https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103073
--- Comment #7 from rguenther at suse dot de <rguenther at suse dot de> --- On Thu, 4 Nov 2021, hubicka at gcc dot gnu.org wrote: > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103073 > > Jan Hubicka <hubicka at gcc dot gnu.org> changed: > > What |Removed |Added > ---------------------------------------------------------------------------- > CC| |rguenther at suse dot de > > --- Comment #5 from Jan Hubicka <hubicka at gcc dot gnu.org> --- > OK, after some inlining we produce an access past the end of array which makes > get_base_ref_and_extend to produce an access with size==8 and max_size==0. > Modref access merging is built on an assumption that max_size>size (if both > are > known). > > The access is (*g_18(D))[3][_207];: > <array_ref 0x7ffff756f0e0 > type <boolean_type 0x7ffff73ebb28 bool public unsigned type_6 QI > size <integer_cst 0x7ffff73ed030 constant 8> > unit-size <integer_cst 0x7ffff73ed048 constant 1> > align:8 warn_if_not_align:0 symtab:0 alias-set 1 canonical-type > 0x7ffff73ebb28 precision:1 min <integer_cst 0x7ffff73ed288 0> max <integer_cst > 0x7ffff73ed2b8 1> > pointer_to_this <pointer_type 0x7ffff7534bd0>> > > arg:0 <array_ref 0x7ffff756f118 > type <array_type 0x7ffff7534dc8 type <boolean_type 0x7ffff73ebb28 > bool> > type_6 BLK > size <integer_cst 0x7ffff7541ae0 constant 168> > unit-size <integer_cst 0x7ffff7541ab0 constant 21> > align:8 warn_if_not_align:0 symtab:0 alias-set 1 canonical-type > 0x7ffff7534dc8 domain <integer_type 0x7ffff7534d20>> > > arg:0 <mem_ref 0x7ffff7566cd0 type <array_type 0x7ffff7534f18> > > arg:0 <ssa_name 0x7ffff754d630 type <pointer_type 0x7ffff7534348> > visited var <parm_decl 0x7ffff7548180 g> > def_stmt GIMPLE_NOP > version:18 > ptr-info 0x7ffff7541f60> > arg:1 <integer_cst 0x7ffff7541e88 constant 0> > tt.C:5:14 start: tt.C:5:11 finish: tt.C:5:14> > arg:1 <integer_cst 0x7ffff73ed300 constant 3> > tt.C:5:17 start: tt.C:5:11 finish: tt.C:5:17> > arg:1 <ssa_name 0x7ffff756eca8 > type <integer_type 0x7ffff73eb690 unsigned int sizes-gimplified public > unsigned SI > size <integer_cst 0x7ffff73ed180 constant 32> > unit-size <integer_cst 0x7ffff73ed198 constant 4> > align:32 warn_if_not_align:0 symtab:0 alias-set -1 canonical-type > 0x7ffff73eb690 precision:32 min <integer_cst 0x7ffff73ed1b0 0> max > <integer_cst > 0x7ffff73ed168 4294967295> > pointer_to_this <pointer_type 0x7ffff73fb498>> > visited > def_stmt _207 = _293 + 21; > version:207 > ptr-info 0x7ffff7567860> > tt.C:5:24 start: tt.C:5:11 finish: tt.C:5:24> > > and we get maxsize reduced based on value range info: > 582 TYPE_PRECISION (sizetype)); > 583 woffset *= wi::to_offset (unit_size); > 584 woffset <<= LOG2_BITS_PER_UNIT; > 585 bit_offset += woffset; > 586 if (known_size_p (maxsize)) > 587 maxsize -= woffset; > 588 } > 589 } > 590 } > (gdb) p woffset > $114 = {<poly_int_pod<1, generic_wide_int<fixed_wide_int_storage<128> > >> = > {coeffs = {{<fixed_wide_int_storage<128>> = {val = {168, 0, 140737488345944}, > len = 1}, static is_sign_extended = true}}}, <No data fields>} > (gdb) p maxsize > $115 = {<poly_int_pod<1, generic_wide_int<fixed_wide_int_storage<128> > >> = > {coeffs = {{<fixed_wide_int_storage<128>> = {val = {168, 0, 140737488346016}, > len = 1}, static is_sign_extended = true}}}, <No data fields>} > > I suppose we can ignore such paradoxical range becuase executing that code > undefined. But I think we may want to handle this in alias oracle as well? Well, the usual thing to do is to check max_size_known_p () and if maybe_ne (max_size, size) then use [offset, max_size] for disambiguation. I think for modref you can do the same - if max size is known then use [offset, max_size], otherwise you have to punt. You shouldn't need 'size' at all, 'size' is when you are looking for must-defs.
