From: Richard Biener Date: Wed, 22 Jan 2020 11:38:12 +0000 (+0100) Subject: tree-optimization/93381 fix integer offsetting in points-to analysis X-Git-Tag: releases/gcc-9.3.0~126 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b00c3228041bfb450e3fec21fe424f5f322f23b3;p=thirdparty%2Fgcc.git tree-optimization/93381 fix integer offsetting in points-to analysis We were incorrectly assuming a merge operation is conservative enough for not explicitely handled operations but we also need to consider offsetting within fields when field-sensitive analysis applies. 2020-01-22 Richard Biener PR tree-optimization/93381 * tree-ssa-structalias.c (find_func_aliases): Assume offsetting throughout, handle all conversions the same. * gcc.dg/torture/pr93381.c: New testcase. --- diff --git a/gcc/ChangeLog b/gcc/ChangeLog index 4d1a97e8607d..68eebc0d9e61 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,12 @@ +2020-02-14 Richard Biener + + Backport from mainline + 2020-01-22 Richard Biener + + PR tree-optimization/93381 + * tree-ssa-structalias.c (find_func_aliases): Assume offsetting + throughout, handle all conversions the same. + 2020-02-14 Richard Biener Backport from mainline diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index 72036e03c706..2aa91dae4919 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,11 @@ +2020-02-14 Richard Biener + + Backport from mainline + 2020-01-22 Richard Biener + + PR tree-optimization/93381 + * gcc.dg/torture/pr93381.c: New testcase. + 2020-02-14 Richard Biener Backport from mainline diff --git a/gcc/testsuite/gcc.dg/torture/pr93381.c b/gcc/testsuite/gcc.dg/torture/pr93381.c new file mode 100644 index 000000000000..cec4b5d8daa4 --- /dev/null +++ b/gcc/testsuite/gcc.dg/torture/pr93381.c @@ -0,0 +1,25 @@ +/* { dg-do run } */ + +static struct S { int *p1; int *p2; } s; +typedef __UINTPTR_TYPE__ uintptr_t; +int foo() +{ + int i = 1, j = 2; + struct S s; + int **p; + s.p1 = &i; + s.p2 = &j; + p = &s.p1; + uintptr_t pi = (uintptr_t)p; + pi = pi + sizeof (int *); + p = (int **)pi; + **p = 3; + return j; +} + +int main() +{ + if (foo () != 3) + __builtin_abort (); + return 0; +} diff --git a/gcc/tree-ssa-structalias.c b/gcc/tree-ssa-structalias.c index f80b8e456b5c..0ea0b461d2b0 100644 --- a/gcc/tree-ssa-structalias.c +++ b/gcc/tree-ssa-structalias.c @@ -4928,10 +4928,10 @@ find_func_aliases (struct function *fn, gimple *origt) get_constraint_for_ptr_offset (gimple_assign_rhs1 (t), NULL_TREE, &rhsc); } - else if ((CONVERT_EXPR_CODE_P (code) - && !(POINTER_TYPE_P (gimple_expr_type (t)) - && !POINTER_TYPE_P (TREE_TYPE (rhsop)))) + else if (CONVERT_EXPR_CODE_P (code) || gimple_assign_single_p (t)) + /* See through conversions, single RHS are handled by + get_constraint_for_rhs. */ get_constraint_for_rhs (rhsop, &rhsc); else if (code == COND_EXPR) { @@ -4950,14 +4950,16 @@ find_func_aliases (struct function *fn, gimple *origt) ; else { - /* All other operations are merges. */ + /* All other operations are possibly offsetting merges. */ auto_vec tmp; struct constraint_expr *rhsp; unsigned i, j; - get_constraint_for_rhs (gimple_assign_rhs1 (t), &rhsc); + get_constraint_for_ptr_offset (gimple_assign_rhs1 (t), + NULL_TREE, &rhsc); for (i = 2; i < gimple_num_ops (t); ++i) { - get_constraint_for_rhs (gimple_op (t, i), &tmp); + get_constraint_for_ptr_offset (gimple_op (t, i), + NULL_TREE, &tmp); FOR_EACH_VEC_ELT (tmp, j, rhsp) rhsc.safe_push (*rhsp); tmp.truncate (0);