gcc/ChangeLog:
PR tree-optimization/99489
* builtins.c (gimple_call_alloc_size): Fail gracefully when argument
is not a call statement.
gcc/testsuite/ChangeLog:
PR tree-optimization/99489
* gcc.dg/Wstringop-truncation-9.c: New test.
Resolves:
PR middle-end/96963 - -Wstringop-overflow false positive with -ftree-vectorize when assigning consecutive char struct members
PR middle-end/94655 - -Wstringop-overflow on implicit string assignment with vectorized char store
gcc/ChangeLog:
PR middle-end/96963
PR middle-end/94655
* builtins.c (handle_array_ref): New helper.
(handle_mem_ref): New helper.
(compute_objsize_r): Factor out ARRAY_REF and MEM_REF handling
into new helper functions. Correct a workaround for vectorized
assignments.
gcc/testsuite/ChangeLog:
PR middle-end/96963
PR middle-end/94655
* gcc.dg/Wstringop-overflow-47.c: Xfail tests.
* gcc.dg/Wstringop-overflow-65.c: New test.
* gcc.dg/Warray-bounds-69.c: Same.
This fixes a missing space as reported by translators.
2021-02-26 Richard Biener <rguenther@suse.de>
PR c/99275
* builtins.c (warn_string_no_nul): Fix diagnostic formatting.
This avoids crashes with __builtin_next_arg on non-parameters. For
the specific testcase we arrive with an anonymous SSA_NAME so that
SSA_NAME_VAR becomes NULL and we crash.
2021-02-24 Richard Biener <rguenther@suse.de>
PR c/99224
* builtins.c (fold_builtin_next_arg): Avoid NULL arg.
* gcc.dg/pr99224.c: New testcase.
The following patch fixes two bugs in the access_ref::inform_access function
(plus some formatting nits).
The first problem is that ref can be various things, e.g. *_DECL, or
SSA_NAME, or IDENTIFIER_NODE. And allocfn is non-NULL only if ref is
(at least originally) an SSA_NAME initialized to the result of some
allocator function (but not e.g. __builtin_alloca_with_align which is
handled differently).
A few lines above the last hunk of this patch in builtins.c, the code uses
if (mode == access_read_write || mode == access_write_only)
{
if (allocfn == NULL_TREE)
{
if (*offstr)
inform (loc, "at offset %s into destination object %qE of size %s",
offstr, ref, sizestr);
else
inform (loc, "destination object %qE of size %s", ref, sizestr);
return;
}
if (*offstr)
inform (loc,
"at offset %s into destination object of size %s "
"allocated by %qE", offstr, sizestr, allocfn);
else
inform (loc, "destination object of size %s allocated by %qE",
sizestr, allocfn);
return;
}
so if allocfn is NULL, it prints whatever ref is, if it is non-NULL,
it prints instead the allocation function. But strangely the hunk
a few lines below wasn't consistent with that and instead printed the
first form only if DECL_P (ref) and would ICE if ref wasn't a decl but
still allocfn was NULL. Fixed by making it consistent what the code does
earlier.
Another bug is that the code earlier contains an ugly hack for VLAs and was
assuming that SSA_NAME_IDENTIFIER must be non-NULL on the lhs of
__builtin_alloca_with_align. While that is likely true for the cases where
the compiler emits this builtin for VLAs (and it will also be true that
the name of the VLA in that case can be taken from that identifier up to the
first .), the builtin is user accessible as the testcase shows, so one can
have any other SSA_NAME in there. I think it would be better to add some
more reliable way how to identify VLA names corresponding to
__builtin_alloca_with_align allocations, perhaps internal fn or whatever,
but that is beyond the scope of this patch.
2021-01-20 Jakub Jelinek <jakub@redhat.com>
PR tree-optimization/98721
* builtins.c (access_ref::inform_access): Don't assume
SSA_NAME_IDENTIFIER must be non-NULL. Print messages about
object whenever allocfn is NULL, rather than only when DECL_P
is true. Use %qE instead of %qD for that. Formatting fixes.
* gcc.dg/pr98721-1.c: New test.
* gcc.dg/pr98721-2.c: New test.
In dce6c58db8 msebor extended the
"malloc" attribute to support user-defined allocator/deallocator
pairs.
This patch extends the "malloc" checker within -fanalyzer to use
these attributes. It is based on an earlier patch:
'RFC: add "deallocated_by" attribute for use by analyzer'
https://gcc.gnu.org/pipermail/gcc-patches/2020-October/555544.html
which added a different attribute. The patch needed a lot of reworking
to support multiple deallocators per allocator.
My hope was that this would provide a minimal level of markup that would
support library-checking without requiring lots of further markup.
I attempted to use this to detect a memory leak within a Linux
driver (CVE-2019-19078), by adding the attribute to mark these fns:
extern struct urb *usb_alloc_urb(int iso_packets, gfp_t mem_flags);
extern void usb_free_urb(struct urb *urb);
where there is a leak of a "urb" on an error-handling path.
Unfortunately I ran into the problem that there are various other fns
that take "struct urb *" and the analyzer conservatively assumes that a
urb passed to them might or might not be freed and thus stops tracking
state for them.
Hence this will only detect issues for the simplest cases (without
adding another attribute).
gcc/analyzer/ChangeLog:
* analyzer.h (is_std_named_call_p): New decl.
* diagnostic-manager.cc (path_builder::get_sm): New.
(state_change_event_creator::state_change_event_creator): Add "pb"
param.
(state_change_event_creator::on_global_state_change): Don't consider
state changes affecting other state_machines.
(state_change_event_creator::on_state_change): Likewise.
(state_change_event_creator::m_pb): New field.
(diagnostic_manager::add_events_for_eedge): Pass pb to visitor
ctor.
* region-model-impl-calls.cc
(region_model::impl_deallocation_call): New.
* region-model.cc: Include "attribs.h".
(region_model::on_call_post): Handle fndecls referenced by
__attribute__((deallocated_by(FOO))).
* region-model.h (region_model::impl_deallocation_call): New decl.
* sm-malloc.cc: Include "stringpool.h" and "attribs.h". Add
leading comment.
(class api): Delete.
(enum resource_state): Update comment for change from api to
deallocator and deallocator_set.
(allocation_state::allocation_state): Drop api param. Add
"deallocators" and "deallocator".
(allocation_state::m_api): Drop field in favor of...
(allocation_state::m_deallocators): New field.
(allocation_state::m_deallocator): New field.
(enum wording): Add WORDING_DEALLOCATED.
(struct deallocator): New.
(struct standard_deallocator): New.
(struct custom_deallocator): New.
(struct deallocator_set): New.
(struct custom_deallocator_set): New.
(struct standard_deallocator_set): New.
(struct deallocator_set_map_traits): New.
(malloc_state_machine::m_malloc): Drop field
(malloc_state_machine::m_scalar_new): Likewise.
(malloc_state_machine::m_vector_new): Likewise.
(malloc_state_machine::m_free): New field
(malloc_state_machine::m_scalar_delete): Likewise.
(malloc_state_machine::m_vector_delete): Likewise.
(malloc_state_machine::deallocator_map_t): New typedef.
(malloc_state_machine::m_deallocator_map): New field.
(malloc_state_machine::deallocator_set_cache_t): New typedef.
(malloc_state_machine::m_custom_deallocator_set_cache): New field.
(malloc_state_machine::custom_deallocator_set_map_t): New typedef.
(malloc_state_machine::m_custom_deallocator_set_map): New field.
(malloc_state_machine::m_dynamic_sets): New field.
(malloc_state_machine::m_dynamic_deallocators): New field.
(api::api): Delete.
(deallocator::deallocator): New ctor.
(deallocator::hash): New.
(deallocator::dump_to_pp): New.
(deallocator::cmp): New.
(deallocator::cmp_ptr_ptr): New.
(standard_deallocator::standard_deallocator): New ctor.
(deallocator_set::deallocator_set): New ctor.
(deallocator_set::dump): New.
(custom_deallocator_set::custom_deallocator_set): New ctor.
(custom_deallocator_set::contains_p): New.
(custom_deallocator_set::maybe_get_single): New.
(custom_deallocator_set::dump_to_pp): New.
(standard_deallocator_set::standard_deallocator_set): New ctor.
(standard_deallocator_set::contains_p): New.
(standard_deallocator_set::maybe_get_single): New.
(standard_deallocator_set::dump_to_pp): New.
(start_p): New.
(class mismatching_deallocation): Update for conversion from api
to deallocator_set and deallocator.
(double_free::emit): Use %qs.
(class use_after_free): Update for conversion from api to
deallocator_set and deallocator.
(malloc_leak::describe_state_change): Only emit "allocated here" on
a start->nonnull transition, rather than on other transitions to
nonnull.
(allocation_state::dump_to_pp): Update for conversion from api to
deallocator_set.
(allocation_state::get_nonnull): Likewise.
(malloc_state_machine::malloc_state_machine): Likewise.
(malloc_state_machine::~malloc_state_machine): New.
(malloc_state_machine::add_state): Update for conversion from api
to deallocator_set.
(malloc_state_machine::get_or_create_custom_deallocator_set): New.
(malloc_state_machine::maybe_create_custom_deallocator_set): New.
(malloc_state_machine::get_or_create_deallocator): New.
(malloc_state_machine::on_stmt): Update for conversion from api
to deallocator_set. Handle "__attribute__((malloc(FOO)))", and
the special attribute set on FOO.
(malloc_state_machine::on_allocator_call): Update for conversion
from api to deallocator_set. Add "returns_nonnull" param and use
it to affect which state to transition to.
(malloc_state_machine::on_deallocator_call): Update for conversion
from api to deallocator_set.
gcc/ChangeLog:
* attribs.h (fndecl_dealloc_argno): New decl.
* builtins.c (call_dealloc_argno): Split out second half of
function into...
(fndecl_dealloc_argno): New.
* doc/extend.texi (Common Function Attributes): Document the
interaction between the analyzer and the malloc attribute.
* doc/invoke.texi (Static Analyzer Options): Likewise.
gcc/testsuite/ChangeLog:
* gcc.dg/analyzer/attr-malloc-1.c: New test.
* gcc.dg/analyzer/attr-malloc-2.c: New test.
* gcc.dg/analyzer/attr-malloc-4.c: New test.
* gcc.dg/analyzer/attr-malloc-5.c: New test.
* gcc.dg/analyzer/attr-malloc-6.c: New test.
* gcc.dg/analyzer/attr-malloc-CVE-2019-19078-usb-leak.c: New test.
* gcc.dg/analyzer/attr-malloc-misuses.c: New test.
gcc/ChangeLog:
PR middle-end/98160
* builtins.c (warn_dealloc_offset): Avoid assuming calls are made
through declared functions and not pointers.
gcc/testsuite/ChangeLog:
PR middle-end/98160
* g++.dg/warn/pr98160.C: New test.
The function that calls targetm.emit_call_builtin___clear_cache
asserts that each of the begin and end operands has either ptr_mode or
Pmode.
On most targets that is the same mode, but e.g. on aarch64 -mabi=ilp32
or a few others it is different. When a target has a clear cache
non-library handler, it will use create_address_operand which will do the
conversion to the right mode automatically, but when emitting a library
call, we just say the operands are ptr_mode even when they can be Pmode
too; in that case we need to convert explicitly.
2020-12-07 Jakub Jelinek <jakub@redhat.com>
PR target/98147
* builtins.c (default_emit_call_builtin___clear_cache): Call
convert_memory_address to ptr_mode on both begin and end.
* gcc.dg/pr98147.c: New test.
Machines that had CLEAR_CACHE_INSN and that would thus issue calls to
__clear_cache with the default call expander, would fail on languages
that did not set up the __clear_cache builtin. This patch arranges
for all languages to set up this builtin.
Machines or multilibs that had ptr_mode != Pmode, such as aarch64 with
-mabi=ilp32, would fail the RTL mode test of the arguments passed to
__clear_cache, because we'd insist on ptr_mode. This patch arranges
for Pmode to be accepted as well.
for gcc/ChangeLog
* tree.c (build_common_builtin_nodes): Declare
__builtin___clear_cache for all languages.
* builtins.c (maybe_emit_call_builtin___clear_cache): Accept
Pmode arguments.
This patch introduces maybe_emit_call_builtin___clear_cache for the
builtin expander machinery and the trampoline initializers to use to
clear the instruction cache, removing a source of inconsistencies and
subtle errors in low-level machinery.
I've adjusted all trampoline_init implementations that used to issue
explicit calls to __clear_cache or similar to use this new primitive.
Specifically on vxworks targets, we needed to drop the __clear_cache
symbol in libgcc, for reasons related with linking that I didn't need
to understand, and we wanted to call cacheTextUpdate directly, despite
the different calling conventions: the second argument is a length
rather than the end address.
So I introduced a target hook to enable target OS-level overriding of
builtin __clear_cache call emission, retaining nearly (*) the same
logic to govern the decision on whether to emit a call (or nothing, or
a machine-dependent insn) but enabling a call to a target
system-defined function with different calling conventions to be
issued, without having to modify .md files of the various
architectures supported by the target system to introduce or modify
clear_cache insns.
(*) I write "nearly" mainly because, when not optimizing, we'd issue a
call regardless, but since the call may now be overridden, I added it
to the set of builtins that are not directly turned into calls when
not optimizing, following the normal expansion path instead. It
wouldn't be hard to skip the emission of cache-clearing insns when not
optimizing, but it didn't seem very important, especially for the new
uses from trampoline init.
Another difference that might be relevant is that now we expand
the begin and end arguments unconditionally. This might make a
difference if they have side effects. That's prettty much impossible
at expand time, but I thought I'd mention it.
I have NOT modified targets that did not issue cache-clearing calls in
trampoline init to use the new clear_cache-calling infrastructure even
if it would expand to nothing. I have considered doing so, to have
__builtin___clear_cache and trampoline init call cacheTextUpdate on
all vxworks targets, but decided not to, since on targets that don't
do any cache clearing, cacheTextUpdate ought to be a no-op, even
though rs6000 seems to use icbi and dcbf instructions in the function
called to initialize a trampoline, but AFAICT not in the __clear_cache
builtin. Hopefully target maintainers will have a look and take
advantage of this new piece of infrastructure to remove such
(apparent?) inconsistencies. Not rs6000 and other that call asm-coded
trampoline setup instructions, for sure, but they might wish to
introduce a CLEAR_INSN_CACHE macro or a clear_cache expander if they
don't have one.
for gcc/ChangeLog
* builtins.c (default_emit_call_builtin___clear_cache): New.
(maybe_emit_call_builtin___clear_cache): New.
(expand_builtin___clear_cache): Split into the above.
(expand_builtin): Do not issue clear_cache call any more.
* builtins.h (maybe_emit_call_builtin___clear_cache): Declare.
* config/aarch64/aarch64.c (aarch64_trampoline_init): Use
maybe_emit_call_builtin___clear_cache.
* config/arc/arc.c (arc_trampoline_init): Likewise.
* config/arm/arm.c (arm_trampoline_init): Likewise.
* config/c6x/c6x.c (c6x_initialize_trampoline): Likewise.
* config/csky/csky.c (csky_trampoline_init): Likewise.
* config/m68k/linux.h (FInALIZE_TRAMPOLINE): Likewise.
* config/tilegx/tilegx.c (tilegx_trampoline_init): Likewise.
* config/tilepro/tilepro.c (tilepro_trampoline_init): Ditto.
* config/vxworks.c: Include rtl.h, memmodel.h, and optabs.h.
(vxworks_emit_call_builtin___clear_cache): New.
* config/vxworks.h (CLEAR_INSN_CACHE): Drop.
(TARGET_EMIT_CALL_BUILTIN___CLEAR_CACHE): Define.
* target.def (trampoline_init): In the documentation, refer to
maybe_emit_call_builtin___clear_cache.
(emit_call_builtin___clear_cache): New.
* doc/tm.texi.in: Add new hook point.
(CLEAR_CACHE_INSN): Remove duplicate 'both'.
* doc/tm.texi: Rebuilt.
* targhooks.h (default_meit_call_builtin___clear_cache):
Declare.
* tree.h (BUILTIN_ASM_NAME_PTR): New.
for libgcc/ChangeLog
* config/t-vxworks (LIB2ADD): Drop.
* config/t-vxworks7 (LIB2ADD): Likewise.
* config/vxcache.c: Remove.
gcc/ChangeLog:
PR middle-end/97373
* builtins.c (compute_objsize): Rename...
(compute_objsize_r): to this. Change order and types of arguments.
Use new argument. Adjust calls to self.
(access_ref::get_ref): New member function.
(pointer_query::pointer_query): New member function.
(pointer_query::get_ref): Same.
(pointer_query::put_ref): Same.
(handle_min_max_size): Change order and types of arguments.
(maybe_emit_free_warning): Add a test.
* builtins.h (class pointer_query): New class.
(compute_objsize): Declare an overload.
* gimple-ssa-sprintf.c (get_destination_size): Add argument.
(handle_printf_call): Change argument type.
* tree-ssa-strlen.c (adjust_last_stmt): Add an argument and use it.
(maybe_warn_overflow): Same.
(handle_builtin_strcpy): Same.
(maybe_diag_stxncpy_trunc): Same.
(handle_builtin_memcpy): Change argument type. Adjust calls.
(handle_builtin_strcat): Same.
(handle_builtin_memset): Same.
(handle_store): Same.
(strlen_check_and_optimize_call): Same.
(check_and_optimize_stmt): Same.
(strlen_dom_walker): Add new data members.
(strlen_dom_walker::before_dom_children): Use new member.
(printf_strlen_execute): Dump cache performance counters. Remove
objsize pass cleanup.
* tree-ssa-strlen.h (maybe_diag_stxncpy_trunc): Add argument.
(handle_printf_call): Change argument type.
gcc/testsuite/ChangeLog:
PR middle-end/97373
* gcc.dg/tree-ssa/builtin-sprintf-warn-25.c: New test.
PR middle-end/92936 - missing warning on a past-the-end store to a PHI
PR middle-end/92940 - incorrect offset and size in -Wstringop-overflow for out-of-bounds store into VLA and two offset ranges
PR middle-end/89428 - missing -Wstringop-overflow on a PHI with variable offset
gcc/ChangeLog:
PR middle-end/92936
PR middle-end/92940
PR middle-end/89428
* builtins.c (access_ref::access_ref): Initialize member.
(access_ref::phi): New function.
(access_ref::get_ref): New function.
(access_ref::add_offset): Remove duplicate assignment.
(maybe_warn_for_bound): Add "maybe" kind of warning messages.
(warn_for_access): Same.
(inform_access): Rename...
(access_ref::inform_access): ...to this. Print PHI arguments. Format
offset the same as size and simplify. Improve printing of allocation
functions and VLAs.
(check_access): Adjust to the above.
(gimple_parm_array_size): Change argument.
(handle_min_max_size): New function.
* builtins.h (class ssa_name_limit_t): Move class here from
tree-ssa-strlen.c.
(struct access_ref): Declare new members.
(gimple_parm_array_size): Change argument.
* tree-ssa-strlen.c (maybe_warn_overflow): Use access_ref and simplify.
(handle_builtin_memcpy): Correct argument passed to maybe_warn_overflow.
(handle_builtin_memset): Same.
(class ssa_name_limit_t): Move class to builtins.{h,c}.
gcc/testsuite/ChangeLog:
PR middle-end/92936
PR middle-end/92940
PR middle-end/89428
* c-c++-common/Wstringop-overflow-2.c: Adjust text of expected
informational notes.
* g++.dg/warn/Wstringop-overflow-3.C: Same.
* g++.dg/warn/Wplacement-new-size.C: Remove a test for a no longer
issued warning.
* gcc.dg/Warray-bounds-43.c: Removed unused declarations.
* gcc.dg/Wstringop-overflow-11.c: Remove xfails.
* gcc.dg/Wstringop-overflow-12.c: Same.
* gcc.dg/Wstringop-overflow-17.c: Adjust text of expected messages.
* gcc.dg/Wstringop-overflow-27.c: Same. Remove xfails.
* gcc.dg/Wstringop-overflow-28.c: Adjust text of expected messages.
* gcc.dg/Wstringop-overflow-29.c: Same.
* gcc.dg/Wstringop-overflow-37.c: Same.
* gcc.dg/Wstringop-overflow-46.c: Same.
* gcc.dg/Wstringop-overflow-47.c: Same.
* gcc.dg/Wstringop-overflow-54.c: Same.
* gcc.dg/warn-strnlen-no-nul.c: Add expected warning.
* gcc.dg/Wstringop-overflow-7.c: New test.
* gcc.dg/Wstringop-overflow-58.c: New test.
* gcc.dg/Wstringop-overflow-59.c: New test.
* gcc.dg/Wstringop-overflow-60.c: New test.
* gcc.dg/Wstringop-overflow-61.c: New test.
* gcc.dg/Wstringop-overflow-62.c: New test.
* gcc.dg/Wstringop-overflow-63.c: New test.
* gcc.dg/Wstringop-overflow-64.c: New test.
After building some larger codes using opaque types and some c++ codes
using opaque types it became clear I needed to go through and look for
places where opaque types and modes needed to be handled. A whole pile
of one-liners.
gcc/
* typeclass.h: Add opaque_type_class.
* builtins.c (type_to_class): Identify opaque type class.
* dwarf2out.c (is_base_type): Handle opaque types.
(gen_type_die_with_usage): Handle opaque types.
* expr.c (count_type_elements): Opaque types should
never have initializers.
* ipa-devirt.c (odr_types_equivalent_p): No type-specific handling
for opaque types is needed as it eventually checks the underlying
mode which is what is important.
* tree-streamer.c (record_common_node): Handle opaque types.
* tree.c (type_contains_placeholder_1): Handle opaque types.
(type_cache_hasher::equal): No additional comparison needed for
opaque types.
gcc/c-family
* c-pretty-print.c (c_pretty_printer::simple_type_specifier):
Treat opaque types like other types.
(c_pretty_printer::direct_abstract_declarator): Opaque types are
supported types.
gcc/c
* c-aux-info.c (gen_type): Support opaque types.
gcc/cp
* error.c (dump_type): Handle opaque types.
(dump_type_prefix): Handle opaque types.
(dump_type_suffix): Handle opaque types.
(dump_expr): Handle opaque types.
* pt.c (tsubst): Allow opaque types in templates.
(unify): Allow opaque types in templates.
* typeck.c (structural_comptypes): Handle comparison
of opaque types.
The motivation for this patch is PR middle-end/85811, a wrong-code
regression entitled "Invalid optimization with fmax, fabs and nan".
The optimization involves assuming max(x,y) is non-negative if (say)
y is non-negative, i.e. max(x,2.0). Unfortunately, this is an invalid
assumption in the presence of NaNs. Hence max(x,+qNaN), with IEEE fmax
semantics will always return x even though the qNaN is non-negative.
Worse, max(x,2.0) may return a negative value if x is -sNaN.
I'll quote Joseph Myers (many thanks) who describes things clearly as:
> (a) When both arguments are NaNs, the return value should be a qNaN,
> but sometimes it is an sNaN if at least one argument is an sNaN.
> (b) Under TS 18661-1 semantics, if either argument is an sNaN then the
> result should be a qNaN (whereas if one argument is a qNaN and the
> other is not a NaN, the result should be the non-NaN argument).
> Various implementations treat sNaNs like qNaNs here.
Under this logic, the tree_expr_nonnegative_p for IEEE fmax should be:
CASE_CFN_FMAX:
CASE_CFN_FMAX_FN:
/* Usually RECURSE (arg0) || RECURSE (arg1) but NaNs complicate
things. In the presence of sNaNs, we're only guaranteed to be
non-negative if both operands are non-negative. In the presence
of qNaNs, we're non-negative if either operand is non-negative
and can't be a qNaN, or if both operands are non-negative. */
if (tree_expr_maybe_signaling_nan_p (arg0) ||
tree_expr_maybe_signaling_nan_p (arg1))
return RECURSE (arg0) && RECURSE (arg1);
return RECURSE (arg0) ? (!tree_expr_maybe_nan_p (arg0)
|| RECURSE (arg1))
: (RECURSE (arg1)
&& !tree_expr_maybe_nan_p (arg1));
Which indeed resolves the wrong code in the PR. The infrastructure that
makes this possible are the two new functions tree_expr_maybe_nan_p and
tree_expr_maybe_signaling_nan_p which test whether a value may potentially
be a NaN or a signaling NaN respectively. In fact, this patch adds seven
new predicates to the middle-end:
bool tree_expr_finite_p (const_tree);
bool tree_expr_infinite_p (const_tree);
bool tree_expr_maybe_infinite_p (const_tree);
bool tree_expr_signaling_nan_p (const_tree);
bool tree_expr_maybe_signaling_nan_p (const_tree);
bool tree_expr_nan_p (const_tree);
bool tree_expr_maybe_nan_p (const_tree);
These functions correspond to the "must" and "may" operators in modal logic,
and allow us to triage expressions in the middle-end; definitely a NaN,
definitely not a NaN, and unknown at compile-time, etc. A prime example of
the utility of these functions is that a IEEE floating point value promoted
from an integer type can't be a NaN or infinite. Hence (double)i+0.0 where
i is an integer can be simplified to (double)i even with -fsignaling-nans.
Currently in GCC optimizations are enabled/disabled based on whether the
expression's type supports NaNs or sNaNs; with these new predicates they
can be controlled by whether the actual operands may or may not be NaNs.
Having added these extremely useful helper functions to the middle-end,
I couldn't help by use then in a few places in fold-const.c, builtins.c
and match.pd. In the near term, these can/should be used in places
where the tree optimizers test for HONOR_NANS, HONOR_INFINITIES or
HONOR_SNANS, or explicitly test whether a REAL_CST is a NaN or Inf.
In the longer term (I'm not volunteering) these predicates could perhaps
be hooked into the middle-end's SSA chaining and/or VRP machinery,
allowing finiteness to propagated around the CFG, much like we
currently propagate value ranges.
This patch has been tested on x86_64-pc-linux-gnu with a "make bootstrap"
and "make -k check".
Ok for mainline?
2020-08-15 Roger Sayle <roger@nextmovesoftware.com>
gcc/ChangeLog
PR middle-end/85811
* fold-const.c (tree_expr_finite_p): New function to test whether
a tree expression must be finite, i.e. not a FP NaN or infinity.
(tree_expr_infinite_p): New function to test whether a tree
expression must be infinite, i.e. a FP infinity.
(tree_expr_maybe_infinite_p): New function to test whether a tree
expression may be infinite, i.e. a FP infinity.
(tree_expr_signaling_nan_p): New function to test whether a tree
expression must evaluate to a signaling NaN (sNaN).
(tree_expr_maybe_signaling_nan_p): New function to test whether a
tree expression may be a signaling NaN (sNaN).
(tree_expr_nan_p): New function to test whether a tree expression
must evaluate to a (quiet or signaling) NaN.
(tree_expr_maybe_nan_p): New function to test whether a tree
expression me be a (quiet or signaling) NaN.
(tree_binary_nonnegative_warnv_p) [MAX_EXPR]: In the presence
of NaNs, MAX_EXPR is only guaranteed to be non-negative, if both
operands are non-negative.
(tree_call_nonnegative_warnv_p) [CASE_CFN_FMAX,CASE_CFN_FMAX_FN]:
In the presence of signaling NaNs, fmax is only guaranteed to be
non-negative if both operands are negative. In the presence of
quiet NaNs, fmax is non-negative if either operand is non-negative
and not a qNaN, or both operands are non-negative.
* fold-const.h (tree_expr_finite_p, tree_expr_infinite_p,
tree_expr_maybe_infinite_p, tree_expr_signaling_nan_p,
tree_expr_maybe_signaling_nan_p, tree_expr_nan_p,
tree_expr_maybe_nan_p): Prototype new functions here.
* builtins.c (fold_builtin_classify) [BUILT_IN_ISINF]: Fold to
a constant if argument is known to be (or not to be) an Infinity.
[BUILT_IN_ISFINITE]: Fold to a constant if argument is known to
be (or not to be) finite.
[BUILT_IN_ISNAN]: Fold to a constant if argument is known to be
(or not to be) a NaN.
(fold_builtin_fpclassify): Check tree_expr_maybe_infinite_p and
tree_expr_maybe_nan_p instead of HONOR_INFINITIES and HONOR_NANS
respectively.
(fold_builtin_unordered_cmp): Fold UNORDERED_EXPR to a constant
when its arguments are known to be (or not be) NaNs. Check
tree_expr_maybe_nan_p instead of HONOR_NANS when choosing between
unordered and regular forms of comparison operators.
* match.pd (ordered(x,y)->true/false): Constant fold ORDERED_EXPR
if its operands are known to be (or not to be) NaNs.
(unordered(x,y)->true/false): Constant fold UNORDERED_EXPR if its
operands are known to be (or not to be) NaNs.
(sqrt(x)*sqrt(x)->x): Check tree_expr_maybe_signaling_nan_p instead
of HONOR_SNANS.
gcc/testsuite/ChangeLog
PR middle-end/85811
* gcc.dg/pr85811.c: New test.
* gcc.dg/fold-isfinite-1.c: New test.
* gcc.dg/fold-isfinite-2.c: New test.
* gcc.dg/fold-isinf-1.c: New test.
* gcc.dg/fold-isinf-2.c: New test.
* gcc.dg/fold-isnan-1.c: New test.
* gcc.dg/fold-isnan-2.c: New test.
For now, task/taskloop constructs aren't handled and C/C++ array reductions
and reductions with task or inscan modifiers need further work.
Instead of calling omp_alloc/omp_free (where the former doesn't have
alignment argument and omp_aligned_alloc is 5.1 only feature), this calls
GOMP_alloc/GOMP_free, so that the library can fail if it would fall back
into NULL (exception is zero length allocations).
2020-11-12 Jakub Jelinek <jakub@redhat.com>
gcc/
* builtin-types.def (BT_FN_PTR_SIZE_SIZE_PTRMODE): New function type.
* omp-builtins.def (BUILT_IN_GOACC_DECLARE): Move earlier.
(BUILT_IN_GOMP_ALLOC, BUILT_IN_GOMP_FREE): New builtins.
* gimplify.c (gimplify_scan_omp_clauses): Force allocator into a
decl if it is not NULL, INTEGER_CST or decl.
(gimplify_adjust_omp_clauses): Clear GOVD_EXPLICIT on explicit clauses
which are being removed. Remove allocate clauses for variables not seen
if they are private, firstprivate or linear too. Call
omp_notice_variable on the allocator otherwise.
(gimplify_omp_for): Handle iterator vars mentioned in allocate clauses
similarly to non-is_gimple_reg iterators.
* omp-low.c (struct omp_context): Add allocate_map field.
(delete_omp_context): Delete it.
(scan_sharing_clauses): Fill it from allocate clauses. Remove it
if mentioned also in shared clause.
(lower_private_allocate): New function.
(lower_rec_input_clauses): Handle allocate clause for privatized
variables, except for task/taskloop, C/C++ array reductions for now
and task/inscan variables.
(lower_send_shared_vars): Don't consider variables in allocate_map
as shared.
* omp-expand.c (expand_omp_for_generic, expand_omp_for_static_nochunk,
expand_omp_for_static_chunk): Use expand_omp_build_assign instead of
gimple_build_assign + gsi_insert_after.
* builtins.c (builtin_fnspec): Handle BUILTIN_GOMP_ALLOC and
BUILTIN_GOMP_FREE.
* tree-ssa-ccp.c (evaluate_stmt): Handle BUILTIN_GOMP_ALLOC.
* tree-ssa-dce.c (mark_stmt_if_obviously_necessary): Handle
BUILTIN_GOMP_ALLOC.
(mark_all_reaching_defs_necessary_1): Handle BUILTIN_GOMP_ALLOC
and BUILTIN_GOMP_FREE.
(propagate_necessity): Likewise.
gcc/fortran/
* f95-lang.c (ATTR_ALLOC_WARN_UNUSED_RESULT_SIZE_2_NOTHROW_LIST):
Define.
(gfc_init_builtin_functions): Add alloc_size and warn_unused_result
attributes to __builtin_GOMP_alloc.
* types.def (BT_PTRMODE): New primitive type.
(BT_FN_VOID_PTR_PTRMODE, BT_FN_PTR_SIZE_SIZE_PTRMODE): New function
types.
libgomp/
* libgomp.map (GOMP_alloc, GOMP_free): Export at GOMP_5.0.1.
* omp.h.in (omp_alloc): Add malloc and alloc_size attributes.
* libgomp_g.h (GOMP_alloc, GOMP_free): Declare.
* allocator.c (omp_aligned_alloc): New for now static function,
add alignment argument and handle it.
(omp_alloc): Reimplement using omp_aligned_alloc.
(GOMP_alloc, GOMP_free): New functions.
(omp_free): Add ialias.
* testsuite/libgomp.c-c++-common/allocate-1.c: New test.
* testsuite/libgomp.c++/allocate-1.C: New test.
gcc/ChangeLog:
PR middle-end/97556
* builtins.c (access_ref::add_offset): Cap offset lower bound
to at most the the upper bound.
gcc/testsuite/ChangeLog:
PR middle-end/97556
* gcc.dg/Warray-bounds-70.c: New test.
* attr-fnspec.h: Update toplevel comment.
(attr_fnspec::attr_fnspec): New constructor.
(attr_fnspec::arg_read_p,
attr_fnspec::arg_written_p,
attr_fnspec::arg_access_size_given_by_arg_p,
attr_fnspec::arg_single_access_p
attr_fnspec::loads_known_p
attr_fnspec::stores_known_p,
attr_fnspec::clobbers_errno_p): New member functions.
(gimple_call_fnspec): Declare.
(builtin_fnspec): Declare.
* builtins.c: Include attr-fnspec.h
(builtin_fnspec): New function.
* builtins.def (BUILT_IN_MEMCPY): Do not specify RET1 fnspec.
(BUILT_IN_MEMMOVE): Do not specify RET1 fnspec.
(BUILT_IN_MEMSET): Do not specify RET1 fnspec.
(BUILT_IN_STRCAT): Do not specify RET1 fnspec.
(BUILT_IN_STRCPY): Do not specify RET1 fnspec.
(BUILT_IN_STRNCAT): Do not specify RET1 fnspec.
(BUILT_IN_STRNCPY): Do not specify RET1 fnspec.
(BUILT_IN_MEMCPY_CHK): Do not specify RET1 fnspec.
(BUILT_IN_MEMMOVE_CHK): Do not specify RET1 fnspec.
(BUILT_IN_MEMSET_CHK): Do not specify RET1 fnspec.
(BUILT_IN_STRCAT_CHK): Do not specify RET1 fnspec.
(BUILT_IN_STRCPY_CHK): Do not specify RET1 fnspec.
(BUILT_IN_STRNCAT_CHK): Do not specify RET1 fnspec.
(BUILT_IN_STRNCPY_CHK): Do not specify RET1 fnspec.
* gimple.c (gimple_call_fnspec): Return attr_fnspec.
(gimple_call_arg_flags): Update.
(gimple_call_return_flags): Update.
* tree-ssa-alias.c (check_fnspec): New function.
(ref_maybe_used_by_call_p_1): Use fnspec for builtin handling.
(call_may_clobber_ref_p_1): Likewise.
(attr_fnspec::verify): Update verifier.
* calls.c (decl_fnspec): New function.
(decl_return_flags): Use it.
gcc/ChangeLog:
PR middle-end/97391
* builtins.c (gimple_parm_array_size): Peel off one less layer
of array types.
gcc/testsuite/ChangeLog:
PR middle-end/97391
* gcc.dg/Warray-bounds-68.c: New test.
Martin Liška reported warnings about type mismatches in the cases in
the recently-introduced mathfn_built_in_type. This patch adjusts the
macros to use the combined_fn enumerators rather than the
(currently same-numbered) built_in_function ones.
for gcc/ChangeLog
* builtins.c (mathfn_built_in_type): Use CFN_ enumerators.
Also resolves:
PR middle-end/97342 - bogus -Wstringop-overflow with nonzero signed and unsigned offsets
PR middle-end/97023 - missing warning on buffer overflow in chained mempcpy
PR middle-end/96384 - bogus -Wstringop-overflow= storing into multidimensional array with index in range
gcc/ChangeLog:
PR middle-end/97342
PR middle-end/97023
PR middle-end/96384
* builtins.c (access_ref::access_ref): Initialize new member. Use
new enum.
(access_ref::size_remaining): Define new member function.
(inform_access): Handle expressions referencing objects.
(gimple_call_alloc_size): Call get_size_range instead of get_range.
(gimple_call_return_array): New function.
(get_range): Rename...
(get_offset_range): ...to this. Improve detection of ranges from
types of expressions.
(gimple_call_return_array): Adjust calls to get_range per above.
(compute_objsize): Same. Set maximum size or offset instead of
failing for unknown objects and handle more kinds of expressions.
(compute_objsize): Call access_ref::size_remaining.
(compute_objsize): Have transitional wrapper fail for pointers
into unknown objects.
(expand_builtin_strncmp): Call access_ref::size_remaining and
handle new cases.
* builtins.h (access_ref::size_remaining): Declare new member function.
(access_ref::set_max_size_range): Define new member function.
(access_ref::add_ofset, access_ref::add_max_ofset): Same.
(access_ref::add_base0): New data member.
* calls.c (get_size_range): Change argument type. Handle new
condition.
* calls.h (get_size_range): Adjust signature.
(enum size_range_flags): Define new type.
* gimple-ssa-warn-restrict.c (builtin_memref::builtin_memref): Correct
argument to get_size_range.
* tree-ssa-strlen.c (get_range): Handle anti-ranges.
(maybe_warn_overflow): Check DECL_P before assuming it's one.
gcc/testsuite/ChangeLog:
PR middle-end/97342
PR middle-end/97023
PR middle-end/96384
* c-c++-common/Wrestrict.c: Adjust comment.
* gcc.dg/Wstringop-overflow-34.c: Remove xfail.
* gcc.dg/Wstringop-overflow-43.c: Remove xfails. Adjust regex patterns.
* gcc.dg/pr51683.c: Prune out expected warning.
* gcc.target/i386/pr60693.c: Same.
* g++.dg/warn/Wplacement-new-size-8.C: New test.
* gcc.dg/Wstringop-overflow-41.c: New test.
* gcc.dg/Wstringop-overflow-44.s: New test.
* gcc.dg/Wstringop-overflow-45.c: New test.
* gcc.dg/Wstringop-overflow-46.c: New test.
* gcc.dg/Wstringop-overflow-47.c: New test.
* gcc.dg/Wstringop-overflow-49.c: New test.
* gcc.dg/Wstringop-overflow-50.c: New test.
* gcc.dg/Wstringop-overflow-51.c: New test.
* gcc.dg/Wstringop-overflow-52.c: New test.
* gcc.dg/Wstringop-overflow-53.c: New test.
* gcc.dg/Wstringop-overflow-54.c: New test.
* gcc.dg/Wstringop-overflow-55.c: New test.
* gcc.dg/Wstringop-overread-5.c: New test.
Resolves:
PR c++/96511 - Incorrect -Wplacement-new on POINTER_PLUS into an array with 4-byte elements
PR middle-end/96384 - bogus -Wstringop-overflow= storing into multidimensional array with index in range
gcc/ChangeLog:
PR c++/96511
PR middle-end/96384
* builtins.c (get_range): Return full range of type when neither
value nor its range is available. Fail for ranges inverted due
to the signedness of offsets.
(compute_objsize): Handle more special array members. Handle
POINTER_PLUS_EXPR and VIEW_CONVERT_EXPR that come up in front end
code.
(access_ref::offset_bounded): Define new member function.
* builtins.h (access_ref::eval): New data member.
(access_ref::offset_bounded): New member function.
(access_ref::offset_zero): New member function.
(compute_objsize): Declare a new overload.
* gimple-array-bounds.cc (array_bounds_checker::check_array_ref): Use
enum special_array_member.
* tree.c (component_ref_size): Use special_array_member.
* tree.h (special_array_member): Define a new type.
(component_ref_size): Change signature.
gcc/cp/ChangeLog:
PR c++/96511
PR middle-end/96384
* init.c (warn_placement_new_too_small): Call builtin_objsize instead
of duplicating what it does.
gcc/testsuite/ChangeLog:
PR c++/96511
PR middle-end/96384
* g++.dg/init/strlen.C: Add expected warning.
* g++.dg/warn/Wplacement-new-size-1.C: Relax warnings.
* g++.dg/warn/Wplacement-new-size-2.C: Same.
* g++.dg/warn/Wplacement-new-size-6.C: Same.
* gcc.dg/Warray-bounds-58.c: Adjust
* gcc.dg/Wstringop-overflow-37.c: Same.
* g++.dg/warn/Wplacement-new-size-7.C: New test.
This is a first step towards enabling the sincos optimization in Ada.
The issue this patch solves is that sincos takes the type to be looked
up with mathfn_built_in from variables or temporaries passed as
arguments to SIN and COS intrinsics. In Ada, different float types
may be used but, despite their representation equivalence, their
distinctness causes the optimization to be skipped, because they are
not the types that mathfn_built_in expects.
This patch introduces a function that maps intrinsics to the type
they're associated with, and uses that type, obtained from the
intrinsics used in calls to be optimized, to look up the correspoding
CEXPI intrinsic.
For the sake of defensive programming, when using the type obtained
from the intrinsic, it now checks that, if different types are found
for the used argument, or for other calls that use it, that the types
are interchangeable.
for gcc/ChangeLog
* builtins.c (mathfn_built_in_type): New.
* builtins.h (mathfn_built_in_type): Declare.
* tree-ssa-math-opts.c (execute_cse_sincos_1): Use it to
obtain the type expected by the intrinsic.
GCC has a target hook TARGET_LIBC_HAS_FUNCTION, which tells the compiler
which functions it can expect to be present in libc.
The default target hook does not include the sincos functions.
The nvptx port of newlib does include sincos and sincosf, but not sincosl.
The target hook TARGET_LIBC_HAS_FUNCTION does not distinguish between sincos,
sincosf and sincosl, so if we enable it for the sincos functions, then for
test.c:
...
long double x, a, b;
int main (void) {
x = 0.5;
a = sinl (x);
b = cosl (x);
printf ("a: %f\n", (double)a);
printf ("b: %f\n", (double)b);
return 0;
}
...
we introduce a regression:
...
$ gcc test.c -lm -O2
unresolved symbol sincosl
collect2: error: ld returned 1 exit status
...
Add a type argument to target hook TARGET_LIBC_HAS_FUNCTION_TYPE, and use it
in nvptx_libc_has_function_type to enable sincos and sincosf, but not sincosl.
Build and reg-tested on x86_64-linux.
Build and tested on nvptx.
gcc/ChangeLog:
2020-09-28 Tobias Burnus <tobias@codesourcery.com>
Tom de Vries <tdevries@suse.de>
* builtins.c (expand_builtin_cexpi, fold_builtin_sincos): Update
targetm.libc_has_function call.
* builtins.def (DEF_C94_BUILTIN, DEF_C99_BUILTIN, DEF_C11_BUILTIN):
(DEF_C2X_BUILTIN, DEF_C99_COMPL_BUILTIN, DEF_C99_C90RES_BUILTIN):
Same.
* config/darwin-protos.h (darwin_libc_has_function): Update prototype.
* config/darwin.c (darwin_libc_has_function): Add arg.
* config/linux-protos.h (linux_libc_has_function): Update prototype.
* config/linux.c (linux_libc_has_function): Add arg.
* config/i386/i386.c (ix86_libc_has_function): Update
targetm.libc_has_function call.
* config/nvptx/nvptx.c (nvptx_libc_has_function): New function.
(TARGET_LIBC_HAS_FUNCTION): Redefine to nvptx_libc_has_function.
* convert.c (convert_to_integer_1): Update targetm.libc_has_function
call.
* match.pd: Same.
* target.def (libc_has_function): Add arg.
* doc/tm.texi: Regenerate.
* targhooks.c (default_libc_has_function, gnu_libc_has_function)
(no_c99_libc_has_function): Add arg.
* targhooks.h (default_libc_has_function, no_c99_libc_has_function)
(gnu_libc_has_function): Update prototype.
* tree-ssa-math-opts.c (pass_cse_sincos::execute): Update
targetm.libc_has_function call.
gcc/fortran/ChangeLog:
2020-09-30 Tom de Vries <tdevries@suse.de>
* f95-lang.c (gfc_init_builtin_functions): Update
targetm.libc_has_function call.
gcc/ChangeLog:
PR middle-end/97175
* builtins.c (maybe_warn_for_bound): Handle both DECLs and EXPRESSIONs
in pad->dst.ref, same is pad->src.ref.
gcc/testsuite/ChangeLog:
PR middle-end/97175
* gcc.dg/Wstringop-overflow-44.c: New test.
gcc/ChangeLog:
* builtins.c (compute_objsize): Only replace the upper bound
of a POINTER_PLUS offset when it's less than the lower bound.
gcc/testsuite/ChangeLog:
* gcc.dg/Wstringop-overflow.c: Remove xfails.
* gcc.dg/Wstringop-overflow-42.c: New test.
* gcc.dg/Wstringop-overread-4.c: New test.
Anti ranges of ~[MIN,X] are automatically canonicalized to [X+1,MAX],
at creation time. There is no need to handle them specially.
Tested by adding a gcc_unreachable and bootstrapping/testing.
gcc/ChangeLog:
* builtins.c (determine_block_size): Remove ad-hoc range canonicalization.
As mentioned in the PR, we generate a useless movzbl insn before lock cmpxchg.
The problem is that the builtin for the char/short cases has the arguments
promoted to int and combine gives up, because the instructions have
MEM_VOLATILE_P arguments and recog in that case doesn't recognize anything
when volatile_ok is false, and nothing afterwards optimizes the
(reg:SI a) = (zero_extend:SI (reg:QI a))
... (subreg:QI (reg:SI a) 0) ...
The following patch fixes it at expansion time, we already have a function
that is meant to undo the promotion, so this just adds the very common case
to that.
2020-07-15 Jakub Jelinek <jakub@redhat.com>
PR target/96176
* builtins.c: Include gimple-ssa.h, tree-ssa-live.h and
tree-outof-ssa.h.
(expand_expr_force_mode): If exp is a SSA_NAME with different mode
from MODE and get_gimple_for_ssa_name is a cast from MODE, use the
cast's rhs.
* gcc.target/i386/pr96176.c: New test.
This patch introduces a new builtin named __builtin_bswap128 on targets
where TImode is supported, i.e. 64-bit targets only in practice. The
implementation simply reuses the existing double word path in optab, so
no routine is added to libgcc (which means that you get two calls to
_bswapdi2 in the worst case).
gcc/ChangeLog:
* builtin-types.def (BT_UINT128): New primitive type.
(BT_FN_UINT128_UINT128): New function type.
* builtins.def (BUILT_IN_BSWAP128): New GCC builtin.
* doc/extend.texi (__builtin_bswap128): Document it.
* builtins.c (expand_builtin): Deal with BUILT_IN_BSWAP128.
(is_inexpensive_builtin): Likewise.
* fold-const-call.c (fold_const_call_ss): Likewise.
* fold-const.c (tree_call_nonnegative_warnv_p): Likewise.
* tree-ssa-ccp.c (evaluate_stmt): Likewise.
* tree-vect-stmts.c (vect_get_data_ptr_increment): Likewise.
(vectorizable_call): Likewise.
* optabs.c (expand_unop): Always use the double word path for it.
* tree-core.h (enum tree_index): Add TI_UINT128_TYPE.
* tree.h (uint128_type_node): New global type.
* tree.c (build_common_tree_nodes): Build it if TImode is supported.
gcc/testsuite/ChangeLog:
* gcc.dg/builtin-bswap-10.c: New test.
* gcc.dg/builtin-bswap-11.c: Likewise.
* gcc.dg/builtin-bswap-12.c: Likewise.
* gcc.target/i386/builtin-bswap-5.c: Likewise.
The following testcase FAILs with -O2 -fcompare-debug, but the reason isn't
that we'd emit different code based on -g or non-debug, but rather that
we emit different code depending on whether -w is used or not (or e.g.
-Wno-stringop-overflow or whether some other pass emitted some other warning
already on the call).
Code generation shouldn't depend on whether we emit a warning or not if at
all possible.
The following patch punts (i.e. doesn't optimize the strnlen call to a
constant value) if we would emit the warning if it was enabled.
In the PR there is an alternate patch which does optimize the strnlen call
no matter if we emit the warning or not, though I think I prefer the version
below, e.g. the strnlen call might be crossing field boundaries, which is in
strict reading undefined, but I'd be afraid people do that in the real
world programs.
2020-03-17 Jakub Jelinek <jakub@redhat.com>
PR middle-end/94189
* builtins.c (expand_builtin_strnlen): Do return NULL_RTX if we would
emit a warning if it was enabled and don't depend on TREE_NO_WARNING
for code-generation.
* gcc.dg/pr94189.c: New test.
