------- Comment #22 from dberlin at gcc dot gnu dot org 2007-08-29 18:30
-------
Subject: Re: [4.3 Regression]
tr1/2_general_utilities/shared_ptr/assign/auto_ptr.cc
On 29 Aug 2007 15:19:10 -0000, rguenth at gcc dot gnu dot org
<[EMAIL PROTECTED]> wrote:
>
>
> ------- Comment #21 from rguenth at gcc dot gnu dot org 2007-08-29 15:19
> -------
> I wonder why D.9380_64, defined as
>
> D.9380_64 = &D.8894_34->_M_use_count;
>
> points to anything and NULL:
>
> D.9380_64, is dereferenced, points-to anything, points-to NULL
>
> where the single dereference site looks like
>
> # ctor_count_403 = VDEF <ctor_count_140>
> # ctor_count_404 = VDEF <ctor_count_160>
> # dtor_count_405 = VDEF <dtor_count_180>
> *D.9380_64 ={v} D.9383_69;
>
> of course because of the constraints:
>
> D.9380_64 = { NULL }
>
> possibly because
>
> # VUSE <SFT.433_337>
> D.8894_34 = D.8885._M_refcount._M_pi;
>
> which also
>
> D.8894_34, is dereferenced, its value escapes, points-to anything, points-to
> NULL
>
> which is because
>
> D.8885._M_pi = &NULL
>
> but (!?) we have
>
> ...
> D.7990_3 ={v} operator new (4);
>
> <bb 4>:
> D.7950_4 = (struct B *) D.7990_3;
> ...
> # SMT.470_328 = VDEF <SMT.470_325(ab)>
> D.7950_4->_vptr.B = &_ZTV1B[2];
> ...
> # SFT.432_331 = VDEF <SFT.432_330(D)>
> __ref.80._M_ptr = D.7950_4;
> # VUSE <SFT.432_331>
> __ref$_M_ptr_14 = __ref.80._M_ptr;
> # SFT.425_333 = VDEF <SFT.425_332(D)>
> b._M_ptr = __ref$_M_ptr_14;
> # VUSE <SFT.425_333>
> D.8873_20 = b._M_ptr;
> D.8884_21 = (struct A *) D.8873_20;
> # SFT.434_335 = VDEF <SFT.434_334(D)>
> D.8885._M_ptr = D.8884_21;
>
> so it is at most non-null, because we dereference the pointer.
>
> Note we miss(?) a constraint for D.7990_3 but only have
>
> D.7950_4 = D.7990_3
> __ref.80 = D.7950_4
> __ref$_M_ptr_14 = __ref.80
> b = __ref$_M_ptr_14
> D.8873_20 = b
> D.8884_21 = D.8873_20
> D.8885 = D.8884_21
> (and then directly)
> D.8885._M_pi = &NULL
>
> shouldn't we have
>
> D.7990_3 = &ANYTHING
>
> ?
>
> In find_func_aliases we don't create a constraint for the lhs of a call
> at all:
>
> else if (((TREE_CODE (t) == GIMPLE_MODIFY_STMT
> && TREE_CODE (GIMPLE_STMT_OPERAND (t, 1)) == CALL_EXPR
> && !(call_expr_flags (GIMPLE_STMT_OPERAND (t, 1))
> & (ECF_MALLOC | ECF_MAY_BE_ALLOCA)))
> || (TREE_CODE (t) == CALL_EXPR
> && !(call_expr_flags (t)
> & (ECF_MALLOC | ECF_MAY_BE_ALLOCA)))))
> {
> if (!in_ipa_mode)
> {
> if (TREE_CODE (t) == GIMPLE_MODIFY_STMT)
> handle_rhs_call (GIMPLE_STMT_OPERAND (t, 1));
> else
> handle_rhs_call (t);
> }
>
> So the following adds this constraint:
>
> Index: tree-ssa-structalias.c
> ===================================================================
> --- tree-ssa-structalias.c (revision 127848)
> +++ tree-ssa-structalias.c (working copy)
> @@ -3726,7 +3726,23 @@ find_func_aliases (tree origt)
> if (!in_ipa_mode)
> {
> if (TREE_CODE (t) == GIMPLE_MODIFY_STMT)
> - handle_rhs_call (GIMPLE_STMT_OPERAND (t, 1));
> + {
> + handle_rhs_call (GIMPLE_STMT_OPERAND (t, 1));
> + if (POINTER_TYPE_P (TREE_TYPE (GIMPLE_STMT_OPERAND (t, 1))))
> + {
> + VEC(ce_s, heap) *lhsc = NULL;
> + struct constraint_expr rhsc;
> + unsigned int j;
> + struct constraint_expr *lhsp;
> + rhsc.var = anything_id;
> + rhsc.offset = 0;
> + rhsc.type = ADDRESSOF;
> + get_constraint_for (GIMPLE_STMT_OPERAND (t, 0), &lhsc);
> + for (j = 0; VEC_iterate (ce_s, lhsc, j, lhsp); j++)
> + process_constraint_1 (new_constraint (*lhsp, rhsc),
> true);
> + VEC_free (ce_s, heap, lhsc);
> + }
> + }
This is right for !in_ipa_mode. You may want to encapsulate it into a
new "handle_lhs_of_call" though :)
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=33199
