[Bug tree-optimization/89505] [9 Regression] LibreOffice miscompilation starting with r260383
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89505 --- Comment #5 from Richard Biener --- Author: rguenth Date: Tue Feb 26 14:09:19 2019 New Revision: 269212 URL: https://gcc.gnu.org/viewcvs?rev=269212&root=gcc&view=rev Log: 2019-02-26 Richard Biener PR tree-optimization/89505 * tree-ssa-structalias.c (compute_dependence_clique): Make sure to handle restrict pointed-to vars with multiple subvars correctly. * gcc.dg/torture/pr89505.c: New testcase. Added: trunk/gcc/testsuite/gcc.dg/torture/pr89505.c Modified: trunk/gcc/ChangeLog trunk/gcc/testsuite/ChangeLog trunk/gcc/tree-ssa-structalias.c
[Bug tree-optimization/89505] [9 Regression] LibreOffice miscompilation starting with r260383
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89505 --- Comment #4 from Richard Biener --- Created attachment 45824 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=45824&action=edit patch I am testing
[Bug tree-optimization/89505] [9 Regression] LibreOffice miscompilation starting with r260383
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89505
Richard Biener changed:
What|Removed |Added
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed||2019-02-26
Assignee|unassigned at gcc dot gnu.org |rguenth at gcc dot
gnu.org
Ever confirmed|0 |1
--- Comment #3 from Richard Biener ---
So what happens is that this points to an aggregate with a lot of fields and
field-sensitive analysis when gathering what are restrict pointed-to's only
looks at the first field. Thus if you'd have
struct this { int x; void *p; };
and
_13 = &this_29(D)->nColCount;
# _116 = PHI <_13(9), &D.857772(10)>
_15 = *_116;
here _13 does not point to the _first_ field (note you need meaningful
fields - aka pointers - for points-to to separate fields fod analysis)
then we miss that _116 also points to the same thing as this_29.
Then you need a plain this_29 based access and a indirect ref to _13
to get things wrong.
struct S { int i; void *p; int j; };
int a;
int foo (struct S * __restrict p, int q)
{
int *x = &p->j;
if (q)
x = &a;
p->j = 1;
*x = 2;
return p->j;
}
shows wrong alias info:
# PT = null { D.1921 } (nonlocal, restrict)
struct S * restrict p_2(D) = p;
...
:
# PT = null { D.1909 D.1921 } (nonlocal, interposable)
# x_1 = PHI
MEM[(struct S *)p_2(D) clique 1 base 1].j = 1;
MEM[(int *)x_1 clique 1 base 0] = 2;
_9 = MEM[(struct S *)p_2(D) clique 1 base 1].j;
and FRE optimizing the load.
struct S { int i; void *p; int j; };
int a;
int __attribute__((noinline))
foo (struct S * __restrict p, int q)
{
int *x = &p->j;
if (q)
x = &a;
p->j = 1;
*x = 2;
return p->j;
}
int main()
{
struct S s;
if (foo (&s, 0) != 2)
__builtin_abort ();
return 0;
}
[Bug tree-optimization/89505] [9 Regression] LibreOffice miscompilation starting with r260383
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89505
--- Comment #2 from Richard Biener ---
ScXMLTableColContext::ScXMLTableColContext (struct ScXMLTableColContext * const
this, struct ScXMLImport & rImport, const struct Reference & rAttrList)
{
# PT = null { D.1010617 } (nonlocal, escaped, restrict)
struct ScXMLTableColContext * const this_29(D) = this;
...
:
# PT = { D.857772 D.1010617 } (nonlocal, escaped)
# _116 = PHI <_13(9), &D.857772(10)>
_15 = MEM[(const int &)_116 clique 1 base 0];
the _116 deref shouldn't have gotten base 0 because of
vi = get_varinfo (find (vi->id));
if (bitmap_intersect_p (rvars, vi->solution)
|| (escaped_p && bitmap_bit_p (vi->solution, escaped_id)))
return false;
now I need to debug what goes wrong...
[Bug tree-optimization/89505] [9 Regression] LibreOffice miscompilation starting with r260383
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89505
--- Comment #1 from Jakub Jelinek ---
I think the problem is mainly:
MEM[(struct ScXMLTableColContext *)this_29(D) clique 1 base 1].nColCount =
_15;
vs.
_15 = MEM[(const int &)_116 clique 1 base 0];
Both have the same clique, but different base.
std::min(nColCount, MAXCOLCOUNT)
returns a reference, and I bet if this argument was explicitly __restrict, that
would be invalid, referencing *this through some other pointer (reference in
this case). this argument is not restrict though, and it can alias
references/pointers within the constructor, e.g.
struct S { int s; S (S &, S *); };
S *foo (S *);
S::S (S &x, S *y)
{
// x.s can't alias this->s
// y->s can't alias this->s
S *p = foo (this);
// p->s can alias this->s
}
[Bug tree-optimization/89505] [9 Regression] LibreOffice miscompilation starting with r260383
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89505 Jakub Jelinek changed: What|Removed |Added Priority|P3 |P1 CC||glisse at gcc dot gnu.org, ||rguenth at gcc dot gnu.org Target Milestone|--- |9.0
