tree-ssa-strlen: Fix up handling of conditionally zero memcpy [PR110914]

The following testcase is miscompiled since r279392 aka r10-5451-gef29b12cfbb4979
The strlen pass has adjust_last_stmt function, which performs mainly strcat
or strcat-like optimizations (say strcpy (x, "abcd"); strcat (x, p);
or equivalent memcpy (x, "abcd", strlen ("abcd") + 1); char *q = strchr (x, 0);
memcpy (x, p, strlen (p)); etc. where the first stmt stores '\0' character
at the end but next immediately overwrites it and so the first memcpy can be
adjusted to store 1 fewer bytes.  handle_builtin_memcpy called this function
in two spots, the first one guarded like:
  if (olddsi != NULL
      && tree_fits_uhwi_p (len)
      && !integer_zerop (len))
    adjust_last_stmt (olddsi, stmt, false);
i.e. only for constant non-zero length.  The other spot can call it even
for non-constant length but in that case we punt before that if that length
isn't length of some string + 1, so again non-zero.
The r279392 change I assume wanted to add some warning stuff and changed it
like
   if (olddsi != NULL
-      && tree_fits_uhwi_p (len)
       && !integer_zerop (len))
-    adjust_last_stmt (olddsi, stmt, false);
+    {
+      maybe_warn_overflow (stmt, len, rvals, olddsi, false, true);
+      adjust_last_stmt (olddsi, stmt, false);
+    }
While maybe_warn_overflow possibly handles non-constant length fine,
adjust_last_stmt really relies on length to be non-zero, which
!integer_zerop (len) alone doesn't guarantee.  While we could for
len being SSA_NAME ask the ranger or tree_expr_nonzero_p, I think
adjust_last_stmt will not benefit from it much, so the following patch
just restores the above condition/previous behavior for the adjust_last_stmt
call only.

2023-08-30  Jakub Jelinek  <jakub@redhat.com>

	PR tree-optimization/110914
	* tree-ssa-strlen.c (strlen_pass::handle_builtin_memcpy): Don't call
	adjust_last_stmt unless len is known constant.

	* gcc.c-torture/execute/pr110914.c: New test.

(cherry picked from commit 398842e7038ea0f34054f0f694014d0ecd656846)

diff --git a/gcc/testsuite/gcc.c-torture/execute/pr110914.c b/gcc/testsuite/gcc.c-torture/execute/pr110914.c
new file mode 100644 (file)
index 0000000..ccc04e1
--- /dev/null
+++ b/gcc/testsuite/gcc.c-torture/execute/pr110914.c
@@ -0,0 +1,22 @@
+/* PR tree-optimization/110914 */
+
+__attribute__ ((noipa)) int
+foo (const char *s, unsigned long l)
+{
+  unsigned char r = 0;
+  __builtin_memcpy (&r, s, l != 0);
+  return r;
+}
+
+int
+main ()
+{
+  const char *p = "123456";
+  int a = foo (p, __builtin_strlen (p) - 5);
+  int b = foo (p, __builtin_strlen (p) - 6);
+  if (a != '1')
+    __builtin_abort ();
+  if (b != 0)
+    __builtin_abort ();
+  return 0;
+}

diff --git a/gcc/tree-ssa-strlen.c b/gcc/tree-ssa-strlen.c
index 9f317a190ee1bbf1c1591399ee2ecf13aa6a65e0..cfffc220073a0a29d0154ed6fd2503d1195cca4c 100644 (file)
--- a/gcc/tree-ssa-strlen.c
+++ b/gcc/tree-ssa-strlen.c
@@ -3231,7 +3231,8 @@ handle_builtin_memcpy (enum built_in_function bcode, gimple_stmt_iterator *gsi,
       && !integer_zerop (len))
     {
       maybe_warn_overflow (stmt, len, ptr_qry, olddsi, false, true);
-      adjust_last_stmt (olddsi, stmt, false, ptr_qry);
+      if (tree_fits_uhwi_p (len))
+       adjust_last_stmt (olddsi, stmt, false, ptr_qry);
     }
 
   int idx = get_stridx (src);