We should avoid mismatched argument values (integers for pointers)
when doing modref queries. This is the third place to guard.
Bootstrapped and tested on x86_64-unknown-linux-gnu, pushed.
2022-04-06 Richard Biener <rguent...@suse.de>
PR ipa/105166
* ipa-modref-tree.cc (modref_access_node::get_ao_ref ): Bail
out for non-pointer arguments.
* gcc.dg/torture/pr105166.c: New testcase.
---
gcc/ipa-modref-tree.cc | 4 +++-
gcc/testsuite/gcc.dg/torture/pr105166.c | 9 +++++++++
2 files changed, 12 insertions(+), 1 deletion(-)
create mode 100644 gcc/testsuite/gcc.dg/torture/pr105166.c
diff --git a/gcc/ipa-modref-tree.cc b/gcc/ipa-modref-tree.cc
index d0ec2fbf004..f19af8c2b55 100644
--- a/gcc/ipa-modref-tree.cc
+++ b/gcc/ipa-modref-tree.cc
@@ -678,7 +678,9 @@ modref_access_node::get_ao_ref (const gcall *stmt, ao_ref
*ref) const
{
tree arg;
- if (!parm_offset_known || !(arg = get_call_arg (stmt)))
+ if (!parm_offset_known
+ || !(arg = get_call_arg (stmt))
+ || !POINTER_TYPE_P (TREE_TYPE (arg)))
return false;
poly_offset_int off = (poly_offset_int)offset
+ ((poly_offset_int)parm_offset << LOG2_BITS_PER_UNIT);
diff --git a/gcc/testsuite/gcc.dg/torture/pr105166.c
b/gcc/testsuite/gcc.dg/torture/pr105166.c
new file mode 100644
index 00000000000..60e8b73a466
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/torture/pr105166.c
@@ -0,0 +1,9 @@
+/* { dg-do compile } */
+
+int bar (foo, a)
+ int (**foo) ();
+ int a;
+{
+ (foo)[1] = bar;
+ foo[1] (1);
+}
--
2.34.1
