Bug 36343 - [4.3 Regression] Wrong code due to bad TBAA pruning of points-to-sets and use in call clobbering
Summary: [4.3 Regression] Wrong code due to bad TBAA pruning of points-to-sets and use...
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: tree-optimization (show other bugs)
Version: 4.3.1
: P2 normal
Target Milestone: 4.3.3
Assignee: Richard Biener
URL:
Keywords: alias, wrong-code
Depends on: 36346
Blocks: 36345
  Show dependency treegraph
 
Reported: 2008-05-27 12:42 UTC by Richard Biener
Modified: 2008-09-19 15:05 UTC (History)
4 users (show)

See Also:
Host:
Target:
Build:
Known to work: 4.1.3 4.2.4 4.4.0
Known to fail: 4.3.0 4.3.2
Last reconfirmed: 2008-05-27 12:45:45


Attachments
patch disabling TBAA pruning (1.99 KB, patch)
2008-09-17 14:46 UTC, Richard Biener
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Richard Biener 2008-05-27 12:42:02 UTC
extern void abort (void);

void __attribute__((noinline))
bar (int **p)
{
  float *q = (float *)p;
  *q = 0.0;
}

float __attribute__((noinline))
foo (int b)
{
  int *i = 0;
  float f = 1.0;
  int **p;
  if (b)
    p = &i;
  else
    p = (int **)&f;
  bar (p);
  if (b)
    return **p;
  return f;
}

int main()
{
  if (foo(0) != 0.0)
    abort ();
  return 0;
}


We TBAA-prune the points-to-set of p due to the dereference *p but use
the pruned points-to-set for computing the call-clobber variables which
causes f not to be call-clobbered.  Thus we return 1.0 from foo.  Oops.
Comment 1 Richard Biener 2008-05-27 12:45:29 UTC
If you investigate why this doesn't happen more often you find that directly_dereferenced is only ever set if you dereference a pointer and the
result is also a pointer.  (Thus the complicated testcase)

In essence - we almost _never_ TBAA-prune the points-to-sets.

The correct solution is (apart from improving the TBAA-pruning) to use the
original points-to solution for computing the call-clobbered variables, not
the TBAA-pruned points-to set.

For 4.3 the easiest and least invasive solution is to rip out the
TBAA-pruning code completely.  This is also the temporary solution for the
mainline.
Comment 2 Richard Biener 2008-05-29 10:32:48 UTC
Subject: Bug 36343

Author: rguenth
Date: Thu May 29 10:31:58 2008
New Revision: 136152

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=136152
Log:
2008-05-29  Richard Guenther  <rguenther@suse.de>

	PR tree-optimization/36343
	PR tree-optimization/36346
	PR tree-optimization/36347
	* tree-flow.h (clobber_what_p_points_to): Declare.
	* tree-ssa-structalias.c (set_uids_in_ptset): Whether the
	pointed-to variable is dereferenced is irrelevant to whether
	the pointer can access the pointed-to variable.
	(clobber_what_p_points_to): New function.
	* tree-ssa-alias.c (set_initial_properties): Use it.
	* tree-ssa.c (verify_flow_sensitive_alias_info): Adjust
	call clobber check for NMTs.

	* gcc.c-torture/execute/pr36343.c: New testcase.

Added:
    trunk/gcc/testsuite/gcc.c-torture/execute/pr36343.c
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/testsuite/ChangeLog
    trunk/gcc/tree-flow.h
    trunk/gcc/tree-ssa-alias.c
    trunk/gcc/tree-ssa-structalias.c
    trunk/gcc/tree-ssa.c

Comment 3 Richard Biener 2008-05-29 10:34:22 UTC
Fixed on the mainline.
Comment 4 Richard Biener 2008-06-06 14:59:26 UTC
4.3.1 is being released, adjusting target milestone.
Comment 5 Joseph S. Myers 2008-08-27 22:04:04 UTC
4.3.2 is released, changing milestones to 4.3.3.
Comment 6 Richard Biener 2008-09-17 14:46:26 UTC
Created attachment 16344 [details]
patch disabling TBAA pruning

This is the patch we use for openSUSE to fix this bug.
Comment 7 Eric Botcazou 2008-09-17 15:07:37 UTC
> This is the patch we use for openSUSE to fix this bug.

Any particular reason for not installing it at the FSF as well?
Comment 8 rguenther@suse.de 2008-09-17 15:10:47 UTC
Subject: Re:  [4.3 Regression] Wrong code due
 to bad TBAA pruning of points-to-sets and use in call clobbering

On Wed, 17 Sep 2008, ebotcazou at gcc dot gnu dot org wrote:

> ------- Comment #7 from ebotcazou at gcc dot gnu dot org  2008-09-17 15:07 -------
> > This is the patch we use for openSUSE to fix this bug.
> 
> Any particular reason for not installing it at the FSF as well?

It disables optimizations and the testcase was artificially created by
me from looking at the source.  But let me just submit the patch
(again) and ask for feedback.

Richard.
Comment 9 Richard Biener 2008-09-19 15:05:34 UTC
Fixed.
Comment 10 Richard Biener 2008-09-19 15:06:01 UTC
Subject: Bug 36343

Author: rguenth
Date: Fri Sep 19 15:04:36 2008
New Revision: 140492

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=140492
Log:
2008-09-19  Richard Guenther  <rguenther@suse.de>

	PR tree-optimization/36343
	* tree-ssa-structalias.c (struct variable_info): Remove
	directly_dereferenced member.
	(new_var_info): Do not set it.
	(process_constraint_1): Likewise.
	(set_uids_in_ptset): Remove TBAA-pruning code.
	(find_what_p_points_to): Do not pass TBAA-pruning related
	parameters.

	* gcc.c-torture/execute/pr36343.c: New testcase.

Added:
    branches/gcc-4_3-branch/gcc/testsuite/gcc.c-torture/execute/pr36343.c
Modified:
    branches/gcc-4_3-branch/gcc/ChangeLog
    branches/gcc-4_3-branch/gcc/testsuite/ChangeLog
    branches/gcc-4_3-branch/gcc/tree-ssa-structalias.c