https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113255
--- Comment #10 from Richard Biener <rguenth at gcc dot gnu.org> ---
Hmm, trying to fix find_base_term isn't enough, init_alias_analysis
find_base_value needs to be adjusted as well. One "obvious" mistake there
is a missing
diff --git a/gcc/alias.cc b/gcc/alias.cc
index b2ec4806d22..6aeb2167520 100644
--- a/gcc/alias.cc
+++ b/gcc/alias.cc
@@ -1492,6 +1492,13 @@ find_base_value (rtx src)
{
rtx temp, src_0 = XEXP (src, 0), src_1 = XEXP (src, 1);
+ /* If both operands of a MINUS are known pointers then the
+ base is not either of them. */
+ if (GET_CODE (src) == MINUS
+ && REG_P (src_0) && REG_POINTER (src_0)
+ && REG_P (src_1) && REG_POINTER (src_1))
+ return 0;
+
/* If either operand is a REG that is a known pointer, then it
is the base. */
if (REG_P (src_0) && REG_POINTER (src_0))
but of course that's not conservative - not having REG_POINTER set doesn't
mean it's not a pointer. But even when we assume REG_POINTER is
correct the minus operands might not be REG_P.
This is really all totally wrong for what it is (pointer analysis on RTL).
On RTL we also lost constraints that arithmetic stays within an object.
It should likely be scrapped completely and re-done, possibly having
SET_DEST_POINTS_TO to be able to put SSA points-to info to SETs
(REG_ATTRs are too coarse, but would be possible as well, losing some of
the flow sensitivity). Incoming args & frame analysis would need to be
implemented of course. As said, I'm not sure analyzing RTL will yield
anything good while being conservative - and optimistic points-to is what
leads us to these kind of bugs ...
