From 2b85c0882205c31987ac26ffc49351a3af3b537c Mon Sep 17 00:00:00 2001 From: Richard Biener Date: Wed, 22 Jan 2020 12:38:12 +0100 Subject: [PATCH] tree-optimization/93381 fix integer offsetting in points-to analysis We were incorrectly assuming a merge operation is conservative enough for not explicitely handled operations but we also need to consider offsetting within fields when field-sensitive analysis applies. 2020-01-22 Richard Biener PR tree-optimization/93381 * tree-ssa-structalias.c (find_func_aliases): Assume offsetting throughout, handle all conversions the same. * gcc.dg/torture/pr93381.c: New testcase. --- gcc/ChangeLog | 6 ++++++ gcc/testsuite/ChangeLog | 5 +++++ gcc/testsuite/gcc.dg/torture/pr93381.c | 25 +++++++++++++++++++++++++ gcc/tree-ssa-structalias.c | 17 ++++++++++------- 4 files changed, 46 insertions(+), 7 deletions(-) create mode 100644 gcc/testsuite/gcc.dg/torture/pr93381.c diff --git a/gcc/ChangeLog b/gcc/ChangeLog index e2111a00ce4..2f229b92d7a 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,9 @@ +2020-01-22 Richard Biener + + PR tree-optimization/93381 + * tree-ssa-structalias.c (find_func_aliases): Assume offsetting + throughout, handle all conversions the same. + 2020-01-22 Jakub Jelinek PR target/93335 diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index a2d70f5829a..a1828a14f10 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,8 @@ +2020-01-22 Richard Biener + + PR tree-optimization/93381 + * gcc.dg/torture/pr93381.c: New testcase. + 2020-01-22 Jakub Jelinek PR target/93335 diff --git a/gcc/testsuite/gcc.dg/torture/pr93381.c b/gcc/testsuite/gcc.dg/torture/pr93381.c new file mode 100644 index 00000000000..cec4b5d8daa --- /dev/null +++ b/gcc/testsuite/gcc.dg/torture/pr93381.c @@ -0,0 +1,25 @@ +/* { dg-do run } */ + +static struct S { int *p1; int *p2; } s; +typedef __UINTPTR_TYPE__ uintptr_t; +int foo() +{ + int i = 1, j = 2; + struct S s; + int **p; + s.p1 = &i; + s.p2 = &j; + p = &s.p1; + uintptr_t pi = (uintptr_t)p; + pi = pi + sizeof (int *); + p = (int **)pi; + **p = 3; + return j; +} + +int main() +{ + if (foo () != 3) + __builtin_abort (); + return 0; +} diff --git a/gcc/tree-ssa-structalias.c b/gcc/tree-ssa-structalias.c index f189f756261..416a26c996c 100644 --- a/gcc/tree-ssa-structalias.c +++ b/gcc/tree-ssa-structalias.c @@ -5008,11 +5008,12 @@ find_func_aliases (struct function *fn, gimple *origt) || code == FLOOR_MOD_EXPR || code == ROUND_MOD_EXPR) /* Division and modulo transfer the pointer from the LHS. */ - get_constraint_for_rhs (gimple_assign_rhs1 (t), &rhsc); - else if ((CONVERT_EXPR_CODE_P (code) - && !(POINTER_TYPE_P (gimple_expr_type (t)) - && !POINTER_TYPE_P (TREE_TYPE (rhsop)))) + get_constraint_for_ptr_offset (gimple_assign_rhs1 (t), + NULL_TREE, &rhsc); + else if (CONVERT_EXPR_CODE_P (code) || gimple_assign_single_p (t)) + /* See through conversions, single RHS are handled by + get_constraint_for_rhs. */ get_constraint_for_rhs (rhsop, &rhsc); else if (code == COND_EXPR) { @@ -5031,14 +5032,16 @@ find_func_aliases (struct function *fn, gimple *origt) ; else { - /* All other operations are merges. */ + /* All other operations are possibly offsetting merges. */ auto_vec tmp; struct constraint_expr *rhsp; unsigned i, j; - get_constraint_for_rhs (gimple_assign_rhs1 (t), &rhsc); + get_constraint_for_ptr_offset (gimple_assign_rhs1 (t), + NULL_TREE, &rhsc); for (i = 2; i < gimple_num_ops (t); ++i) { - get_constraint_for_rhs (gimple_op (t, i), &tmp); + get_constraint_for_ptr_offset (gimple_op (t, i), + NULL_TREE, &tmp); FOR_EACH_VEC_ELT (tmp, j, rhsp) rhsc.safe_push (*rhsp); tmp.truncate (0); -- 2.30.2