[Bug tree-optimization/103584] New: Points-to information is not conservatively correct

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug tree-optimization/103584] New: Points-to information is not conservatively correct
@ 2021-12-06 15:25 rsandifo at gcc dot gnu.org
  2021-12-06 15:58 ` [Bug tree-optimization/103584] " hubicka at gcc dot gnu.org
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: rsandifo at gcc dot gnu.org @ 2021-12-06 15:25 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103584

            Bug ID: 103584
           Summary: Points-to information is not conservatively correct
           Product: gcc
           Version: 12.0
            Status: UNCONFIRMED
          Keywords: wrong-code
          Severity: normal
          Priority: P3
         Component: tree-optimization
          Assignee: unassigned at gcc dot gnu.org
          Reporter: rsandifo at gcc dot gnu.org
                CC: hubicka at gcc dot gnu.org, rguenth at gcc dot gnu.org
  Target Milestone: ---

Created attachment 51934
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=51934&action=edit
Patch to demonstrate the behaviour

Applying the attached patch shows that points-to information
cannot be used independently of check_fnspec.  E.g. for
gcc.c-torture/execute/20000703-1.c, the patch trips the
new assert for:

(gdb) call debug (def_stmt)
__builtin_memset (p_3(D), 0, 28);
(gdb) call debug (ref.base)
*p_3(D)

The check:

  else if ((TREE_CODE (base) == MEM_REF
            || TREE_CODE (base) == TARGET_MEM_REF)
           && TREE_CODE (TREE_OPERAND (base, 0)) == SSA_NAME)
    {
      struct ptr_info_def *pi = SSA_NAME_PTR_INFO (TREE_OPERAND (base, 0));
      if (pi
          && !pt_solutions_intersect (gimple_call_clobber_set (call), &pi->pt))
        {

passes.  If the asserts in the patch are disabled (by setting
ASSERTS to 0) then we instead get:

FAIL: gcc.c-torture/execute/memcpy-1.c   -O2  execution test
FAIL: gcc.c-torture/execute/memcpy-1.c   -O2 -flto -fno-use-linker-plugin
-flto-partition=none  execution test
FAIL: gcc.c-torture/execute/memcpy-1.c   -O2 -flto -fuse-linker-plugin
-fno-fat-lto-objects  execution test
FAIL: gcc.c-torture/execute/memcpy-1.c   -O3 -fomit-frame-pointer
-funroll-loops -fpeel-loops -ftracer -finline-functions  execution test
FAIL: gcc.c-torture/execute/memcpy-1.c   -O3 -g  execution test
FAIL: gcc.c-torture/execute/memcpy-1.c   -Os  execution test
FAIL: gcc.c-torture/execute/memset-3.c   -O3 -fomit-frame-pointer
-funroll-loops -fpeel-loops -ftracer -finline-functions  execution test
FAIL: gcc.c-torture/execute/memset-3.c   -O3 -g  execution test

See https://gcc.gnu.org/pipermail/gcc-patches/2021-December/586201.html
for more details.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug tree-optimization/103584] Points-to information is not conservatively correct
  2021-12-06 15:25 [Bug tree-optimization/103584] New: Points-to information is not conservatively correct rsandifo at gcc dot gnu.org
@ 2021-12-06 15:58 ` hubicka at gcc dot gnu.org
  2021-12-06 23:14 ` pinskia at gcc dot gnu.org
  2021-12-07  9:05 ` rguenth at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: hubicka at gcc dot gnu.org @ 2021-12-06 15:58 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103584

--- Comment #1 from Jan Hubicka <hubicka at gcc dot gnu.org> ---
This is (probably bit preliminary) optimization in tree-ssa-structalias.c:

/* Create constraints for the builtin call T.  Return true if the call
   was handled, otherwise false.  */

static bool
find_func_aliases_for_builtin_call (struct function *fn, gcall *t)
{
  tree fndecl = gimple_call_fndecl (t);
  auto_vec<ce_s, 2> lhsc;
  auto_vec<ce_s, 4> rhsc;
  varinfo_t fi;

  if (gimple_call_builtin_p (t, BUILT_IN_NORMAL))
    /* ???  All builtins that are handled here need to be handled
       in the alias-oracle query functions explicitly!  */
    switch (DECL_FUNCTION_CODE (fndecl))
      {
      /* All the following functions return a pointer to the same object
         as their first argument points to.  The functions do not add
         to the ESCAPED solution.  The functions make the first argument
         pointed to memory point to what the second argument pointed to
         memory points to.  */

as ??? is saying the function does not bother to build proper USE/CLOBBER
points-to sets and relies on tree-ssa-alias checking the right thing.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug tree-optimization/103584] Points-to information is not conservatively correct
  2021-12-06 15:25 [Bug tree-optimization/103584] New: Points-to information is not conservatively correct rsandifo at gcc dot gnu.org
  2021-12-06 15:58 ` [Bug tree-optimization/103584] " hubicka at gcc dot gnu.org
@ 2021-12-06 23:14 ` pinskia at gcc dot gnu.org
  2021-12-07  9:05 ` rguenth at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: pinskia at gcc dot gnu.org @ 2021-12-06 23:14 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103584

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |NEW
     Ever confirmed|0                           |1
   Last reconfirmed|                            |2021-12-06

--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Confirmed.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug tree-optimization/103584] Points-to information is not conservatively correct
  2021-12-06 15:25 [Bug tree-optimization/103584] New: Points-to information is not conservatively correct rsandifo at gcc dot gnu.org
  2021-12-06 15:58 ` [Bug tree-optimization/103584] " hubicka at gcc dot gnu.org
  2021-12-06 23:14 ` pinskia at gcc dot gnu.org
@ 2021-12-07  9:05 ` rguenth at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: rguenth at gcc dot gnu.org @ 2021-12-07  9:05 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103584

--- Comment #3 from Richard Biener <rguenth at gcc dot gnu.org> ---
I think we should avoid placing incorrect gimple_call_{use,clobber}_sets on the
builtin function calls then.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-12-07  9:05 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-06 15:25 [Bug tree-optimization/103584] New: Points-to information is not conservatively correct rsandifo at gcc dot gnu.org
2021-12-06 15:58 ` [Bug tree-optimization/103584] " hubicka at gcc dot gnu.org
2021-12-06 23:14 ` pinskia at gcc dot gnu.org
2021-12-07  9:05 ` rguenth at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).