public inbox for gcc-patches@gcc.gnu.org
 help / color / mirror / Atom feed
* [PR 88214] Check that an argument is pointer before attempting agg jf construction from it
@ 2018-12-07 14:59 Martin Jambor
  2018-12-10 10:27 ` Richard Biener
  0 siblings, 1 reply; 4+ messages in thread
From: Martin Jambor @ 2018-12-07 14:59 UTC (permalink / raw)
  To: GCC Patches

Hi,

ICE in PR 88214 happens because a type-mismatch in K&R C code makes
IPA-CP analysis call ao_ref_init_from_ptr_and_size on an integer
SSA_NAME, this function in turn constructs a temporary MEM_REF based on
that integer SSA_NAME and then later on call_may_clobber_ref_p_1 treats
the MEM_REF base as a pointer, gets its SSA_NAME_PTR_INFO and tries to
work with bitmaps there.  But because the SSA_NAME is an integer, there
is no SSA_NAME_PTR_INFO, there is range info instead and this leads to a
crash.

On a related note, would people object to adding the following assert,
which would have made this bug much more straightforward to find?

index 85a5de7..66cf2f2 100644
--- a/gcc/tree-ssa-alias.c
+++ b/gcc/tree-ssa-alias.c
@@ -710,6 +710,7 @@ ao_ref_init_from_ptr_and_size (ao_ref *ref, tree ptr, tree size)
     }
   else
     {
+      gcc_assert (POINTER_TYPE_P (TREE_TYPE (ptr)));
       ref->base = build2 (MEM_REF, char_type_node,
                          ptr, null_pointer_node);
       ref->offset = 0;


The bug itself can be fixed with the patch below.  I have verified it
avoids the ICE on powerpc64-linux and did a full bootstrap and test on
an x86_64-linux.  The patch is simple enough that I believe that is good
enough.


2018-12-06  Martin Jambor  <mjambor@suse.cz>

	PR ipa/88214
	* ipa-prop.c (determine_locally_known_aggregate_parts): Make sure
	we check pointers against pointers.

	testsuite/
	* gcc.dg/ipa/pr88214.c: New test.
---
 gcc/ipa-prop.c                     |  3 ++-
 gcc/testsuite/gcc.dg/ipa/pr88214.c | 10 ++++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/gcc.dg/ipa/pr88214.c

diff --git a/gcc/ipa-prop.c b/gcc/ipa-prop.c
index 74052350ac1..4dbe26829e3 100644
--- a/gcc/ipa-prop.c
+++ b/gcc/ipa-prop.c
@@ -1569,7 +1569,8 @@ determine_locally_known_aggregate_parts (gcall *call, tree arg,
       if (TREE_CODE (arg) == SSA_NAME)
 	{
 	  tree type_size;
-          if (!tree_fits_uhwi_p (TYPE_SIZE (TREE_TYPE (arg_type))))
+          if (!tree_fits_uhwi_p (TYPE_SIZE (TREE_TYPE (arg_type)))
+	      || !POINTER_TYPE_P (TREE_TYPE (arg)))
             return;
 	  check_ref = true;
 	  arg_base = arg;
diff --git a/gcc/testsuite/gcc.dg/ipa/pr88214.c b/gcc/testsuite/gcc.dg/ipa/pr88214.c
new file mode 100644
index 00000000000..4daa9829e75
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/ipa/pr88214.c
@@ -0,0 +1,10 @@
+/* { dg-do compile } */
+/* { dg-options "-O2" } */
+
+void i();
+  short a;
+  void b(e) char * e;
+  {
+    i();
+    b(a);
+  }
-- 
2.19.1



^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-01-16 15:26 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-12-07 14:59 [PR 88214] Check that an argument is pointer before attempting agg jf construction from it Martin Jambor
2018-12-10 10:27 ` Richard Biener
2018-12-20 14:21   ` Martin Jambor
2019-01-16 15:26   ` Martin Jambor

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).