Hi!
The following testcase is miscompiled since r279392 aka
r10-5451-gef29b12cfbb4979
The strlen pass has adjust_last_stmt function, which performs mainly strcat
or strcat-like optimizations (say strcpy (x, "abcd"); strcat (x, p);
or equivalent memcpy (x, "abcd", strlen ("abcd") + 1); char *q = strchr (x, 0);
memcpy (x, p, strlen (p)); etc. where the first stmt stores '\0' character
at the end but next immediately overwrites it and so the first memcpy can be
adjusted to store 1 fewer bytes. handle_builtin_memcpy called this function
in two spots, the first one guarded like:
if (olddsi != NULL
&& tree_fits_uhwi_p (len)
&& !integer_zerop (len))
adjust_last_stmt (olddsi, stmt, false);
i.e. only for constant non-zero length. The other spot can call it even
for non-constant length but in that case we punt before that if that length
isn't length of some string + 1, so again non-zero.
The r279392 change I assume wanted to add some warning stuff and changed it
like
if (olddsi != NULL
- && tree_fits_uhwi_p (len)
&& !integer_zerop (len))
- adjust_last_stmt (olddsi, stmt, false);
+ {
+ maybe_warn_overflow (stmt, len, rvals, olddsi, false, true);
+ adjust_last_stmt (olddsi, stmt, false);
+ }
While maybe_warn_overflow possibly handles non-constant length fine,
adjust_last_stmt really relies on length to be non-zero, which
!integer_zerop (len) alone doesn't guarantee. While we could for
len being SSA_NAME ask the ranger or tree_expr_nonzero_p, I think
adjust_last_stmt will not benefit from it much, so the following patch
just restores the above condition/previous behavior for the adjust_last_stmt
call only.
Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
2023-08-30 Jakub Jelinek <ja...@redhat.com>
PR tree-optimization/110914
* tree-ssa-strlen.cc (strlen_pass::handle_builtin_memcpy): Don't call
adjust_last_stmt unless len is known constant.
* gcc.c-torture/execute/pr110914.c: New test.
--- gcc/tree-ssa-strlen.cc.jj 2023-04-27 10:17:46.406486796 +0200
+++ gcc/tree-ssa-strlen.cc 2023-08-29 18:13:38.189327203 +0200
@@ -3340,7 +3340,8 @@ strlen_pass::handle_builtin_memcpy (buil
&& !integer_zerop (len))
{
maybe_warn_overflow (stmt, false, len, olddsi, false, true);
- adjust_last_stmt (olddsi, stmt, false);
+ if (tree_fits_uhwi_p (len))
+ adjust_last_stmt (olddsi, stmt, false);
}
int idx = get_stridx (src, stmt);
--- gcc/testsuite/gcc.c-torture/execute/pr110914.c.jj 2023-08-29
18:38:33.305699206 +0200
+++ gcc/testsuite/gcc.c-torture/execute/pr110914.c 2023-08-29
18:38:18.678901007 +0200
@@ -0,0 +1,22 @@
+/* PR tree-optimization/110914 */
+
+__attribute__ ((noipa)) int
+foo (const char *s, unsigned long l)
+{
+ unsigned char r = 0;
+ __builtin_memcpy (&r, s, l != 0);
+ return r;
+}
+
+int
+main ()
+{
+ const char *p = "123456";
+ int a = foo (p, __builtin_strlen (p) - 5);
+ int b = foo (p, __builtin_strlen (p) - 6);
+ if (a != '1')
+ __builtin_abort ();
+ if (b != 0)
+ __builtin_abort ();
+ return 0;
+}
Jakub
