> its type which I think is not pretty, but it works.  Is this along the

>>> lines you had in mind?

>>

>>

>>

>>> I think I still like the v1 patch best but if you're fine with the

>>> following, then am I.

>>>

>>> -- >8 --

>>> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

>>> attempt to value-initialize in build_vec_init even when there's no

>>> initializer but the type has a constexpr default constructor.  But

>>> build_value_init doesn't work in templates, and build_vec_init

>>> creates a lot of garbage that would not be used anyway, so don't

>>> call it in a template.

>>>

>>> 	PR c++/93676 - value-init crash in template.

>>> 	* init.c (build_new_1): Don't call build_vec_init in a template.

>>>

>>> 	* g++.dg/cpp0x/nsdmi-template19.C: New test.

>>> ---

>>>    gcc/cp/init.c                                 |  6 +++++-

>>>    gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++

>>>    2 files changed, 18 insertions(+), 1 deletion(-)

>>>    create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

>>>

>>> diff --git a/gcc/cp/init.c b/gcc/cp/init.c

>>> index d480660445e..c60f332313a 100644

>>> --- a/gcc/cp/init.c

>>> +++ b/gcc/cp/init.c

>>> @@ -3511,13 +3511,17 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,

>>>    	  explicit_value_init_p = true;

>>>    	}

>>> -      if (processing_template_decl && explicit_value_init_p)

>>> +      if (processing_template_decl)

>>>    	{

>>>    	  /* build_value_init doesn't work in templates, and we don't need

>>>    	     the initializer anyway since we're going to throw it away and

>>>    	     rebuild it at instantiation time, so just build up a single

>>>    	     constructor call to get any appropriate diagnostics.  */

>>>    	  init_expr = cp_build_fold_indirect_ref (data_addr);

>>> +	  /* Avoid an ICE when converting to a base in build_simple_base_path.

>>> +	     We'll throw this all away anyway, and build_new will create

>>> +	     a NEW_EXPR.  */

>>> +	  TREE_TYPE (init_expr) = strip_array_types (TREE_TYPE (init_expr));

>>

>> instead of this, how about casting data_addr to elt_type* before

>> cp_build_fold_indirect_ref?

> 

> That seems to work, thanks!

> 

> Bootstrapped/regtested on x86_64-linux, ok for trunk?

> 

> -- >8 --

> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> attempt to value-initialize in build_vec_init even when there's no

> initializer but the type has a constexpr default constructor.  But

> build_value_init doesn't work in templates, and build_vec_init

> creates a lot of garbage that would not be used anyway, so don't

> call it in a template.

> 

> 	PR c++/93676 - value-init crash in template.

> 	* init.c (build_new_1): Don't call build_vec_init in a template.

> 

> 	* g++.dg/cpp0x/nsdmi-template19.C: New test.

> ---

>   gcc/cp/init.c                                 |  6 +++++-

>   gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++

>   2 files changed, 18 insertions(+), 1 deletion(-)

>   create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> 

> diff --git a/gcc/cp/init.c b/gcc/cp/init.c

> index d480660445e..31a130422af 100644

> --- a/gcc/cp/init.c

> +++ b/gcc/cp/init.c

> @@ -3511,8 +3511,12 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,

>   	  explicit_value_init_p = true;

>   	}

>   

> -      if (processing_template_decl && explicit_value_init_p)

> +      if (processing_template_decl)

>   	{

> +	  /* Avoid an ICE when converting to a base in build_simple_base_path.

> +	     We'll throw this all away anyway, and build_new will create

> +	     a NEW_EXPR.  */

> +	  data_addr = build_nop (build_pointer_type (elt_type), data_addr);


Let's use a new local variable instead of changing data_addr, which 
following code expects to still have its old type.

And as a minor tweak, data_addr might already have the right type, so 
let's use fold_convert like other places in the function.

>   	  /* build_value_init doesn't work in templates, and we don't need

>   	     the initializer anyway since we're going to throw it away and

>   	     rebuild it at instantiation time, so just build up a single

> diff --git a/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> new file mode 100644

> index 00000000000..f3e2cb87fd6

> --- /dev/null

> +++ b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> @@ -0,0 +1,13 @@

> +// PR c++/93676 - value-init crash in template.

> +// { dg-do compile { target c++11 } }

> +

> +struct P {

> +  int x = 0;

> +};

> +

> +template<class T>

> +struct S {

> +  S() { new P[2][2]; }

> +};

> +

> +S<int> s;

> 

> base-commit: a71f2193d0df71a86c4743aab22891bb0003112e

>
Marek Polacek Feb. 25, 2020, 6:55 p.m. | #8
On Tue, Feb 25, 2020 at 01:27:12PM -0500, Jason Merrill wrote:
> On 2/25/20 12:52 PM, Marek Polacek wrote:

> > On Mon, Feb 24, 2020 at 05:15:45PM -0500, Jason Merrill wrote:

> > > On 2/20/20 11:52 AM, Marek Polacek wrote:

> > > > On Thu, Feb 20, 2020 at 12:13:07AM +0000, Jason Merrill wrote:

> > > > > On 2/19/20 10:15 PM, Marek Polacek wrote:

> > > > > > On Fri, Feb 14, 2020 at 12:24:30AM +0100, Jason Merrill wrote:

> > > > > > > On 2/11/20 8:54 PM, Marek Polacek wrote:

> > > > > > > > Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> > > > > > > > attempt to value-initialize in build_vec_init even when there's no

> > > > > > > > initializer but the type has a constexpr default constructor.  But

> > > > > > > > build_value_init doesn't work in templates, so I think let's avoid

> > > > > > > > this scenario; we'll go to the normal build_aggr_init path then.

> > > > > > > > 

> > > > > > > > Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

> > > > > > > > 

> > > > > > > > 	PR c++/93676 - value-init crash in template.

> > > > > > > > 	* init.c (build_vec_init): Don't perform value-init in a template.

> > > > > > > 

> > > > > > > Hmm, we really shouldn't even be calling build_vec_init in a template, that

> > > > > > > builds up a lot of garbage that we'll throw away at the end of build_new.

> > > > > > 

> > > > > > Ah, it's true that build_new will just creates a NEW_EXPR in a template and

> > > > > > doesn't use the result of build_new_1.  Unfortunately I can't just call

> > > > > > build_special_member_call like we do in build_new_1 since that crashes for

> > > > > > array types.

> > > > > 

> > > > > We should call it for strip_array_types (type).

> > > > 

> > > > Since build_special_member_call takes an expression we'd have to modify

> > > > its type which I think is not pretty, but it works.  Is this along the

> > > > lines you had in mind?

> > > 

> > > 

> > > 

> > > > I think I still like the v1 patch best but if you're fine with the

> > > > following, then am I.

> > > > 

> > > > -- >8 --

> > > > Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> > > > attempt to value-initialize in build_vec_init even when there's no

> > > > initializer but the type has a constexpr default constructor.  But

> > > > build_value_init doesn't work in templates, and build_vec_init

> > > > creates a lot of garbage that would not be used anyway, so don't

> > > > call it in a template.

> > > > 

> > > > 	PR c++/93676 - value-init crash in template.

> > > > 	* init.c (build_new_1): Don't call build_vec_init in a template.

> > > > 

> > > > 	* g++.dg/cpp0x/nsdmi-template19.C: New test.

> > > > ---

> > > >    gcc/cp/init.c                                 |  6 +++++-

> > > >    gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++

> > > >    2 files changed, 18 insertions(+), 1 deletion(-)

> > > >    create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> > > > 

> > > > diff --git a/gcc/cp/init.c b/gcc/cp/init.c

> > > > index d480660445e..c60f332313a 100644

> > > > --- a/gcc/cp/init.c

> > > > +++ b/gcc/cp/init.c

> > > > @@ -3511,13 +3511,17 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,

> > > >    	  explicit_value_init_p = true;

> > > >    	}

> > > > -      if (processing_template_decl && explicit_value_init_p)

> > > > +      if (processing_template_decl)

> > > >    	{

> > > >    	  /* build_value_init doesn't work in templates, and we don't need

> > > >    	     the initializer anyway since we're going to throw it away and

> > > >    	     rebuild it at instantiation time, so just build up a single

> > > >    	     constructor call to get any appropriate diagnostics.  */

> > > >    	  init_expr = cp_build_fold_indirect_ref (data_addr);

> > > > +	  /* Avoid an ICE when converting to a base in build_simple_base_path.

> > > > +	     We'll throw this all away anyway, and build_new will create

> > > > +	     a NEW_EXPR.  */

> > > > +	  TREE_TYPE (init_expr) = strip_array_types (TREE_TYPE (init_expr));

> > > 

> > > instead of this, how about casting data_addr to elt_type* before

> > > cp_build_fold_indirect_ref?


Gotcha.  I'm testing the following, OK for 8/9/10 if it passes?

-- >8 --
Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we
attempt to value-initialize in build_vec_init even when there's no
initializer but the type has a constexpr default constructor.  But
build_value_init doesn't work in templates, and build_vec_init
creates a lot of garbage that would not be used anyway, so don't
call it in a template.

	PR c++/93676 - value-init crash in template.
	* init.c (build_new_1): Don't call build_vec_init in a template.

	* g++.dg/cpp0x/nsdmi-template19.C: New test.
---
 gcc/cp/init.c                                 |  8 ++++++--
 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++
 2 files changed, 19 insertions(+), 2 deletions(-)
 create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

diff --git a/gcc/cp/init.c b/gcc/cp/init.c
index d480660445e..61ed3aa7e93 100644
--- a/gcc/cp/init.c
+++ b/gcc/cp/init.c
@@ -3511,13 +3511,17 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,
 	  explicit_value_init_p = true;
 	}
 
-      if (processing_template_decl && explicit_value_init_p)
+      if (processing_template_decl)
 	{
+	  /* Avoid an ICE when converting to a base in build_simple_base_path.
+	     We'll throw this all away anyway, and build_new will create
+	     a NEW_EXPR.  */
+	  tree t = fold_convert (build_pointer_type (elt_type), data_addr);
 	  /* build_value_init doesn't work in templates, and we don't need
 	     the initializer anyway since we're going to throw it away and
 	     rebuild it at instantiation time, so just build up a single
 	     constructor call to get any appropriate diagnostics.  */
-	  init_expr = cp_build_fold_indirect_ref (data_addr);
+	  init_expr = cp_build_fold_indirect_ref (t);
 	  if (type_build_ctor_call (elt_type))
 	    init_expr = build_special_member_call (init_expr,
 						   complete_ctor_identifier,
diff --git a/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C
new file mode 100644
index 00000000000..f3e2cb87fd6
--- /dev/null
+++ b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C
@@ -0,0 +1,13 @@
+// PR c++/93676 - value-init crash in template.
+// { dg-do compile { target c++11 } }
+
+struct P {
+  int x = 0;
+};
+
+template<class T>
+struct S {
+  S() { new P[2][2]; }
+};
+
+S<int> s;

base-commit: a71f2193d0df71a86c4743aab22891bb0003112e
-- 
Marek Polacek • Red Hat, Inc. • 300 A St, Boston, MA
Marek Polacek Feb. 25, 2020, 7:34 p.m. | #9
On Tue, Feb 25, 2020 at 01:55:24PM -0500, Marek Polacek wrote:
> On Tue, Feb 25, 2020 at 01:27:12PM -0500, Jason Merrill wrote:

> > On 2/25/20 12:52 PM, Marek Polacek wrote:

> > > On Mon, Feb 24, 2020 at 05:15:45PM -0500, Jason Merrill wrote:

> > > > On 2/20/20 11:52 AM, Marek Polacek wrote:

> > > > > On Thu, Feb 20, 2020 at 12:13:07AM +0000, Jason Merrill wrote:

> > > > > > On 2/19/20 10:15 PM, Marek Polacek wrote:

> > > > > > > On Fri, Feb 14, 2020 at 12:24:30AM +0100, Jason Merrill wrote:

> > > > > > > > On 2/11/20 8:54 PM, Marek Polacek wrote:

> > > > > > > > > Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> > > > > > > > > attempt to value-initialize in build_vec_init even when there's no

> > > > > > > > > initializer but the type has a constexpr default constructor.  But

> > > > > > > > > build_value_init doesn't work in templates, so I think let's avoid

> > > > > > > > > this scenario; we'll go to the normal build_aggr_init path then.

> > > > > > > > > 

> > > > > > > > > Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

> > > > > > > > > 

> > > > > > > > > 	PR c++/93676 - value-init crash in template.

> > > > > > > > > 	* init.c (build_vec_init): Don't perform value-init in a template.

> > > > > > > > 

> > > > > > > > Hmm, we really shouldn't even be calling build_vec_init in a template, that

> > > > > > > > builds up a lot of garbage that we'll throw away at the end of build_new.

> > > > > > > 

> > > > > > > Ah, it's true that build_new will just creates a NEW_EXPR in a template and

> > > > > > > doesn't use the result of build_new_1.  Unfortunately I can't just call

> > > > > > > build_special_member_call like we do in build_new_1 since that crashes for

> > > > > > > array types.

> > > > > > 

> > > > > > We should call it for strip_array_types (type).

> > > > > 

> > > > > Since build_special_member_call takes an expression we'd have to modify

> > > > > its type which I think is not pretty, but it works.  Is this along the

> > > > > lines you had in mind?

> > > > 

> > > > 

> > > > 

> > > > > I think I still like the v1 patch best but if you're fine with the

> > > > > following, then am I.

> > > > > 

> > > > > -- >8 --

> > > > > Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> > > > > attempt to value-initialize in build_vec_init even when there's no

> > > > > initializer but the type has a constexpr default constructor.  But

> > > > > build_value_init doesn't work in templates, and build_vec_init

> > > > > creates a lot of garbage that would not be used anyway, so don't

> > > > > call it in a template.

> > > > > 

> > > > > 	PR c++/93676 - value-init crash in template.

> > > > > 	* init.c (build_new_1): Don't call build_vec_init in a template.

> > > > > 

> > > > > 	* g++.dg/cpp0x/nsdmi-template19.C: New test.

> > > > > ---

> > > > >    gcc/cp/init.c                                 |  6 +++++-

> > > > >    gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++

> > > > >    2 files changed, 18 insertions(+), 1 deletion(-)

> > > > >    create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> > > > > 

> > > > > diff --git a/gcc/cp/init.c b/gcc/cp/init.c

> > > > > index d480660445e..c60f332313a 100644

> > > > > --- a/gcc/cp/init.c

> > > > > +++ b/gcc/cp/init.c

> > > > > @@ -3511,13 +3511,17 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,

> > > > >    	  explicit_value_init_p = true;

> > > > >    	}

> > > > > -      if (processing_template_decl && explicit_value_init_p)

> > > > > +      if (processing_template_decl)

> > > > >    	{

> > > > >    	  /* build_value_init doesn't work in templates, and we don't need

> > > > >    	     the initializer anyway since we're going to throw it away and

> > > > >    	     rebuild it at instantiation time, so just build up a single

> > > > >    	     constructor call to get any appropriate diagnostics.  */

> > > > >    	  init_expr = cp_build_fold_indirect_ref (data_addr);

> > > > > +	  /* Avoid an ICE when converting to a base in build_simple_base_path.

> > > > > +	     We'll throw this all away anyway, and build_new will create

> > > > > +	     a NEW_EXPR.  */

> > > > > +	  TREE_TYPE (init_expr) = strip_array_types (TREE_TYPE (init_expr));

> > > > 

> > > > instead of this, how about casting data_addr to elt_type* before

> > > > cp_build_fold_indirect_ref?

> 

> Gotcha.  I'm testing the following, OK for 8/9/10 if it passes?


Which it did.

> -- >8 --

> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> attempt to value-initialize in build_vec_init even when there's no

> initializer but the type has a constexpr default constructor.  But

> build_value_init doesn't work in templates, and build_vec_init

> creates a lot of garbage that would not be used anyway, so don't

> call it in a template.

> 

> 	PR c++/93676 - value-init crash in template.

> 	* init.c (build_new_1): Don't call build_vec_init in a template.

> 

> 	* g++.dg/cpp0x/nsdmi-template19.C: New test.

> ---

>  gcc/cp/init.c                                 |  8 ++++++--

>  gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++

>  2 files changed, 19 insertions(+), 2 deletions(-)

>  create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> 

> diff --git a/gcc/cp/init.c b/gcc/cp/init.c

> index d480660445e..61ed3aa7e93 100644

> --- a/gcc/cp/init.c

> +++ b/gcc/cp/init.c

> @@ -3511,13 +3511,17 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,

>  	  explicit_value_init_p = true;

>  	}

>  

> -      if (processing_template_decl && explicit_value_init_p)

> +      if (processing_template_decl)

>  	{

> +	  /* Avoid an ICE when converting to a base in build_simple_base_path.

> +	     We'll throw this all away anyway, and build_new will create

> +	     a NEW_EXPR.  */

> +	  tree t = fold_convert (build_pointer_type (elt_type), data_addr);

>  	  /* build_value_init doesn't work in templates, and we don't need

>  	     the initializer anyway since we're going to throw it away and

>  	     rebuild it at instantiation time, so just build up a single

>  	     constructor call to get any appropriate diagnostics.  */

> -	  init_expr = cp_build_fold_indirect_ref (data_addr);

> +	  init_expr = cp_build_fold_indirect_ref (t);

>  	  if (type_build_ctor_call (elt_type))

>  	    init_expr = build_special_member_call (init_expr,

>  						   complete_ctor_identifier,

> diff --git a/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> new file mode 100644

> index 00000000000..f3e2cb87fd6

> --- /dev/null

> +++ b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> @@ -0,0 +1,13 @@

> +// PR c++/93676 - value-init crash in template.

> +// { dg-do compile { target c++11 } }

> +

> +struct P {

> +  int x = 0;

> +};

> +

> +template<class T>

> +struct S {

> +  S() { new P[2][2]; }

> +};

> +

> +S<int> s;

> 

> base-commit: a71f2193d0df71a86c4743aab22891bb0003112e

> -- 

> Marek Polacek • Red Hat, Inc. • 300 A St, Boston, MA

> 


Marek
Jason Merrill Feb. 26, 2020, 4:26 a.m. | #10
On 2/25/20 1:55 PM, Marek Polacek wrote:
> On Tue, Feb 25, 2020 at 01:27:12PM -0500, Jason Merrill wrote:

>> On 2/25/20 12:52 PM, Marek Polacek wrote:

>>> On Mon, Feb 24, 2020 at 05:15:45PM -0500, Jason Merrill wrote:

>>>> On 2/20/20 11:52 AM, Marek Polacek wrote:

>>>>> On Thu, Feb 20, 2020 at 12:13:07AM +0000, Jason Merrill wrote:

>>>>>> On 2/19/20 10:15 PM, Marek Polacek wrote:

>>>>>>> On Fri, Feb 14, 2020 at 12:24:30AM +0100, Jason Merrill wrote:

>>>>>>>> On 2/11/20 8:54 PM, Marek Polacek wrote:

>>>>>>>>> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

>>>>>>>>> attempt to value-initialize in build_vec_init even when there's no

>>>>>>>>> initializer but the type has a constexpr default constructor.  But

>>>>>>>>> build_value_init doesn't work in templates, so I think let's avoid

>>>>>>>>> this scenario; we'll go to the normal build_aggr_init path then.

>>>>>>>>>

>>>>>>>>> Bootstrapped/regtested on x86_64-linux, ok for trunk and branches?

>>>>>>>>>

>>>>>>>>> 	PR c++/93676 - value-init crash in template.

>>>>>>>>> 	* init.c (build_vec_init): Don't perform value-init in a template.

>>>>>>>>

>>>>>>>> Hmm, we really shouldn't even be calling build_vec_init in a template, that

>>>>>>>> builds up a lot of garbage that we'll throw away at the end of build_new.

>>>>>>>

>>>>>>> Ah, it's true that build_new will just creates a NEW_EXPR in a template and

>>>>>>> doesn't use the result of build_new_1.  Unfortunately I can't just call

>>>>>>> build_special_member_call like we do in build_new_1 since that crashes for

>>>>>>> array types.

>>>>>>

>>>>>> We should call it for strip_array_types (type).

>>>>>

>>>>> Since build_special_member_call takes an expression we'd have to modify

>>>>> its type which I think is not pretty, but it works.  Is this along the

>>>>> lines you had in mind?

>>>>

>>>>

>>>>

>>>>> I think I still like the v1 patch best but if you're fine with the

>>>>> following, then am I.

>>>>>

>>>>> -- >8 --

>>>>> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

>>>>> attempt to value-initialize in build_vec_init even when there's no

>>>>> initializer but the type has a constexpr default constructor.  But

>>>>> build_value_init doesn't work in templates, and build_vec_init

>>>>> creates a lot of garbage that would not be used anyway, so don't

>>>>> call it in a template.

>>>>>

>>>>> 	PR c++/93676 - value-init crash in template.

>>>>> 	* init.c (build_new_1): Don't call build_vec_init in a template.

>>>>>

>>>>> 	* g++.dg/cpp0x/nsdmi-template19.C: New test.

>>>>> ---

>>>>>     gcc/cp/init.c                                 |  6 +++++-

>>>>>     gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++

>>>>>     2 files changed, 18 insertions(+), 1 deletion(-)

>>>>>     create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

>>>>>

>>>>> diff --git a/gcc/cp/init.c b/gcc/cp/init.c

>>>>> index d480660445e..c60f332313a 100644

>>>>> --- a/gcc/cp/init.c

>>>>> +++ b/gcc/cp/init.c

>>>>> @@ -3511,13 +3511,17 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,

>>>>>     	  explicit_value_init_p = true;

>>>>>     	}

>>>>> -      if (processing_template_decl && explicit_value_init_p)

>>>>> +      if (processing_template_decl)

>>>>>     	{

>>>>>     	  /* build_value_init doesn't work in templates, and we don't need

>>>>>     	     the initializer anyway since we're going to throw it away and

>>>>>     	     rebuild it at instantiation time, so just build up a single

>>>>>     	     constructor call to get any appropriate diagnostics.  */

>>>>>     	  init_expr = cp_build_fold_indirect_ref (data_addr);

>>>>> +	  /* Avoid an ICE when converting to a base in build_simple_base_path.

>>>>> +	     We'll throw this all away anyway, and build_new will create

>>>>> +	     a NEW_EXPR.  */

>>>>> +	  TREE_TYPE (init_expr) = strip_array_types (TREE_TYPE (init_expr));

>>>>

>>>> instead of this, how about casting data_addr to elt_type* before

>>>> cp_build_fold_indirect_ref?

> 

> Gotcha.  I'm testing the following, OK for 8/9/10 if it passes?


OK.

> 

> -- >8 --

> Since <https://gcc.gnu.org/ml/gcc-patches/2015-02/msg00556.html> we

> attempt to value-initialize in build_vec_init even when there's no

> initializer but the type has a constexpr default constructor.  But

> build_value_init doesn't work in templates, and build_vec_init

> creates a lot of garbage that would not be used anyway, so don't

> call it in a template.

> 

> 	PR c++/93676 - value-init crash in template.

> 	* init.c (build_new_1): Don't call build_vec_init in a template.

> 

> 	* g++.dg/cpp0x/nsdmi-template19.C: New test.

> ---

>   gcc/cp/init.c                                 |  8 ++++++--

>   gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C | 13 +++++++++++++

>   2 files changed, 19 insertions(+), 2 deletions(-)

>   create mode 100644 gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> 

> diff --git a/gcc/cp/init.c b/gcc/cp/init.c

> index d480660445e..61ed3aa7e93 100644

> --- a/gcc/cp/init.c

> +++ b/gcc/cp/init.c

> @@ -3511,13 +3511,17 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,

>   	  explicit_value_init_p = true;

>   	}

>   

> -      if (processing_template_decl && explicit_value_init_p)

> +      if (processing_template_decl)

>   	{

> +	  /* Avoid an ICE when converting to a base in build_simple_base_path.

> +	     We'll throw this all away anyway, and build_new will create

> +	     a NEW_EXPR.  */

> +	  tree t = fold_convert (build_pointer_type (elt_type), data_addr);

>   	  /* build_value_init doesn't work in templates, and we don't need

>   	     the initializer anyway since we're going to throw it away and

>   	     rebuild it at instantiation time, so just build up a single

>   	     constructor call to get any appropriate diagnostics.  */

> -	  init_expr = cp_build_fold_indirect_ref (data_addr);

> +	  init_expr = cp_build_fold_indirect_ref (t);

>   	  if (type_build_ctor_call (elt_type))

>   	    init_expr = build_special_member_call (init_expr,

>   						   complete_ctor_identifier,

> diff --git a/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> new file mode 100644

> index 00000000000..f3e2cb87fd6

> --- /dev/null

> +++ b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C

> @@ -0,0 +1,13 @@

> +// PR c++/93676 - value-init crash in template.

> +// { dg-do compile { target c++11 } }

> +

> +struct P {

> +  int x = 0;

> +};

> +

> +template<class T>

> +struct S {

> +  S() { new P[2][2]; }

> +};

> +

> +S<int> s;

> 

> base-commit: a71f2193d0df71a86c4743aab22891bb0003112e

>

Patch

diff --git a/gcc/cp/init.c b/gcc/cp/init.c
index d480660445e..c9c0f03c58b 100644
--- a/gcc/cp/init.c
+++ b/gcc/cp/init.c
@@ -4520,7 +4520,7 @@  build_vec_init (tree base, tree maxindex, tree init,
 
      We do need to keep going if we're copying an array.  */
 
-  if (try_const && !init)
+  if (try_const && !init && !processing_template_decl)
     /* With a constexpr default constructor, which we checked for when
        setting try_const above, default-initialization is equivalent to
        value-initialization, and build_value_init gives us something more
diff --git a/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C
new file mode 100644
index 00000000000..f3e2cb87fd6
--- /dev/null
+++ b/gcc/testsuite/g++.dg/cpp0x/nsdmi-template19.C
@@ -0,0 +1,13 @@ 
+// PR c++/93676 - value-init crash in template.
+// { dg-do compile { target c++11 } }
+
+struct P {
+  int x = 0;
+};
+
+template<class T>
+struct S {
+  S() { new P[2][2]; }
+};
+
+S<int> s;