tree-optimization: Fix tree dse of strncpy PR93249

As the testcase shows, tail trimming of strncpy in tree-ssa-dse.c is fine,
we just copy or clear fewer bytes in the destination, but unlike
memcpy/memset etc., head trimming is problematic in certain cases.
If we can prove that there are no zero bytes among initial head_trim bytes,
it is ok to trim it, if we can prove there is at least one zero byte among
initial head_trim bytes, we could (not implemented in the patch) turn
the strncpy into memset 0, but otherwise we need to avoid the head trimming,
because the presence or absence of NUL byte there changes the behavior for
subsequent bytes, whether further bytes from src are copied or if further
bytes are cleared.

2020-01-15  Jakub Jelinek  <jakub@redhat.com>

	PR tree-optimization/93249
	* tree-ssa-dse.c: Include builtins.h and gimple-fold.h.
	(maybe_trim_memstar_call): Move head_trim and tail_trim vars to
	function body scope, reindent.  For BUILTIN_IN_STRNCPY*, don't
	perform head trim unless we can prove there are no '\0' chars
	from the source among the first head_trim chars.

	* gcc.c-torture/execute/pr93249.c: New test.

diff --git a/gcc/ChangeLog b/gcc/ChangeLog
index 73170037f0d41f54f7b00946845689bb6f9b7bc7..8f4382030b94ca82d613eb1b2580f41b94374631 100644 (file)
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -1,3 +1,12 @@
+2020-01-15  Jakub Jelinek  <jakub@redhat.com>
+
+       PR tree-optimization/93249
+       * tree-ssa-dse.c: Include builtins.h and gimple-fold.h.
+       (maybe_trim_memstar_call): Move head_trim and tail_trim vars to
+       function body scope, reindent.  For BUILTIN_IN_STRNCPY*, don't
+       perform head trim unless we can prove there are no '\0' chars
+       from the source among the first head_trim chars.
+
 2020-01-14  David Malcolm  <dmalcolm@redhat.com>
 
        * Makefile.in (ANALYZER_OBJS): Add analyzer/function-set.o.

diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog
index 8013bdbc2eb84e14a285b9d6446c2abbc338db0a..77d573fed2873d23dbbc794e9cc346f72e8e8378 100644 (file)
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,3 +1,8 @@
+2020-01-15  Jakub Jelinek  <jakub@redhat.com>
+
+       PR tree-optimization/93249
+       * gcc.c-torture/execute/pr93249.c: New test.
+
 2020-01-14  David Malcolm  <dmalcolm@redhat.com>
 
        * gcc.dg/analyzer/signal-5.c: New test.

diff --git a/gcc/testsuite/gcc.c-torture/execute/pr93249.c b/gcc/testsuite/gcc.c-torture/execute/pr93249.c
new file mode 100644 (file)
index 0000000..2c9a6b4
--- /dev/null
+++ b/gcc/testsuite/gcc.c-torture/execute/pr93249.c
@@ -0,0 +1,40 @@
+/* PR tree-optimization/93249 */
+
+char a[2], b[4], c[6];
+
+void
+foo (void)
+{
+  char d[2] = { 0x00, 0x11 };
+  __builtin_strncpy (&b[2], d, 2);
+  __builtin_strncpy (&b[1], a, 2);
+  if (b[0] || b[1] || b[2] || b[3])
+    __builtin_abort ();
+}
+
+void
+bar (void)
+{
+  __builtin_strncpy (&b[2], "\0\x11", 2);
+  __builtin_strncpy (&b[1], a, 2);
+  if (b[0] || b[1] || b[2] || b[3])
+    __builtin_abort ();
+}
+
+void
+baz (void)
+{
+  __builtin_strncpy (&c[2], "\x11\x11\0\x11", 4);
+  __builtin_strncpy (&c[1], a, 2);
+  if (c[0] || c[1] || c[2] || c[3] != 0x11 || c[4] || c[5])
+    __builtin_abort ();
+}
+
+int
+main ()
+{
+  foo ();
+  bar ();
+  baz ();
+  return 0;
+}

diff --git a/gcc/tree-ssa-dse.c b/gcc/tree-ssa-dse.c
index b0120d4e74d971ee95825cb5e5563ae67e67a3b6..cb64d6fe83a64efa5ac3d3d022a4b14d3b661501 100644 (file)
--- a/gcc/tree-ssa-dse.c
+++ b/gcc/tree-ssa-dse.c
@@ -36,6 +36,8 @@ along with GCC; see the file COPYING3.  If not see
 #include "alias.h"
 #include "tree-ssa-loop.h"
 #include "tree-ssa-dse.h"
+#include "builtins.h"
+#include "gimple-fold.h"
 
 /* This file implements dead store elimination.
 
@@ -456,56 +458,83 @@ increment_start_addr (gimple *stmt, tree *where, int increment)
 static void
 maybe_trim_memstar_call (ao_ref *ref, sbitmap live, gimple *stmt)
 {
+  int head_trim, tail_trim;
   switch (DECL_FUNCTION_CODE (gimple_call_fndecl (stmt)))
     {
+    case BUILT_IN_STRNCPY:
+    case BUILT_IN_STRNCPY_CHK:
+      compute_trims (ref, live, &head_trim, &tail_trim, stmt);
+      if (head_trim)
+       {
+         /* Head trimming of strncpy is only possible if we can
+            prove all bytes we would trim are non-zero (or we could
+            turn the strncpy into memset if there must be zero
+            among the head trimmed bytes).  If we don't know anything
+            about those bytes, the presence or absence of '\0' bytes
+            in there will affect whether it acts for the non-trimmed
+            bytes as memset or memcpy/strncpy.  */
+         c_strlen_data lendata = { };
+         int orig_head_trim = head_trim;
+         tree srcstr = gimple_call_arg (stmt, 1);
+         if (!get_range_strlen (srcstr, &lendata, /*eltsize=*/1)
+             || !tree_fits_uhwi_p (lendata.minlen))
+           head_trim = 0;
+         else if (tree_to_uhwi (lendata.minlen) < (unsigned) head_trim)
+           {
+             head_trim = tree_to_uhwi (lendata.minlen);
+             if ((orig_head_trim & (UNITS_PER_WORD - 1)) == 0)
+               head_trim &= ~(UNITS_PER_WORD - 1);
+           }
+         if (orig_head_trim != head_trim
+             && dump_file
+             && (dump_flags & TDF_DETAILS))
+           fprintf (dump_file,
+                    "  Adjusting strncpy trimming to (head = %d,"
+                    " tail = %d)\n", head_trim, tail_trim);
+       }
+      goto do_memcpy;
+
     case BUILT_IN_MEMCPY:
     case BUILT_IN_MEMMOVE:
-    case BUILT_IN_STRNCPY:
     case BUILT_IN_MEMCPY_CHK:
     case BUILT_IN_MEMMOVE_CHK:
-    case BUILT_IN_STRNCPY_CHK:
-      {
-       int head_trim, tail_trim;
-       compute_trims (ref, live, &head_trim, &tail_trim, stmt);
-
-       /* Tail trimming is easy, we can just reduce the count.  */
-        if (tail_trim)
-         decrement_count (stmt, tail_trim);
-
-       /* Head trimming requires adjusting all the arguments.  */
-        if (head_trim)
-          {
-           tree *dst = gimple_call_arg_ptr (stmt, 0);
-           increment_start_addr (stmt, dst, head_trim);
-           tree *src = gimple_call_arg_ptr (stmt, 1);
-           increment_start_addr (stmt, src, head_trim);
-           decrement_count (stmt, head_trim);
-         }
-        break;
-      }
+      compute_trims (ref, live, &head_trim, &tail_trim, stmt);
+
+    do_memcpy:
+      /* Tail trimming is easy, we can just reduce the count.  */
+      if (tail_trim)
+       decrement_count (stmt, tail_trim);
+
+      /* Head trimming requires adjusting all the arguments.  */
+      if (head_trim)
+       {
+         tree *dst = gimple_call_arg_ptr (stmt, 0);
+         increment_start_addr (stmt, dst, head_trim);
+         tree *src = gimple_call_arg_ptr (stmt, 1);
+         increment_start_addr (stmt, src, head_trim);
+         decrement_count (stmt, head_trim);
+       }
+      break;
 
     case BUILT_IN_MEMSET:
     case BUILT_IN_MEMSET_CHK:
-      {
-       int head_trim, tail_trim;
-       compute_trims (ref, live, &head_trim, &tail_trim, stmt);
-
-       /* Tail trimming is easy, we can just reduce the count.  */
-        if (tail_trim)
-         decrement_count (stmt, tail_trim);
-
-       /* Head trimming requires adjusting all the arguments.  */
-        if (head_trim)
-          {
-           tree *dst = gimple_call_arg_ptr (stmt, 0);
-           increment_start_addr (stmt, dst, head_trim);
-           decrement_count (stmt, head_trim);
-         }
-       break;
-      }
+      compute_trims (ref, live, &head_trim, &tail_trim, stmt);
+
+      /* Tail trimming is easy, we can just reduce the count.  */
+      if (tail_trim)
+       decrement_count (stmt, tail_trim);
+
+      /* Head trimming requires adjusting all the arguments.  */
+      if (head_trim)
+       {
+         tree *dst = gimple_call_arg_ptr (stmt, 0);
+         increment_start_addr (stmt, dst, head_trim);
+         decrement_count (stmt, head_trim);
+       }
+      break;
 
-      default:
-       break;
+    default:
+      break;
     }
 }