1 /* Tree based points-to analysis
2 Copyright (C) 2005, 2006, 2007, 2008, 2009, 2010
3 Free Software Foundation, Inc.
4 Contributed by Daniel Berlin <dberlin@dberlin.org>
6 This file is part of GCC.
8 GCC is free software; you can redistribute it and/or modify
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 GCC is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with GCC; see the file COPYING3. If not see
20 <http://www.gnu.org/licenses/>. */
24 #include "coretypes.h"
32 #include "hard-reg-set.h"
33 #include "basic-block.h"
36 #include "tree-flow.h"
37 #include "tree-inline.h"
39 #include "diagnostic.h"
45 #include "tree-pass.h"
47 #include "alloc-pool.h"
48 #include "splay-tree.h"
52 #include "pointer-set.h"
54 /* The idea behind this analyzer is to generate set constraints from the
55 program, then solve the resulting constraints in order to generate the
58 Set constraints are a way of modeling program analysis problems that
59 involve sets. They consist of an inclusion constraint language,
60 describing the variables (each variable is a set) and operations that
61 are involved on the variables, and a set of rules that derive facts
62 from these operations. To solve a system of set constraints, you derive
63 all possible facts under the rules, which gives you the correct sets
66 See "Efficient Field-sensitive pointer analysis for C" by "David
67 J. Pearce and Paul H. J. Kelly and Chris Hankin, at
68 http://citeseer.ist.psu.edu/pearce04efficient.html
70 Also see "Ultra-fast Aliasing Analysis using CLA: A Million Lines
71 of C Code in a Second" by ""Nevin Heintze and Olivier Tardieu" at
72 http://citeseer.ist.psu.edu/heintze01ultrafast.html
74 There are three types of real constraint expressions, DEREF,
75 ADDRESSOF, and SCALAR. Each constraint expression consists
76 of a constraint type, a variable, and an offset.
78 SCALAR is a constraint expression type used to represent x, whether
79 it appears on the LHS or the RHS of a statement.
80 DEREF is a constraint expression type used to represent *x, whether
81 it appears on the LHS or the RHS of a statement.
82 ADDRESSOF is a constraint expression used to represent &x, whether
83 it appears on the LHS or the RHS of a statement.
85 Each pointer variable in the program is assigned an integer id, and
86 each field of a structure variable is assigned an integer id as well.
88 Structure variables are linked to their list of fields through a "next
89 field" in each variable that points to the next field in offset
91 Each variable for a structure field has
93 1. "size", that tells the size in bits of that field.
94 2. "fullsize, that tells the size in bits of the entire structure.
95 3. "offset", that tells the offset in bits from the beginning of the
96 structure to this field.
108 foo.a -> id 1, size 32, offset 0, fullsize 64, next foo.b
109 foo.b -> id 2, size 32, offset 32, fullsize 64, next NULL
110 bar -> id 3, size 32, offset 0, fullsize 32, next NULL
113 In order to solve the system of set constraints, the following is
116 1. Each constraint variable x has a solution set associated with it,
119 2. Constraints are separated into direct, copy, and complex.
120 Direct constraints are ADDRESSOF constraints that require no extra
121 processing, such as P = &Q
122 Copy constraints are those of the form P = Q.
123 Complex constraints are all the constraints involving dereferences
124 and offsets (including offsetted copies).
126 3. All direct constraints of the form P = &Q are processed, such
127 that Q is added to Sol(P)
129 4. All complex constraints for a given constraint variable are stored in a
130 linked list attached to that variable's node.
132 5. A directed graph is built out of the copy constraints. Each
133 constraint variable is a node in the graph, and an edge from
134 Q to P is added for each copy constraint of the form P = Q
136 6. The graph is then walked, and solution sets are
137 propagated along the copy edges, such that an edge from Q to P
138 causes Sol(P) <- Sol(P) union Sol(Q).
140 7. As we visit each node, all complex constraints associated with
141 that node are processed by adding appropriate copy edges to the graph, or the
142 appropriate variables to the solution set.
144 8. The process of walking the graph is iterated until no solution
147 Prior to walking the graph in steps 6 and 7, We perform static
148 cycle elimination on the constraint graph, as well
149 as off-line variable substitution.
151 TODO: Adding offsets to pointer-to-structures can be handled (IE not punted
152 on and turned into anything), but isn't. You can just see what offset
153 inside the pointed-to struct it's going to access.
155 TODO: Constant bounded arrays can be handled as if they were structs of the
156 same number of elements.
158 TODO: Modeling heap and incoming pointers becomes much better if we
159 add fields to them as we discover them, which we could do.
161 TODO: We could handle unions, but to be honest, it's probably not
162 worth the pain or slowdown. */
164 static GTY ((if_marked ("tree_map_marked_p"), param_is (struct tree_map)))
165 htab_t heapvar_for_stmt;
167 static bool use_field_sensitive = true;
168 static int in_ipa_mode = 0;
170 /* Used for predecessor bitmaps. */
171 static bitmap_obstack predbitmap_obstack;
173 /* Used for points-to sets. */
174 static bitmap_obstack pta_obstack;
176 /* Used for oldsolution members of variables. */
177 static bitmap_obstack oldpta_obstack;
179 /* Used for per-solver-iteration bitmaps. */
180 static bitmap_obstack iteration_obstack;
182 static unsigned int create_variable_info_for (tree, const char *);
183 typedef struct constraint_graph *constraint_graph_t;
184 static void unify_nodes (constraint_graph_t, unsigned int, unsigned int, bool);
187 typedef struct constraint *constraint_t;
189 DEF_VEC_P(constraint_t);
190 DEF_VEC_ALLOC_P(constraint_t,heap);
192 #define EXECUTE_IF_IN_NONNULL_BITMAP(a, b, c, d) \
194 EXECUTE_IF_SET_IN_BITMAP (a, b, c, d)
196 static struct constraint_stats
198 unsigned int total_vars;
199 unsigned int nonpointer_vars;
200 unsigned int unified_vars_static;
201 unsigned int unified_vars_dynamic;
202 unsigned int iterations;
203 unsigned int num_edges;
204 unsigned int num_implicit_edges;
205 unsigned int points_to_sets_created;
210 /* ID of this variable */
213 /* True if this is a variable created by the constraint analysis, such as
214 heap variables and constraints we had to break up. */
215 unsigned int is_artificial_var : 1;
217 /* True if this is a special variable whose solution set should not be
219 unsigned int is_special_var : 1;
221 /* True for variables whose size is not known or variable. */
222 unsigned int is_unknown_size_var : 1;
224 /* True for (sub-)fields that represent a whole variable. */
225 unsigned int is_full_var : 1;
227 /* True if this is a heap variable. */
228 unsigned int is_heap_var : 1;
230 /* True if this is a variable tracking a restrict pointer source. */
231 unsigned int is_restrict_var : 1;
233 /* True if this field may contain pointers. */
234 unsigned int may_have_pointers : 1;
236 /* True if this represents a global variable. */
237 unsigned int is_global_var : 1;
239 /* A link to the variable for the next field in this structure. */
240 struct variable_info *next;
242 /* Offset of this variable, in bits, from the base variable */
243 unsigned HOST_WIDE_INT offset;
245 /* Size of the variable, in bits. */
246 unsigned HOST_WIDE_INT size;
248 /* Full size of the base variable, in bits. */
249 unsigned HOST_WIDE_INT fullsize;
251 /* Name of this variable */
254 /* Tree that this variable is associated with. */
257 /* Points-to set for this variable. */
260 /* Old points-to set for this variable. */
263 typedef struct variable_info *varinfo_t;
265 static varinfo_t first_vi_for_offset (varinfo_t, unsigned HOST_WIDE_INT);
266 static varinfo_t first_or_preceding_vi_for_offset (varinfo_t,
267 unsigned HOST_WIDE_INT);
268 static varinfo_t lookup_vi_for_tree (tree);
270 /* Pool of variable info structures. */
271 static alloc_pool variable_info_pool;
273 DEF_VEC_P(varinfo_t);
275 DEF_VEC_ALLOC_P(varinfo_t, heap);
277 /* Table of variable info structures for constraint variables.
278 Indexed directly by variable info id. */
279 static VEC(varinfo_t,heap) *varmap;
281 /* Return the varmap element N */
283 static inline varinfo_t
284 get_varinfo (unsigned int n)
286 return VEC_index (varinfo_t, varmap, n);
289 /* Static IDs for the special variables. */
290 enum { nothing_id = 0, anything_id = 1, readonly_id = 2,
291 escaped_id = 3, nonlocal_id = 4, callused_id = 5,
292 storedanything_id = 6, integer_id = 7 };
294 struct GTY(()) heapvar_map {
296 unsigned HOST_WIDE_INT offset;
300 heapvar_map_eq (const void *p1, const void *p2)
302 const struct heapvar_map *h1 = (const struct heapvar_map *)p1;
303 const struct heapvar_map *h2 = (const struct heapvar_map *)p2;
304 return (h1->map.base.from == h2->map.base.from
305 && h1->offset == h2->offset);
309 heapvar_map_hash (struct heapvar_map *h)
311 return iterative_hash_host_wide_int (h->offset,
312 htab_hash_pointer (h->map.base.from));
315 /* Lookup a heap var for FROM, and return it if we find one. */
318 heapvar_lookup (tree from, unsigned HOST_WIDE_INT offset)
320 struct heapvar_map *h, in;
321 in.map.base.from = from;
323 h = (struct heapvar_map *) htab_find_with_hash (heapvar_for_stmt, &in,
324 heapvar_map_hash (&in));
330 /* Insert a mapping FROM->TO in the heap var for statement
334 heapvar_insert (tree from, unsigned HOST_WIDE_INT offset, tree to)
336 struct heapvar_map *h;
339 h = GGC_NEW (struct heapvar_map);
340 h->map.base.from = from;
342 h->map.hash = heapvar_map_hash (h);
344 loc = htab_find_slot_with_hash (heapvar_for_stmt, h, h->map.hash, INSERT);
345 gcc_assert (*loc == NULL);
346 *(struct heapvar_map **) loc = h;
349 /* Return a new variable info structure consisting for a variable
350 named NAME, and using constraint graph node NODE. Append it
351 to the vector of variable info structures. */
354 new_var_info (tree t, const char *name)
356 unsigned index = VEC_length (varinfo_t, varmap);
357 varinfo_t ret = (varinfo_t) pool_alloc (variable_info_pool);
362 /* Vars without decl are artificial and do not have sub-variables. */
363 ret->is_artificial_var = (t == NULL_TREE);
364 ret->is_special_var = false;
365 ret->is_unknown_size_var = false;
366 ret->is_full_var = (t == NULL_TREE);
367 ret->is_heap_var = false;
368 ret->is_restrict_var = false;
369 ret->may_have_pointers = true;
370 ret->is_global_var = (t == NULL_TREE);
372 ret->is_global_var = is_global_var (t);
373 ret->solution = BITMAP_ALLOC (&pta_obstack);
374 ret->oldsolution = BITMAP_ALLOC (&oldpta_obstack);
377 VEC_safe_push (varinfo_t, heap, varmap, ret);
382 typedef enum {SCALAR, DEREF, ADDRESSOF} constraint_expr_type;
384 /* An expression that appears in a constraint. */
386 struct constraint_expr
388 /* Constraint type. */
389 constraint_expr_type type;
391 /* Variable we are referring to in the constraint. */
394 /* Offset, in bits, of this constraint from the beginning of
395 variables it ends up referring to.
397 IOW, in a deref constraint, we would deref, get the result set,
398 then add OFFSET to each member. */
399 HOST_WIDE_INT offset;
402 /* Use 0x8000... as special unknown offset. */
403 #define UNKNOWN_OFFSET ((HOST_WIDE_INT)-1 << (HOST_BITS_PER_WIDE_INT-1))
405 typedef struct constraint_expr ce_s;
407 DEF_VEC_ALLOC_O(ce_s, heap);
408 static void get_constraint_for_1 (tree, VEC(ce_s, heap) **, bool);
409 static void get_constraint_for (tree, VEC(ce_s, heap) **);
410 static void do_deref (VEC (ce_s, heap) **);
412 /* Our set constraints are made up of two constraint expressions, one
415 As described in the introduction, our set constraints each represent an
416 operation between set valued variables.
420 struct constraint_expr lhs;
421 struct constraint_expr rhs;
424 /* List of constraints that we use to build the constraint graph from. */
426 static VEC(constraint_t,heap) *constraints;
427 static alloc_pool constraint_pool;
429 /* The constraint graph is represented as an array of bitmaps
430 containing successor nodes. */
432 struct constraint_graph
434 /* Size of this graph, which may be different than the number of
435 nodes in the variable map. */
438 /* Explicit successors of each node. */
441 /* Implicit predecessors of each node (Used for variable
443 bitmap *implicit_preds;
445 /* Explicit predecessors of each node (Used for variable substitution). */
448 /* Indirect cycle representatives, or -1 if the node has no indirect
450 int *indirect_cycles;
452 /* Representative node for a node. rep[a] == a unless the node has
456 /* Equivalence class representative for a label. This is used for
457 variable substitution. */
460 /* Pointer equivalence label for a node. All nodes with the same
461 pointer equivalence label can be unified together at some point
462 (either during constraint optimization or after the constraint
466 /* Pointer equivalence representative for a label. This is used to
467 handle nodes that are pointer equivalent but not location
468 equivalent. We can unite these once the addressof constraints
469 are transformed into initial points-to sets. */
472 /* Pointer equivalence label for each node, used during variable
474 unsigned int *pointer_label;
476 /* Location equivalence label for each node, used during location
477 equivalence finding. */
478 unsigned int *loc_label;
480 /* Pointed-by set for each node, used during location equivalence
481 finding. This is pointed-by rather than pointed-to, because it
482 is constructed using the predecessor graph. */
485 /* Points to sets for pointer equivalence. This is *not* the actual
486 points-to sets for nodes. */
489 /* Bitmap of nodes where the bit is set if the node is a direct
490 node. Used for variable substitution. */
491 sbitmap direct_nodes;
493 /* Bitmap of nodes where the bit is set if the node is address
494 taken. Used for variable substitution. */
495 bitmap address_taken;
497 /* Vector of complex constraints for each graph node. Complex
498 constraints are those involving dereferences or offsets that are
500 VEC(constraint_t,heap) **complex;
503 static constraint_graph_t graph;
505 /* During variable substitution and the offline version of indirect
506 cycle finding, we create nodes to represent dereferences and
507 address taken constraints. These represent where these start and
509 #define FIRST_REF_NODE (VEC_length (varinfo_t, varmap))
510 #define LAST_REF_NODE (FIRST_REF_NODE + (FIRST_REF_NODE - 1))
512 /* Return the representative node for NODE, if NODE has been unioned
514 This function performs path compression along the way to finding
515 the representative. */
518 find (unsigned int node)
520 gcc_assert (node < graph->size);
521 if (graph->rep[node] != node)
522 return graph->rep[node] = find (graph->rep[node]);
526 /* Union the TO and FROM nodes to the TO nodes.
527 Note that at some point in the future, we may want to do
528 union-by-rank, in which case we are going to have to return the
529 node we unified to. */
532 unite (unsigned int to, unsigned int from)
534 gcc_assert (to < graph->size && from < graph->size);
535 if (to != from && graph->rep[from] != to)
537 graph->rep[from] = to;
543 /* Create a new constraint consisting of LHS and RHS expressions. */
546 new_constraint (const struct constraint_expr lhs,
547 const struct constraint_expr rhs)
549 constraint_t ret = (constraint_t) pool_alloc (constraint_pool);
555 /* Print out constraint C to FILE. */
558 dump_constraint (FILE *file, constraint_t c)
560 if (c->lhs.type == ADDRESSOF)
562 else if (c->lhs.type == DEREF)
564 fprintf (file, "%s", get_varinfo (c->lhs.var)->name);
565 if (c->lhs.offset == UNKNOWN_OFFSET)
566 fprintf (file, " + UNKNOWN");
567 else if (c->lhs.offset != 0)
568 fprintf (file, " + " HOST_WIDE_INT_PRINT_DEC, c->lhs.offset);
569 fprintf (file, " = ");
570 if (c->rhs.type == ADDRESSOF)
572 else if (c->rhs.type == DEREF)
574 fprintf (file, "%s", get_varinfo (c->rhs.var)->name);
575 if (c->rhs.offset == UNKNOWN_OFFSET)
576 fprintf (file, " + UNKNOWN");
577 else if (c->rhs.offset != 0)
578 fprintf (file, " + " HOST_WIDE_INT_PRINT_DEC, c->rhs.offset);
579 fprintf (file, "\n");
583 void debug_constraint (constraint_t);
584 void debug_constraints (void);
585 void debug_constraint_graph (void);
586 void debug_solution_for_var (unsigned int);
587 void debug_sa_points_to_info (void);
589 /* Print out constraint C to stderr. */
592 debug_constraint (constraint_t c)
594 dump_constraint (stderr, c);
597 /* Print out all constraints to FILE */
600 dump_constraints (FILE *file)
604 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
605 dump_constraint (file, c);
608 /* Print out all constraints to stderr. */
611 debug_constraints (void)
613 dump_constraints (stderr);
616 /* Print out to FILE the edge in the constraint graph that is created by
617 constraint c. The edge may have a label, depending on the type of
618 constraint that it represents. If complex1, e.g: a = *b, then the label
619 is "=*", if complex2, e.g: *a = b, then the label is "*=", if
620 complex with an offset, e.g: a = b + 8, then the label is "+".
621 Otherwise the edge has no label. */
624 dump_constraint_edge (FILE *file, constraint_t c)
626 if (c->rhs.type != ADDRESSOF)
628 const char *src = get_varinfo (c->rhs.var)->name;
629 const char *dst = get_varinfo (c->lhs.var)->name;
630 fprintf (file, " \"%s\" -> \"%s\" ", src, dst);
631 /* Due to preprocessing of constraints, instructions like *a = *b are
632 illegal; thus, we do not have to handle such cases. */
633 if (c->lhs.type == DEREF)
634 fprintf (file, " [ label=\"*=\" ] ;\n");
635 else if (c->rhs.type == DEREF)
636 fprintf (file, " [ label=\"=*\" ] ;\n");
639 /* We must check the case where the constraint is an offset.
640 In this case, it is treated as a complex constraint. */
641 if (c->rhs.offset != c->lhs.offset)
642 fprintf (file, " [ label=\"+\" ] ;\n");
644 fprintf (file, " ;\n");
649 /* Print the constraint graph in dot format. */
652 dump_constraint_graph (FILE *file)
654 unsigned int i=0, size;
657 /* Only print the graph if it has already been initialized: */
661 /* Print the constraints used to produce the constraint graph. The
662 constraints will be printed as comments in the dot file: */
663 fprintf (file, "\n\n/* Constraints used in the constraint graph:\n");
664 dump_constraints (file);
665 fprintf (file, "*/\n");
667 /* Prints the header of the dot file: */
668 fprintf (file, "\n\n// The constraint graph in dot format:\n");
669 fprintf (file, "strict digraph {\n");
670 fprintf (file, " node [\n shape = box\n ]\n");
671 fprintf (file, " edge [\n fontsize = \"12\"\n ]\n");
672 fprintf (file, "\n // List of nodes in the constraint graph:\n");
674 /* The next lines print the nodes in the graph. In order to get the
675 number of nodes in the graph, we must choose the minimum between the
676 vector VEC (varinfo_t, varmap) and graph->size. If the graph has not
677 yet been initialized, then graph->size == 0, otherwise we must only
678 read nodes that have an entry in VEC (varinfo_t, varmap). */
679 size = VEC_length (varinfo_t, varmap);
680 size = size < graph->size ? size : graph->size;
681 for (i = 0; i < size; i++)
683 const char *name = get_varinfo (graph->rep[i])->name;
684 fprintf (file, " \"%s\" ;\n", name);
687 /* Go over the list of constraints printing the edges in the constraint
689 fprintf (file, "\n // The constraint edges:\n");
690 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
692 dump_constraint_edge (file, c);
694 /* Prints the tail of the dot file. By now, only the closing bracket. */
695 fprintf (file, "}\n\n\n");
698 /* Print out the constraint graph to stderr. */
701 debug_constraint_graph (void)
703 dump_constraint_graph (stderr);
708 The solver is a simple worklist solver, that works on the following
711 sbitmap changed_nodes = all zeroes;
713 For each node that is not already collapsed:
715 set bit in changed nodes
717 while (changed_count > 0)
719 compute topological ordering for constraint graph
721 find and collapse cycles in the constraint graph (updating
722 changed if necessary)
724 for each node (n) in the graph in topological order:
727 Process each complex constraint associated with the node,
728 updating changed if necessary.
730 For each outgoing edge from n, propagate the solution from n to
731 the destination of the edge, updating changed as necessary.
735 /* Return true if two constraint expressions A and B are equal. */
738 constraint_expr_equal (struct constraint_expr a, struct constraint_expr b)
740 return a.type == b.type && a.var == b.var && a.offset == b.offset;
743 /* Return true if constraint expression A is less than constraint expression
744 B. This is just arbitrary, but consistent, in order to give them an
748 constraint_expr_less (struct constraint_expr a, struct constraint_expr b)
750 if (a.type == b.type)
753 return a.offset < b.offset;
755 return a.var < b.var;
758 return a.type < b.type;
761 /* Return true if constraint A is less than constraint B. This is just
762 arbitrary, but consistent, in order to give them an ordering. */
765 constraint_less (const constraint_t a, const constraint_t b)
767 if (constraint_expr_less (a->lhs, b->lhs))
769 else if (constraint_expr_less (b->lhs, a->lhs))
772 return constraint_expr_less (a->rhs, b->rhs);
775 /* Return true if two constraints A and B are equal. */
778 constraint_equal (struct constraint a, struct constraint b)
780 return constraint_expr_equal (a.lhs, b.lhs)
781 && constraint_expr_equal (a.rhs, b.rhs);
785 /* Find a constraint LOOKFOR in the sorted constraint vector VEC */
788 constraint_vec_find (VEC(constraint_t,heap) *vec,
789 struct constraint lookfor)
797 place = VEC_lower_bound (constraint_t, vec, &lookfor, constraint_less);
798 if (place >= VEC_length (constraint_t, vec))
800 found = VEC_index (constraint_t, vec, place);
801 if (!constraint_equal (*found, lookfor))
806 /* Union two constraint vectors, TO and FROM. Put the result in TO. */
809 constraint_set_union (VEC(constraint_t,heap) **to,
810 VEC(constraint_t,heap) **from)
815 for (i = 0; VEC_iterate (constraint_t, *from, i, c); i++)
817 if (constraint_vec_find (*to, *c) == NULL)
819 unsigned int place = VEC_lower_bound (constraint_t, *to, c,
821 VEC_safe_insert (constraint_t, heap, *to, place, c);
826 /* Expands the solution in SET to all sub-fields of variables included.
827 Union the expanded result into RESULT. */
830 solution_set_expand (bitmap result, bitmap set)
836 /* In a first pass record all variables we need to add all
837 sub-fields off. This avoids quadratic behavior. */
838 EXECUTE_IF_SET_IN_BITMAP (set, 0, j, bi)
840 varinfo_t v = get_varinfo (j);
841 if (v->is_artificial_var
844 v = lookup_vi_for_tree (v->decl);
846 vars = BITMAP_ALLOC (NULL);
847 bitmap_set_bit (vars, v->id);
850 /* In the second pass now do the addition to the solution and
851 to speed up solving add it to the delta as well. */
854 EXECUTE_IF_SET_IN_BITMAP (vars, 0, j, bi)
856 varinfo_t v = get_varinfo (j);
857 for (; v != NULL; v = v->next)
858 bitmap_set_bit (result, v->id);
864 /* Take a solution set SET, add OFFSET to each member of the set, and
865 overwrite SET with the result when done. */
868 solution_set_add (bitmap set, HOST_WIDE_INT offset)
870 bitmap result = BITMAP_ALLOC (&iteration_obstack);
874 /* If the offset is unknown we have to expand the solution to
876 if (offset == UNKNOWN_OFFSET)
878 solution_set_expand (set, set);
882 EXECUTE_IF_SET_IN_BITMAP (set, 0, i, bi)
884 varinfo_t vi = get_varinfo (i);
886 /* If this is a variable with just one field just set its bit
888 if (vi->is_artificial_var
889 || vi->is_unknown_size_var
891 bitmap_set_bit (result, i);
894 unsigned HOST_WIDE_INT fieldoffset = vi->offset + offset;
896 /* If the offset makes the pointer point to before the
897 variable use offset zero for the field lookup. */
899 && fieldoffset > vi->offset)
903 vi = first_or_preceding_vi_for_offset (vi, fieldoffset);
905 bitmap_set_bit (result, vi->id);
906 /* If the result is not exactly at fieldoffset include the next
907 field as well. See get_constraint_for_ptr_offset for more
909 if (vi->offset != fieldoffset
911 bitmap_set_bit (result, vi->next->id);
915 bitmap_copy (set, result);
916 BITMAP_FREE (result);
919 /* Union solution sets TO and FROM, and add INC to each member of FROM in the
923 set_union_with_increment (bitmap to, bitmap from, HOST_WIDE_INT inc)
926 return bitmap_ior_into (to, from);
932 tmp = BITMAP_ALLOC (&iteration_obstack);
933 bitmap_copy (tmp, from);
934 solution_set_add (tmp, inc);
935 res = bitmap_ior_into (to, tmp);
941 /* Insert constraint C into the list of complex constraints for graph
945 insert_into_complex (constraint_graph_t graph,
946 unsigned int var, constraint_t c)
948 VEC (constraint_t, heap) *complex = graph->complex[var];
949 unsigned int place = VEC_lower_bound (constraint_t, complex, c,
952 /* Only insert constraints that do not already exist. */
953 if (place >= VEC_length (constraint_t, complex)
954 || !constraint_equal (*c, *VEC_index (constraint_t, complex, place)))
955 VEC_safe_insert (constraint_t, heap, graph->complex[var], place, c);
959 /* Condense two variable nodes into a single variable node, by moving
960 all associated info from SRC to TO. */
963 merge_node_constraints (constraint_graph_t graph, unsigned int to,
969 gcc_assert (find (from) == to);
971 /* Move all complex constraints from src node into to node */
972 for (i = 0; VEC_iterate (constraint_t, graph->complex[from], i, c); i++)
974 /* In complex constraints for node src, we may have either
975 a = *src, and *src = a, or an offseted constraint which are
976 always added to the rhs node's constraints. */
978 if (c->rhs.type == DEREF)
980 else if (c->lhs.type == DEREF)
985 constraint_set_union (&graph->complex[to], &graph->complex[from]);
986 VEC_free (constraint_t, heap, graph->complex[from]);
987 graph->complex[from] = NULL;
991 /* Remove edges involving NODE from GRAPH. */
994 clear_edges_for_node (constraint_graph_t graph, unsigned int node)
996 if (graph->succs[node])
997 BITMAP_FREE (graph->succs[node]);
1000 /* Merge GRAPH nodes FROM and TO into node TO. */
1003 merge_graph_nodes (constraint_graph_t graph, unsigned int to,
1006 if (graph->indirect_cycles[from] != -1)
1008 /* If we have indirect cycles with the from node, and we have
1009 none on the to node, the to node has indirect cycles from the
1010 from node now that they are unified.
1011 If indirect cycles exist on both, unify the nodes that they
1012 are in a cycle with, since we know they are in a cycle with
1014 if (graph->indirect_cycles[to] == -1)
1015 graph->indirect_cycles[to] = graph->indirect_cycles[from];
1018 /* Merge all the successor edges. */
1019 if (graph->succs[from])
1021 if (!graph->succs[to])
1022 graph->succs[to] = BITMAP_ALLOC (&pta_obstack);
1023 bitmap_ior_into (graph->succs[to],
1024 graph->succs[from]);
1027 clear_edges_for_node (graph, from);
1031 /* Add an indirect graph edge to GRAPH, going from TO to FROM if
1032 it doesn't exist in the graph already. */
1035 add_implicit_graph_edge (constraint_graph_t graph, unsigned int to,
1041 if (!graph->implicit_preds[to])
1042 graph->implicit_preds[to] = BITMAP_ALLOC (&predbitmap_obstack);
1044 if (bitmap_set_bit (graph->implicit_preds[to], from))
1045 stats.num_implicit_edges++;
1048 /* Add a predecessor graph edge to GRAPH, going from TO to FROM if
1049 it doesn't exist in the graph already.
1050 Return false if the edge already existed, true otherwise. */
1053 add_pred_graph_edge (constraint_graph_t graph, unsigned int to,
1056 if (!graph->preds[to])
1057 graph->preds[to] = BITMAP_ALLOC (&predbitmap_obstack);
1058 bitmap_set_bit (graph->preds[to], from);
1061 /* Add a graph edge to GRAPH, going from FROM to TO if
1062 it doesn't exist in the graph already.
1063 Return false if the edge already existed, true otherwise. */
1066 add_graph_edge (constraint_graph_t graph, unsigned int to,
1077 if (!graph->succs[from])
1078 graph->succs[from] = BITMAP_ALLOC (&pta_obstack);
1079 if (bitmap_set_bit (graph->succs[from], to))
1082 if (to < FIRST_REF_NODE && from < FIRST_REF_NODE)
1090 /* Return true if {DEST.SRC} is an existing graph edge in GRAPH. */
1093 valid_graph_edge (constraint_graph_t graph, unsigned int src,
1096 return (graph->succs[dest]
1097 && bitmap_bit_p (graph->succs[dest], src));
1100 /* Initialize the constraint graph structure to contain SIZE nodes. */
1103 init_graph (unsigned int size)
1107 graph = XCNEW (struct constraint_graph);
1109 graph->succs = XCNEWVEC (bitmap, graph->size);
1110 graph->indirect_cycles = XNEWVEC (int, graph->size);
1111 graph->rep = XNEWVEC (unsigned int, graph->size);
1112 graph->complex = XCNEWVEC (VEC(constraint_t, heap) *, size);
1113 graph->pe = XCNEWVEC (unsigned int, graph->size);
1114 graph->pe_rep = XNEWVEC (int, graph->size);
1116 for (j = 0; j < graph->size; j++)
1119 graph->pe_rep[j] = -1;
1120 graph->indirect_cycles[j] = -1;
1124 /* Build the constraint graph, adding only predecessor edges right now. */
1127 build_pred_graph (void)
1133 graph->implicit_preds = XCNEWVEC (bitmap, graph->size);
1134 graph->preds = XCNEWVEC (bitmap, graph->size);
1135 graph->pointer_label = XCNEWVEC (unsigned int, graph->size);
1136 graph->loc_label = XCNEWVEC (unsigned int, graph->size);
1137 graph->pointed_by = XCNEWVEC (bitmap, graph->size);
1138 graph->points_to = XCNEWVEC (bitmap, graph->size);
1139 graph->eq_rep = XNEWVEC (int, graph->size);
1140 graph->direct_nodes = sbitmap_alloc (graph->size);
1141 graph->address_taken = BITMAP_ALLOC (&predbitmap_obstack);
1142 sbitmap_zero (graph->direct_nodes);
1144 for (j = 0; j < FIRST_REF_NODE; j++)
1146 if (!get_varinfo (j)->is_special_var)
1147 SET_BIT (graph->direct_nodes, j);
1150 for (j = 0; j < graph->size; j++)
1151 graph->eq_rep[j] = -1;
1153 for (j = 0; j < VEC_length (varinfo_t, varmap); j++)
1154 graph->indirect_cycles[j] = -1;
1156 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
1158 struct constraint_expr lhs = c->lhs;
1159 struct constraint_expr rhs = c->rhs;
1160 unsigned int lhsvar = lhs.var;
1161 unsigned int rhsvar = rhs.var;
1163 if (lhs.type == DEREF)
1166 if (rhs.offset == 0 && lhs.offset == 0 && rhs.type == SCALAR)
1167 add_pred_graph_edge (graph, FIRST_REF_NODE + lhsvar, rhsvar);
1169 else if (rhs.type == DEREF)
1172 if (rhs.offset == 0 && lhs.offset == 0 && lhs.type == SCALAR)
1173 add_pred_graph_edge (graph, lhsvar, FIRST_REF_NODE + rhsvar);
1175 RESET_BIT (graph->direct_nodes, lhsvar);
1177 else if (rhs.type == ADDRESSOF)
1182 if (graph->points_to[lhsvar] == NULL)
1183 graph->points_to[lhsvar] = BITMAP_ALLOC (&predbitmap_obstack);
1184 bitmap_set_bit (graph->points_to[lhsvar], rhsvar);
1186 if (graph->pointed_by[rhsvar] == NULL)
1187 graph->pointed_by[rhsvar] = BITMAP_ALLOC (&predbitmap_obstack);
1188 bitmap_set_bit (graph->pointed_by[rhsvar], lhsvar);
1190 /* Implicitly, *x = y */
1191 add_implicit_graph_edge (graph, FIRST_REF_NODE + lhsvar, rhsvar);
1193 /* All related variables are no longer direct nodes. */
1194 RESET_BIT (graph->direct_nodes, rhsvar);
1195 v = get_varinfo (rhsvar);
1196 if (!v->is_full_var)
1198 v = lookup_vi_for_tree (v->decl);
1201 RESET_BIT (graph->direct_nodes, v->id);
1206 bitmap_set_bit (graph->address_taken, rhsvar);
1208 else if (lhsvar > anything_id
1209 && lhsvar != rhsvar && lhs.offset == 0 && rhs.offset == 0)
1212 add_pred_graph_edge (graph, lhsvar, rhsvar);
1213 /* Implicitly, *x = *y */
1214 add_implicit_graph_edge (graph, FIRST_REF_NODE + lhsvar,
1215 FIRST_REF_NODE + rhsvar);
1217 else if (lhs.offset != 0 || rhs.offset != 0)
1219 if (rhs.offset != 0)
1220 RESET_BIT (graph->direct_nodes, lhs.var);
1221 else if (lhs.offset != 0)
1222 RESET_BIT (graph->direct_nodes, rhs.var);
1227 /* Build the constraint graph, adding successor edges. */
1230 build_succ_graph (void)
1235 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
1237 struct constraint_expr lhs;
1238 struct constraint_expr rhs;
1239 unsigned int lhsvar;
1240 unsigned int rhsvar;
1247 lhsvar = find (lhs.var);
1248 rhsvar = find (rhs.var);
1250 if (lhs.type == DEREF)
1252 if (rhs.offset == 0 && lhs.offset == 0 && rhs.type == SCALAR)
1253 add_graph_edge (graph, FIRST_REF_NODE + lhsvar, rhsvar);
1255 else if (rhs.type == DEREF)
1257 if (rhs.offset == 0 && lhs.offset == 0 && lhs.type == SCALAR)
1258 add_graph_edge (graph, lhsvar, FIRST_REF_NODE + rhsvar);
1260 else if (rhs.type == ADDRESSOF)
1263 gcc_assert (find (rhs.var) == rhs.var);
1264 bitmap_set_bit (get_varinfo (lhsvar)->solution, rhsvar);
1266 else if (lhsvar > anything_id
1267 && lhsvar != rhsvar && lhs.offset == 0 && rhs.offset == 0)
1269 add_graph_edge (graph, lhsvar, rhsvar);
1273 /* Add edges from STOREDANYTHING to all non-direct nodes that can
1274 receive pointers. */
1275 t = find (storedanything_id);
1276 for (i = integer_id + 1; i < FIRST_REF_NODE; ++i)
1278 if (!TEST_BIT (graph->direct_nodes, i)
1279 && get_varinfo (i)->may_have_pointers)
1280 add_graph_edge (graph, find (i), t);
1283 /* Everything stored to ANYTHING also potentially escapes. */
1284 add_graph_edge (graph, find (escaped_id), t);
1288 /* Changed variables on the last iteration. */
1289 static unsigned int changed_count;
1290 static sbitmap changed;
1292 /* Strongly Connected Component visitation info. */
1299 unsigned int *node_mapping;
1301 VEC(unsigned,heap) *scc_stack;
1305 /* Recursive routine to find strongly connected components in GRAPH.
1306 SI is the SCC info to store the information in, and N is the id of current
1307 graph node we are processing.
1309 This is Tarjan's strongly connected component finding algorithm, as
1310 modified by Nuutila to keep only non-root nodes on the stack.
1311 The algorithm can be found in "On finding the strongly connected
1312 connected components in a directed graph" by Esko Nuutila and Eljas
1313 Soisalon-Soininen, in Information Processing Letters volume 49,
1314 number 1, pages 9-14. */
1317 scc_visit (constraint_graph_t graph, struct scc_info *si, unsigned int n)
1321 unsigned int my_dfs;
1323 SET_BIT (si->visited, n);
1324 si->dfs[n] = si->current_index ++;
1325 my_dfs = si->dfs[n];
1327 /* Visit all the successors. */
1328 EXECUTE_IF_IN_NONNULL_BITMAP (graph->succs[n], 0, i, bi)
1332 if (i > LAST_REF_NODE)
1336 if (TEST_BIT (si->deleted, w))
1339 if (!TEST_BIT (si->visited, w))
1340 scc_visit (graph, si, w);
1342 unsigned int t = find (w);
1343 unsigned int nnode = find (n);
1344 gcc_assert (nnode == n);
1346 if (si->dfs[t] < si->dfs[nnode])
1347 si->dfs[n] = si->dfs[t];
1351 /* See if any components have been identified. */
1352 if (si->dfs[n] == my_dfs)
1354 if (VEC_length (unsigned, si->scc_stack) > 0
1355 && si->dfs[VEC_last (unsigned, si->scc_stack)] >= my_dfs)
1357 bitmap scc = BITMAP_ALLOC (NULL);
1358 unsigned int lowest_node;
1361 bitmap_set_bit (scc, n);
1363 while (VEC_length (unsigned, si->scc_stack) != 0
1364 && si->dfs[VEC_last (unsigned, si->scc_stack)] >= my_dfs)
1366 unsigned int w = VEC_pop (unsigned, si->scc_stack);
1368 bitmap_set_bit (scc, w);
1371 lowest_node = bitmap_first_set_bit (scc);
1372 gcc_assert (lowest_node < FIRST_REF_NODE);
1374 /* Collapse the SCC nodes into a single node, and mark the
1376 EXECUTE_IF_SET_IN_BITMAP (scc, 0, i, bi)
1378 if (i < FIRST_REF_NODE)
1380 if (unite (lowest_node, i))
1381 unify_nodes (graph, lowest_node, i, false);
1385 unite (lowest_node, i);
1386 graph->indirect_cycles[i - FIRST_REF_NODE] = lowest_node;
1390 SET_BIT (si->deleted, n);
1393 VEC_safe_push (unsigned, heap, si->scc_stack, n);
1396 /* Unify node FROM into node TO, updating the changed count if
1397 necessary when UPDATE_CHANGED is true. */
1400 unify_nodes (constraint_graph_t graph, unsigned int to, unsigned int from,
1401 bool update_changed)
1404 gcc_assert (to != from && find (to) == to);
1405 if (dump_file && (dump_flags & TDF_DETAILS))
1406 fprintf (dump_file, "Unifying %s to %s\n",
1407 get_varinfo (from)->name,
1408 get_varinfo (to)->name);
1411 stats.unified_vars_dynamic++;
1413 stats.unified_vars_static++;
1415 merge_graph_nodes (graph, to, from);
1416 merge_node_constraints (graph, to, from);
1418 /* Mark TO as changed if FROM was changed. If TO was already marked
1419 as changed, decrease the changed count. */
1421 if (update_changed && TEST_BIT (changed, from))
1423 RESET_BIT (changed, from);
1424 if (!TEST_BIT (changed, to))
1425 SET_BIT (changed, to);
1428 gcc_assert (changed_count > 0);
1432 if (get_varinfo (from)->solution)
1434 /* If the solution changes because of the merging, we need to mark
1435 the variable as changed. */
1436 if (bitmap_ior_into (get_varinfo (to)->solution,
1437 get_varinfo (from)->solution))
1439 if (update_changed && !TEST_BIT (changed, to))
1441 SET_BIT (changed, to);
1446 BITMAP_FREE (get_varinfo (from)->solution);
1447 BITMAP_FREE (get_varinfo (from)->oldsolution);
1449 if (stats.iterations > 0)
1451 BITMAP_FREE (get_varinfo (to)->oldsolution);
1452 get_varinfo (to)->oldsolution = BITMAP_ALLOC (&oldpta_obstack);
1455 if (valid_graph_edge (graph, to, to))
1457 if (graph->succs[to])
1458 bitmap_clear_bit (graph->succs[to], to);
1462 /* Information needed to compute the topological ordering of a graph. */
1466 /* sbitmap of visited nodes. */
1468 /* Array that stores the topological order of the graph, *in
1470 VEC(unsigned,heap) *topo_order;
1474 /* Initialize and return a topological info structure. */
1476 static struct topo_info *
1477 init_topo_info (void)
1479 size_t size = graph->size;
1480 struct topo_info *ti = XNEW (struct topo_info);
1481 ti->visited = sbitmap_alloc (size);
1482 sbitmap_zero (ti->visited);
1483 ti->topo_order = VEC_alloc (unsigned, heap, 1);
1488 /* Free the topological sort info pointed to by TI. */
1491 free_topo_info (struct topo_info *ti)
1493 sbitmap_free (ti->visited);
1494 VEC_free (unsigned, heap, ti->topo_order);
1498 /* Visit the graph in topological order, and store the order in the
1499 topo_info structure. */
1502 topo_visit (constraint_graph_t graph, struct topo_info *ti,
1508 SET_BIT (ti->visited, n);
1510 if (graph->succs[n])
1511 EXECUTE_IF_SET_IN_BITMAP (graph->succs[n], 0, j, bi)
1513 if (!TEST_BIT (ti->visited, j))
1514 topo_visit (graph, ti, j);
1517 VEC_safe_push (unsigned, heap, ti->topo_order, n);
1520 /* Process a constraint C that represents x = *(y + off), using DELTA as the
1521 starting solution for y. */
1524 do_sd_constraint (constraint_graph_t graph, constraint_t c,
1527 unsigned int lhs = c->lhs.var;
1529 bitmap sol = get_varinfo (lhs)->solution;
1532 HOST_WIDE_INT roffset = c->rhs.offset;
1534 /* Our IL does not allow this. */
1535 gcc_assert (c->lhs.offset == 0);
1537 /* If the solution of Y contains anything it is good enough to transfer
1539 if (bitmap_bit_p (delta, anything_id))
1541 flag |= bitmap_set_bit (sol, anything_id);
1545 /* If we do not know at with offset the rhs is dereferenced compute
1546 the reachability set of DELTA, conservatively assuming it is
1547 dereferenced at all valid offsets. */
1548 if (roffset == UNKNOWN_OFFSET)
1550 solution_set_expand (delta, delta);
1551 /* No further offset processing is necessary. */
1555 /* For each variable j in delta (Sol(y)), add
1556 an edge in the graph from j to x, and union Sol(j) into Sol(x). */
1557 EXECUTE_IF_SET_IN_BITMAP (delta, 0, j, bi)
1559 varinfo_t v = get_varinfo (j);
1560 HOST_WIDE_INT fieldoffset = v->offset + roffset;
1564 fieldoffset = v->offset;
1565 else if (roffset != 0)
1566 v = first_vi_for_offset (v, fieldoffset);
1567 /* If the access is outside of the variable we can ignore it. */
1575 /* Adding edges from the special vars is pointless.
1576 They don't have sets that can change. */
1577 if (get_varinfo (t)->is_special_var)
1578 flag |= bitmap_ior_into (sol, get_varinfo (t)->solution);
1579 /* Merging the solution from ESCAPED needlessly increases
1580 the set. Use ESCAPED as representative instead. */
1581 else if (v->id == escaped_id)
1582 flag |= bitmap_set_bit (sol, escaped_id);
1583 else if (add_graph_edge (graph, lhs, t))
1584 flag |= bitmap_ior_into (sol, get_varinfo (t)->solution);
1586 /* If the variable is not exactly at the requested offset
1587 we have to include the next one. */
1588 if (v->offset == (unsigned HOST_WIDE_INT)fieldoffset
1593 fieldoffset = v->offset;
1599 /* If the LHS solution changed, mark the var as changed. */
1602 get_varinfo (lhs)->solution = sol;
1603 if (!TEST_BIT (changed, lhs))
1605 SET_BIT (changed, lhs);
1611 /* Process a constraint C that represents *(x + off) = y using DELTA
1612 as the starting solution for x. */
1615 do_ds_constraint (constraint_t c, bitmap delta)
1617 unsigned int rhs = c->rhs.var;
1618 bitmap sol = get_varinfo (rhs)->solution;
1621 HOST_WIDE_INT loff = c->lhs.offset;
1623 /* Our IL does not allow this. */
1624 gcc_assert (c->rhs.offset == 0);
1626 /* If the solution of y contains ANYTHING simply use the ANYTHING
1627 solution. This avoids needlessly increasing the points-to sets. */
1628 if (bitmap_bit_p (sol, anything_id))
1629 sol = get_varinfo (find (anything_id))->solution;
1631 /* If the solution for x contains ANYTHING we have to merge the
1632 solution of y into all pointer variables which we do via
1634 if (bitmap_bit_p (delta, anything_id))
1636 unsigned t = find (storedanything_id);
1637 if (add_graph_edge (graph, t, rhs))
1639 if (bitmap_ior_into (get_varinfo (t)->solution, sol))
1641 if (!TEST_BIT (changed, t))
1643 SET_BIT (changed, t);
1651 /* If we do not know at with offset the rhs is dereferenced compute
1652 the reachability set of DELTA, conservatively assuming it is
1653 dereferenced at all valid offsets. */
1654 if (loff == UNKNOWN_OFFSET)
1656 solution_set_expand (delta, delta);
1660 /* For each member j of delta (Sol(x)), add an edge from y to j and
1661 union Sol(y) into Sol(j) */
1662 EXECUTE_IF_SET_IN_BITMAP (delta, 0, j, bi)
1664 varinfo_t v = get_varinfo (j);
1666 HOST_WIDE_INT fieldoffset = v->offset + loff;
1668 /* If v is a global variable then this is an escape point. */
1669 if (v->is_global_var)
1671 t = find (escaped_id);
1672 if (add_graph_edge (graph, t, rhs)
1673 && bitmap_ior_into (get_varinfo (t)->solution, sol)
1674 && !TEST_BIT (changed, t))
1676 SET_BIT (changed, t);
1681 if (v->is_special_var)
1685 fieldoffset = v->offset;
1687 v = first_vi_for_offset (v, fieldoffset);
1688 /* If the access is outside of the variable we can ignore it. */
1694 if (v->may_have_pointers)
1697 if (add_graph_edge (graph, t, rhs)
1698 && bitmap_ior_into (get_varinfo (t)->solution, sol)
1699 && !TEST_BIT (changed, t))
1701 SET_BIT (changed, t);
1706 /* If the variable is not exactly at the requested offset
1707 we have to include the next one. */
1708 if (v->offset == (unsigned HOST_WIDE_INT)fieldoffset
1713 fieldoffset = v->offset;
1719 /* Handle a non-simple (simple meaning requires no iteration),
1720 constraint (IE *x = &y, x = *y, *x = y, and x = y with offsets involved). */
1723 do_complex_constraint (constraint_graph_t graph, constraint_t c, bitmap delta)
1725 if (c->lhs.type == DEREF)
1727 if (c->rhs.type == ADDRESSOF)
1734 do_ds_constraint (c, delta);
1737 else if (c->rhs.type == DEREF)
1740 if (!(get_varinfo (c->lhs.var)->is_special_var))
1741 do_sd_constraint (graph, c, delta);
1749 gcc_assert (c->rhs.type == SCALAR && c->lhs.type == SCALAR);
1750 solution = get_varinfo (c->rhs.var)->solution;
1751 tmp = get_varinfo (c->lhs.var)->solution;
1753 flag = set_union_with_increment (tmp, solution, c->rhs.offset);
1757 get_varinfo (c->lhs.var)->solution = tmp;
1758 if (!TEST_BIT (changed, c->lhs.var))
1760 SET_BIT (changed, c->lhs.var);
1767 /* Initialize and return a new SCC info structure. */
1769 static struct scc_info *
1770 init_scc_info (size_t size)
1772 struct scc_info *si = XNEW (struct scc_info);
1775 si->current_index = 0;
1776 si->visited = sbitmap_alloc (size);
1777 sbitmap_zero (si->visited);
1778 si->deleted = sbitmap_alloc (size);
1779 sbitmap_zero (si->deleted);
1780 si->node_mapping = XNEWVEC (unsigned int, size);
1781 si->dfs = XCNEWVEC (unsigned int, size);
1783 for (i = 0; i < size; i++)
1784 si->node_mapping[i] = i;
1786 si->scc_stack = VEC_alloc (unsigned, heap, 1);
1790 /* Free an SCC info structure pointed to by SI */
1793 free_scc_info (struct scc_info *si)
1795 sbitmap_free (si->visited);
1796 sbitmap_free (si->deleted);
1797 free (si->node_mapping);
1799 VEC_free (unsigned, heap, si->scc_stack);
1804 /* Find indirect cycles in GRAPH that occur, using strongly connected
1805 components, and note them in the indirect cycles map.
1807 This technique comes from Ben Hardekopf and Calvin Lin,
1808 "It Pays to be Lazy: Fast and Accurate Pointer Analysis for Millions of
1809 Lines of Code", submitted to PLDI 2007. */
1812 find_indirect_cycles (constraint_graph_t graph)
1815 unsigned int size = graph->size;
1816 struct scc_info *si = init_scc_info (size);
1818 for (i = 0; i < MIN (LAST_REF_NODE, size); i ++ )
1819 if (!TEST_BIT (si->visited, i) && find (i) == i)
1820 scc_visit (graph, si, i);
1825 /* Compute a topological ordering for GRAPH, and store the result in the
1826 topo_info structure TI. */
1829 compute_topo_order (constraint_graph_t graph,
1830 struct topo_info *ti)
1833 unsigned int size = graph->size;
1835 for (i = 0; i != size; ++i)
1836 if (!TEST_BIT (ti->visited, i) && find (i) == i)
1837 topo_visit (graph, ti, i);
1840 /* Structure used to for hash value numbering of pointer equivalence
1843 typedef struct equiv_class_label
1846 unsigned int equivalence_class;
1848 } *equiv_class_label_t;
1849 typedef const struct equiv_class_label *const_equiv_class_label_t;
1851 /* A hashtable for mapping a bitmap of labels->pointer equivalence
1853 static htab_t pointer_equiv_class_table;
1855 /* A hashtable for mapping a bitmap of labels->location equivalence
1857 static htab_t location_equiv_class_table;
1859 /* Hash function for a equiv_class_label_t */
1862 equiv_class_label_hash (const void *p)
1864 const_equiv_class_label_t const ecl = (const_equiv_class_label_t) p;
1865 return ecl->hashcode;
1868 /* Equality function for two equiv_class_label_t's. */
1871 equiv_class_label_eq (const void *p1, const void *p2)
1873 const_equiv_class_label_t const eql1 = (const_equiv_class_label_t) p1;
1874 const_equiv_class_label_t const eql2 = (const_equiv_class_label_t) p2;
1875 return (eql1->hashcode == eql2->hashcode
1876 && bitmap_equal_p (eql1->labels, eql2->labels));
1879 /* Lookup a equivalence class in TABLE by the bitmap of LABELS it
1883 equiv_class_lookup (htab_t table, bitmap labels)
1886 struct equiv_class_label ecl;
1888 ecl.labels = labels;
1889 ecl.hashcode = bitmap_hash (labels);
1891 slot = htab_find_slot_with_hash (table, &ecl,
1892 ecl.hashcode, NO_INSERT);
1896 return ((equiv_class_label_t) *slot)->equivalence_class;
1900 /* Add an equivalence class named EQUIVALENCE_CLASS with labels LABELS
1904 equiv_class_add (htab_t table, unsigned int equivalence_class,
1908 equiv_class_label_t ecl = XNEW (struct equiv_class_label);
1910 ecl->labels = labels;
1911 ecl->equivalence_class = equivalence_class;
1912 ecl->hashcode = bitmap_hash (labels);
1914 slot = htab_find_slot_with_hash (table, ecl,
1915 ecl->hashcode, INSERT);
1916 gcc_assert (!*slot);
1917 *slot = (void *) ecl;
1920 /* Perform offline variable substitution.
1922 This is a worst case quadratic time way of identifying variables
1923 that must have equivalent points-to sets, including those caused by
1924 static cycles, and single entry subgraphs, in the constraint graph.
1926 The technique is described in "Exploiting Pointer and Location
1927 Equivalence to Optimize Pointer Analysis. In the 14th International
1928 Static Analysis Symposium (SAS), August 2007." It is known as the
1929 "HU" algorithm, and is equivalent to value numbering the collapsed
1930 constraint graph including evaluating unions.
1932 The general method of finding equivalence classes is as follows:
1933 Add fake nodes (REF nodes) and edges for *a = b and a = *b constraints.
1934 Initialize all non-REF nodes to be direct nodes.
1935 For each constraint a = a U {b}, we set pts(a) = pts(a) u {fresh
1937 For each constraint containing the dereference, we also do the same
1940 We then compute SCC's in the graph and unify nodes in the same SCC,
1943 For each non-collapsed node x:
1944 Visit all unvisited explicit incoming edges.
1945 Ignoring all non-pointers, set pts(x) = Union of pts(a) for y
1947 Lookup the equivalence class for pts(x).
1948 If we found one, equivalence_class(x) = found class.
1949 Otherwise, equivalence_class(x) = new class, and new_class is
1950 added to the lookup table.
1952 All direct nodes with the same equivalence class can be replaced
1953 with a single representative node.
1954 All unlabeled nodes (label == 0) are not pointers and all edges
1955 involving them can be eliminated.
1956 We perform these optimizations during rewrite_constraints
1958 In addition to pointer equivalence class finding, we also perform
1959 location equivalence class finding. This is the set of variables
1960 that always appear together in points-to sets. We use this to
1961 compress the size of the points-to sets. */
1963 /* Current maximum pointer equivalence class id. */
1964 static int pointer_equiv_class;
1966 /* Current maximum location equivalence class id. */
1967 static int location_equiv_class;
1969 /* Recursive routine to find strongly connected components in GRAPH,
1970 and label it's nodes with DFS numbers. */
1973 condense_visit (constraint_graph_t graph, struct scc_info *si, unsigned int n)
1977 unsigned int my_dfs;
1979 gcc_assert (si->node_mapping[n] == n);
1980 SET_BIT (si->visited, n);
1981 si->dfs[n] = si->current_index ++;
1982 my_dfs = si->dfs[n];
1984 /* Visit all the successors. */
1985 EXECUTE_IF_IN_NONNULL_BITMAP (graph->preds[n], 0, i, bi)
1987 unsigned int w = si->node_mapping[i];
1989 if (TEST_BIT (si->deleted, w))
1992 if (!TEST_BIT (si->visited, w))
1993 condense_visit (graph, si, w);
1995 unsigned int t = si->node_mapping[w];
1996 unsigned int nnode = si->node_mapping[n];
1997 gcc_assert (nnode == n);
1999 if (si->dfs[t] < si->dfs[nnode])
2000 si->dfs[n] = si->dfs[t];
2004 /* Visit all the implicit predecessors. */
2005 EXECUTE_IF_IN_NONNULL_BITMAP (graph->implicit_preds[n], 0, i, bi)
2007 unsigned int w = si->node_mapping[i];
2009 if (TEST_BIT (si->deleted, w))
2012 if (!TEST_BIT (si->visited, w))
2013 condense_visit (graph, si, w);
2015 unsigned int t = si->node_mapping[w];
2016 unsigned int nnode = si->node_mapping[n];
2017 gcc_assert (nnode == n);
2019 if (si->dfs[t] < si->dfs[nnode])
2020 si->dfs[n] = si->dfs[t];
2024 /* See if any components have been identified. */
2025 if (si->dfs[n] == my_dfs)
2027 while (VEC_length (unsigned, si->scc_stack) != 0
2028 && si->dfs[VEC_last (unsigned, si->scc_stack)] >= my_dfs)
2030 unsigned int w = VEC_pop (unsigned, si->scc_stack);
2031 si->node_mapping[w] = n;
2033 if (!TEST_BIT (graph->direct_nodes, w))
2034 RESET_BIT (graph->direct_nodes, n);
2036 /* Unify our nodes. */
2037 if (graph->preds[w])
2039 if (!graph->preds[n])
2040 graph->preds[n] = BITMAP_ALLOC (&predbitmap_obstack);
2041 bitmap_ior_into (graph->preds[n], graph->preds[w]);
2043 if (graph->implicit_preds[w])
2045 if (!graph->implicit_preds[n])
2046 graph->implicit_preds[n] = BITMAP_ALLOC (&predbitmap_obstack);
2047 bitmap_ior_into (graph->implicit_preds[n],
2048 graph->implicit_preds[w]);
2050 if (graph->points_to[w])
2052 if (!graph->points_to[n])
2053 graph->points_to[n] = BITMAP_ALLOC (&predbitmap_obstack);
2054 bitmap_ior_into (graph->points_to[n],
2055 graph->points_to[w]);
2058 SET_BIT (si->deleted, n);
2061 VEC_safe_push (unsigned, heap, si->scc_stack, n);
2064 /* Label pointer equivalences. */
2067 label_visit (constraint_graph_t graph, struct scc_info *si, unsigned int n)
2071 SET_BIT (si->visited, n);
2073 if (!graph->points_to[n])
2074 graph->points_to[n] = BITMAP_ALLOC (&predbitmap_obstack);
2076 /* Label and union our incoming edges's points to sets. */
2077 EXECUTE_IF_IN_NONNULL_BITMAP (graph->preds[n], 0, i, bi)
2079 unsigned int w = si->node_mapping[i];
2080 if (!TEST_BIT (si->visited, w))
2081 label_visit (graph, si, w);
2083 /* Skip unused edges */
2084 if (w == n || graph->pointer_label[w] == 0)
2087 if (graph->points_to[w])
2088 bitmap_ior_into(graph->points_to[n], graph->points_to[w]);
2090 /* Indirect nodes get fresh variables. */
2091 if (!TEST_BIT (graph->direct_nodes, n))
2092 bitmap_set_bit (graph->points_to[n], FIRST_REF_NODE + n);
2094 if (!bitmap_empty_p (graph->points_to[n]))
2096 unsigned int label = equiv_class_lookup (pointer_equiv_class_table,
2097 graph->points_to[n]);
2100 label = pointer_equiv_class++;
2101 equiv_class_add (pointer_equiv_class_table,
2102 label, graph->points_to[n]);
2104 graph->pointer_label[n] = label;
2108 /* Perform offline variable substitution, discovering equivalence
2109 classes, and eliminating non-pointer variables. */
2111 static struct scc_info *
2112 perform_var_substitution (constraint_graph_t graph)
2115 unsigned int size = graph->size;
2116 struct scc_info *si = init_scc_info (size);
2118 bitmap_obstack_initialize (&iteration_obstack);
2119 pointer_equiv_class_table = htab_create (511, equiv_class_label_hash,
2120 equiv_class_label_eq, free);
2121 location_equiv_class_table = htab_create (511, equiv_class_label_hash,
2122 equiv_class_label_eq, free);
2123 pointer_equiv_class = 1;
2124 location_equiv_class = 1;
2126 /* Condense the nodes, which means to find SCC's, count incoming
2127 predecessors, and unite nodes in SCC's. */
2128 for (i = 0; i < FIRST_REF_NODE; i++)
2129 if (!TEST_BIT (si->visited, si->node_mapping[i]))
2130 condense_visit (graph, si, si->node_mapping[i]);
2132 sbitmap_zero (si->visited);
2133 /* Actually the label the nodes for pointer equivalences */
2134 for (i = 0; i < FIRST_REF_NODE; i++)
2135 if (!TEST_BIT (si->visited, si->node_mapping[i]))
2136 label_visit (graph, si, si->node_mapping[i]);
2138 /* Calculate location equivalence labels. */
2139 for (i = 0; i < FIRST_REF_NODE; i++)
2146 if (!graph->pointed_by[i])
2148 pointed_by = BITMAP_ALLOC (&iteration_obstack);
2150 /* Translate the pointed-by mapping for pointer equivalence
2152 EXECUTE_IF_SET_IN_BITMAP (graph->pointed_by[i], 0, j, bi)
2154 bitmap_set_bit (pointed_by,
2155 graph->pointer_label[si->node_mapping[j]]);
2157 /* The original pointed_by is now dead. */
2158 BITMAP_FREE (graph->pointed_by[i]);
2160 /* Look up the location equivalence label if one exists, or make
2162 label = equiv_class_lookup (location_equiv_class_table,
2166 label = location_equiv_class++;
2167 equiv_class_add (location_equiv_class_table,
2172 if (dump_file && (dump_flags & TDF_DETAILS))
2173 fprintf (dump_file, "Found location equivalence for node %s\n",
2174 get_varinfo (i)->name);
2175 BITMAP_FREE (pointed_by);
2177 graph->loc_label[i] = label;
2181 if (dump_file && (dump_flags & TDF_DETAILS))
2182 for (i = 0; i < FIRST_REF_NODE; i++)
2184 bool direct_node = TEST_BIT (graph->direct_nodes, i);
2186 "Equivalence classes for %s node id %d:%s are pointer: %d"
2188 direct_node ? "Direct node" : "Indirect node", i,
2189 get_varinfo (i)->name,
2190 graph->pointer_label[si->node_mapping[i]],
2191 graph->loc_label[si->node_mapping[i]]);
2194 /* Quickly eliminate our non-pointer variables. */
2196 for (i = 0; i < FIRST_REF_NODE; i++)
2198 unsigned int node = si->node_mapping[i];
2200 if (graph->pointer_label[node] == 0)
2202 if (dump_file && (dump_flags & TDF_DETAILS))
2204 "%s is a non-pointer variable, eliminating edges.\n",
2205 get_varinfo (node)->name);
2206 stats.nonpointer_vars++;
2207 clear_edges_for_node (graph, node);
2214 /* Free information that was only necessary for variable
2218 free_var_substitution_info (struct scc_info *si)
2221 free (graph->pointer_label);
2222 free (graph->loc_label);
2223 free (graph->pointed_by);
2224 free (graph->points_to);
2225 free (graph->eq_rep);
2226 sbitmap_free (graph->direct_nodes);
2227 htab_delete (pointer_equiv_class_table);
2228 htab_delete (location_equiv_class_table);
2229 bitmap_obstack_release (&iteration_obstack);
2232 /* Return an existing node that is equivalent to NODE, which has
2233 equivalence class LABEL, if one exists. Return NODE otherwise. */
2236 find_equivalent_node (constraint_graph_t graph,
2237 unsigned int node, unsigned int label)
2239 /* If the address version of this variable is unused, we can
2240 substitute it for anything else with the same label.
2241 Otherwise, we know the pointers are equivalent, but not the
2242 locations, and we can unite them later. */
2244 if (!bitmap_bit_p (graph->address_taken, node))
2246 gcc_assert (label < graph->size);
2248 if (graph->eq_rep[label] != -1)
2250 /* Unify the two variables since we know they are equivalent. */
2251 if (unite (graph->eq_rep[label], node))
2252 unify_nodes (graph, graph->eq_rep[label], node, false);
2253 return graph->eq_rep[label];
2257 graph->eq_rep[label] = node;
2258 graph->pe_rep[label] = node;
2263 gcc_assert (label < graph->size);
2264 graph->pe[node] = label;
2265 if (graph->pe_rep[label] == -1)
2266 graph->pe_rep[label] = node;
2272 /* Unite pointer equivalent but not location equivalent nodes in
2273 GRAPH. This may only be performed once variable substitution is
2277 unite_pointer_equivalences (constraint_graph_t graph)
2281 /* Go through the pointer equivalences and unite them to their
2282 representative, if they aren't already. */
2283 for (i = 0; i < FIRST_REF_NODE; i++)
2285 unsigned int label = graph->pe[i];
2288 int label_rep = graph->pe_rep[label];
2290 if (label_rep == -1)
2293 label_rep = find (label_rep);
2294 if (label_rep >= 0 && unite (label_rep, find (i)))
2295 unify_nodes (graph, label_rep, i, false);
2300 /* Move complex constraints to the GRAPH nodes they belong to. */
2303 move_complex_constraints (constraint_graph_t graph)
2308 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
2312 struct constraint_expr lhs = c->lhs;
2313 struct constraint_expr rhs = c->rhs;
2315 if (lhs.type == DEREF)
2317 insert_into_complex (graph, lhs.var, c);
2319 else if (rhs.type == DEREF)
2321 if (!(get_varinfo (lhs.var)->is_special_var))
2322 insert_into_complex (graph, rhs.var, c);
2324 else if (rhs.type != ADDRESSOF && lhs.var > anything_id
2325 && (lhs.offset != 0 || rhs.offset != 0))
2327 insert_into_complex (graph, rhs.var, c);
2334 /* Optimize and rewrite complex constraints while performing
2335 collapsing of equivalent nodes. SI is the SCC_INFO that is the
2336 result of perform_variable_substitution. */
2339 rewrite_constraints (constraint_graph_t graph,
2340 struct scc_info *si)
2346 for (j = 0; j < graph->size; j++)
2347 gcc_assert (find (j) == j);
2349 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
2351 struct constraint_expr lhs = c->lhs;
2352 struct constraint_expr rhs = c->rhs;
2353 unsigned int lhsvar = find (lhs.var);
2354 unsigned int rhsvar = find (rhs.var);
2355 unsigned int lhsnode, rhsnode;
2356 unsigned int lhslabel, rhslabel;
2358 lhsnode = si->node_mapping[lhsvar];
2359 rhsnode = si->node_mapping[rhsvar];
2360 lhslabel = graph->pointer_label[lhsnode];
2361 rhslabel = graph->pointer_label[rhsnode];
2363 /* See if it is really a non-pointer variable, and if so, ignore
2367 if (dump_file && (dump_flags & TDF_DETAILS))
2370 fprintf (dump_file, "%s is a non-pointer variable,"
2371 "ignoring constraint:",
2372 get_varinfo (lhs.var)->name);
2373 dump_constraint (dump_file, c);
2375 VEC_replace (constraint_t, constraints, i, NULL);
2381 if (dump_file && (dump_flags & TDF_DETAILS))
2384 fprintf (dump_file, "%s is a non-pointer variable,"
2385 "ignoring constraint:",
2386 get_varinfo (rhs.var)->name);
2387 dump_constraint (dump_file, c);
2389 VEC_replace (constraint_t, constraints, i, NULL);
2393 lhsvar = find_equivalent_node (graph, lhsvar, lhslabel);
2394 rhsvar = find_equivalent_node (graph, rhsvar, rhslabel);
2395 c->lhs.var = lhsvar;
2396 c->rhs.var = rhsvar;
2401 /* Eliminate indirect cycles involving NODE. Return true if NODE was
2402 part of an SCC, false otherwise. */
2405 eliminate_indirect_cycles (unsigned int node)
2407 if (graph->indirect_cycles[node] != -1
2408 && !bitmap_empty_p (get_varinfo (node)->solution))
2411 VEC(unsigned,heap) *queue = NULL;
2413 unsigned int to = find (graph->indirect_cycles[node]);
2416 /* We can't touch the solution set and call unify_nodes
2417 at the same time, because unify_nodes is going to do
2418 bitmap unions into it. */
2420 EXECUTE_IF_SET_IN_BITMAP (get_varinfo (node)->solution, 0, i, bi)
2422 if (find (i) == i && i != to)
2425 VEC_safe_push (unsigned, heap, queue, i);
2430 VEC_iterate (unsigned, queue, queuepos, i);
2433 unify_nodes (graph, to, i, true);
2435 VEC_free (unsigned, heap, queue);
2441 /* Solve the constraint graph GRAPH using our worklist solver.
2442 This is based on the PW* family of solvers from the "Efficient Field
2443 Sensitive Pointer Analysis for C" paper.
2444 It works by iterating over all the graph nodes, processing the complex
2445 constraints and propagating the copy constraints, until everything stops
2446 changed. This corresponds to steps 6-8 in the solving list given above. */
2449 solve_graph (constraint_graph_t graph)
2451 unsigned int size = graph->size;
2456 changed = sbitmap_alloc (size);
2457 sbitmap_zero (changed);
2459 /* Mark all initial non-collapsed nodes as changed. */
2460 for (i = 0; i < size; i++)
2462 varinfo_t ivi = get_varinfo (i);
2463 if (find (i) == i && !bitmap_empty_p (ivi->solution)
2464 && ((graph->succs[i] && !bitmap_empty_p (graph->succs[i]))
2465 || VEC_length (constraint_t, graph->complex[i]) > 0))
2467 SET_BIT (changed, i);
2472 /* Allocate a bitmap to be used to store the changed bits. */
2473 pts = BITMAP_ALLOC (&pta_obstack);
2475 while (changed_count > 0)
2478 struct topo_info *ti = init_topo_info ();
2481 bitmap_obstack_initialize (&iteration_obstack);
2483 compute_topo_order (graph, ti);
2485 while (VEC_length (unsigned, ti->topo_order) != 0)
2488 i = VEC_pop (unsigned, ti->topo_order);
2490 /* If this variable is not a representative, skip it. */
2494 /* In certain indirect cycle cases, we may merge this
2495 variable to another. */
2496 if (eliminate_indirect_cycles (i) && find (i) != i)
2499 /* If the node has changed, we need to process the
2500 complex constraints and outgoing edges again. */
2501 if (TEST_BIT (changed, i))
2506 VEC(constraint_t,heap) *complex = graph->complex[i];
2507 bool solution_empty;
2509 RESET_BIT (changed, i);
2512 /* Compute the changed set of solution bits. */
2513 bitmap_and_compl (pts, get_varinfo (i)->solution,
2514 get_varinfo (i)->oldsolution);
2516 if (bitmap_empty_p (pts))
2519 bitmap_ior_into (get_varinfo (i)->oldsolution, pts);
2521 solution = get_varinfo (i)->solution;
2522 solution_empty = bitmap_empty_p (solution);
2524 /* Process the complex constraints */
2525 for (j = 0; VEC_iterate (constraint_t, complex, j, c); j++)
2527 /* XXX: This is going to unsort the constraints in
2528 some cases, which will occasionally add duplicate
2529 constraints during unification. This does not
2530 affect correctness. */
2531 c->lhs.var = find (c->lhs.var);
2532 c->rhs.var = find (c->rhs.var);
2534 /* The only complex constraint that can change our
2535 solution to non-empty, given an empty solution,
2536 is a constraint where the lhs side is receiving
2537 some set from elsewhere. */
2538 if (!solution_empty || c->lhs.type != DEREF)
2539 do_complex_constraint (graph, c, pts);
2542 solution_empty = bitmap_empty_p (solution);
2544 if (!solution_empty)
2547 unsigned eff_escaped_id = find (escaped_id);
2549 /* Propagate solution to all successors. */
2550 EXECUTE_IF_IN_NONNULL_BITMAP (graph->succs[i],
2556 unsigned int to = find (j);
2557 tmp = get_varinfo (to)->solution;
2560 /* Don't try to propagate to ourselves. */
2564 /* If we propagate from ESCAPED use ESCAPED as
2566 if (i == eff_escaped_id)
2567 flag = bitmap_set_bit (tmp, escaped_id);
2569 flag = set_union_with_increment (tmp, pts, 0);
2573 get_varinfo (to)->solution = tmp;
2574 if (!TEST_BIT (changed, to))
2576 SET_BIT (changed, to);
2584 free_topo_info (ti);
2585 bitmap_obstack_release (&iteration_obstack);
2589 sbitmap_free (changed);
2590 bitmap_obstack_release (&oldpta_obstack);
2593 /* Map from trees to variable infos. */
2594 static struct pointer_map_t *vi_for_tree;
2597 /* Insert ID as the variable id for tree T in the vi_for_tree map. */
2600 insert_vi_for_tree (tree t, varinfo_t vi)
2602 void **slot = pointer_map_insert (vi_for_tree, t);
2604 gcc_assert (*slot == NULL);
2608 /* Find the variable info for tree T in VI_FOR_TREE. If T does not
2609 exist in the map, return NULL, otherwise, return the varinfo we found. */
2612 lookup_vi_for_tree (tree t)
2614 void **slot = pointer_map_contains (vi_for_tree, t);
2618 return (varinfo_t) *slot;
2621 /* Return a printable name for DECL */
2624 alias_get_name (tree decl)
2626 const char *res = get_name (decl);
2628 int num_printed = 0;
2637 if (TREE_CODE (decl) == SSA_NAME)
2639 num_printed = asprintf (&temp, "%s_%u",
2640 alias_get_name (SSA_NAME_VAR (decl)),
2641 SSA_NAME_VERSION (decl));
2643 else if (DECL_P (decl))
2645 num_printed = asprintf (&temp, "D.%u", DECL_UID (decl));
2647 if (num_printed > 0)
2649 res = ggc_strdup (temp);
2655 /* Find the variable id for tree T in the map.
2656 If T doesn't exist in the map, create an entry for it and return it. */
2659 get_vi_for_tree (tree t)
2661 void **slot = pointer_map_contains (vi_for_tree, t);
2663 return get_varinfo (create_variable_info_for (t, alias_get_name (t)));
2665 return (varinfo_t) *slot;
2668 /* Get a scalar constraint expression for a new temporary variable. */
2670 static struct constraint_expr
2671 new_scalar_tmp_constraint_exp (const char *name)
2673 struct constraint_expr tmp;
2676 vi = new_var_info (NULL_TREE, name);
2680 vi->is_full_var = 1;
2689 /* Get a constraint expression vector from an SSA_VAR_P node.
2690 If address_p is true, the result will be taken its address of. */
2693 get_constraint_for_ssa_var (tree t, VEC(ce_s, heap) **results, bool address_p)
2695 struct constraint_expr cexpr;
2698 /* We allow FUNCTION_DECLs here even though it doesn't make much sense. */
2699 gcc_assert (SSA_VAR_P (t) || DECL_P (t));
2701 /* For parameters, get at the points-to set for the actual parm
2703 if (TREE_CODE (t) == SSA_NAME
2704 && TREE_CODE (SSA_NAME_VAR (t)) == PARM_DECL
2705 && SSA_NAME_IS_DEFAULT_DEF (t))
2707 get_constraint_for_ssa_var (SSA_NAME_VAR (t), results, address_p);
2711 vi = get_vi_for_tree (t);
2713 cexpr.type = SCALAR;
2715 /* If we determine the result is "anything", and we know this is readonly,
2716 say it points to readonly memory instead. */
2717 if (cexpr.var == anything_id && TREE_READONLY (t))
2720 cexpr.type = ADDRESSOF;
2721 cexpr.var = readonly_id;
2724 /* If we are not taking the address of the constraint expr, add all
2725 sub-fiels of the variable as well. */
2727 && !vi->is_full_var)
2729 for (; vi; vi = vi->next)
2732 VEC_safe_push (ce_s, heap, *results, &cexpr);
2737 VEC_safe_push (ce_s, heap, *results, &cexpr);
2740 /* Process constraint T, performing various simplifications and then
2741 adding it to our list of overall constraints. */
2744 process_constraint (constraint_t t)
2746 struct constraint_expr rhs = t->rhs;
2747 struct constraint_expr lhs = t->lhs;
2749 gcc_assert (rhs.var < VEC_length (varinfo_t, varmap));
2750 gcc_assert (lhs.var < VEC_length (varinfo_t, varmap));
2752 /* If we didn't get any useful constraint from the lhs we get
2753 &ANYTHING as fallback from get_constraint_for. Deal with
2754 it here by turning it into *ANYTHING. */
2755 if (lhs.type == ADDRESSOF
2756 && lhs.var == anything_id)
2759 /* ADDRESSOF on the lhs is invalid. */
2760 gcc_assert (lhs.type != ADDRESSOF);
2762 /* This can happen in our IR with things like n->a = *p */
2763 if (rhs.type == DEREF && lhs.type == DEREF && rhs.var != anything_id)
2765 /* Split into tmp = *rhs, *lhs = tmp */
2766 struct constraint_expr tmplhs;
2767 tmplhs = new_scalar_tmp_constraint_exp ("doubledereftmp");
2768 process_constraint (new_constraint (tmplhs, rhs));
2769 process_constraint (new_constraint (lhs, tmplhs));
2771 else if (rhs.type == ADDRESSOF && lhs.type == DEREF)
2773 /* Split into tmp = &rhs, *lhs = tmp */
2774 struct constraint_expr tmplhs;
2775 tmplhs = new_scalar_tmp_constraint_exp ("derefaddrtmp");
2776 process_constraint (new_constraint (tmplhs, rhs));
2777 process_constraint (new_constraint (lhs, tmplhs));
2781 gcc_assert (rhs.type != ADDRESSOF || rhs.offset == 0);
2782 VEC_safe_push (constraint_t, heap, constraints, t);
2786 /* Return true if T is a type that could contain pointers. */
2789 type_could_have_pointers (tree type)
2791 if (POINTER_TYPE_P (type))
2794 if (TREE_CODE (type) == ARRAY_TYPE)
2795 return type_could_have_pointers (TREE_TYPE (type));
2797 return AGGREGATE_TYPE_P (type);
2800 /* Return true if T is a variable of a type that could contain
2804 could_have_pointers (tree t)
2806 return type_could_have_pointers (TREE_TYPE (t));
2809 /* Return the position, in bits, of FIELD_DECL from the beginning of its
2812 static HOST_WIDE_INT
2813 bitpos_of_field (const tree fdecl)
2816 if (!host_integerp (DECL_FIELD_OFFSET (fdecl), 0)
2817 || !host_integerp (DECL_FIELD_BIT_OFFSET (fdecl), 0))
2820 return (TREE_INT_CST_LOW (DECL_FIELD_OFFSET (fdecl)) * 8
2821 + TREE_INT_CST_LOW (DECL_FIELD_BIT_OFFSET (fdecl)));
2825 /* Get constraint expressions for offsetting PTR by OFFSET. Stores the
2826 resulting constraint expressions in *RESULTS. */
2829 get_constraint_for_ptr_offset (tree ptr, tree offset,
2830 VEC (ce_s, heap) **results)
2832 struct constraint_expr c;
2834 HOST_WIDE_INT rhsunitoffset, rhsoffset;
2836 /* If we do not do field-sensitive PTA adding offsets to pointers
2837 does not change the points-to solution. */
2838 if (!use_field_sensitive)
2840 get_constraint_for (ptr, results);
2844 /* If the offset is not a non-negative integer constant that fits
2845 in a HOST_WIDE_INT, we have to fall back to a conservative
2846 solution which includes all sub-fields of all pointed-to
2847 variables of ptr. */
2848 if (offset == NULL_TREE
2849 || !host_integerp (offset, 0))
2850 rhsoffset = UNKNOWN_OFFSET;
2853 /* Make sure the bit-offset also fits. */
2854 rhsunitoffset = TREE_INT_CST_LOW (offset);
2855 rhsoffset = rhsunitoffset * BITS_PER_UNIT;
2856 if (rhsunitoffset != rhsoffset / BITS_PER_UNIT)
2857 rhsoffset = UNKNOWN_OFFSET;
2860 get_constraint_for (ptr, results);
2864 /* As we are eventually appending to the solution do not use
2865 VEC_iterate here. */
2866 n = VEC_length (ce_s, *results);
2867 for (j = 0; j < n; j++)
2870 c = *VEC_index (ce_s, *results, j);
2871 curr = get_varinfo (c.var);
2873 if (c.type == ADDRESSOF
2874 /* If this varinfo represents a full variable just use it. */
2875 && curr->is_full_var)
2877 else if (c.type == ADDRESSOF
2878 /* If we do not know the offset add all subfields. */
2879 && rhsoffset == UNKNOWN_OFFSET)
2881 varinfo_t temp = lookup_vi_for_tree (curr->decl);
2884 struct constraint_expr c2;
2886 c2.type = ADDRESSOF;
2888 if (c2.var != c.var)
2889 VEC_safe_push (ce_s, heap, *results, &c2);
2894 else if (c.type == ADDRESSOF)
2897 unsigned HOST_WIDE_INT offset = curr->offset + rhsoffset;
2899 /* Search the sub-field which overlaps with the
2900 pointed-to offset. If the result is outside of the variable
2901 we have to provide a conservative result, as the variable is
2902 still reachable from the resulting pointer (even though it
2903 technically cannot point to anything). The last and first
2904 sub-fields are such conservative results.
2905 ??? If we always had a sub-field for &object + 1 then
2906 we could represent this in a more precise way. */
2908 && curr->offset < offset)
2910 temp = first_or_preceding_vi_for_offset (curr, offset);
2912 /* If the found variable is not exactly at the pointed to
2913 result, we have to include the next variable in the
2914 solution as well. Otherwise two increments by offset / 2
2915 do not result in the same or a conservative superset
2917 if (temp->offset != offset
2918 && temp->next != NULL)
2920 struct constraint_expr c2;
2921 c2.var = temp->next->id;
2922 c2.type = ADDRESSOF;
2924 VEC_safe_push (ce_s, heap, *results, &c2);
2930 c.offset = rhsoffset;
2932 VEC_replace (ce_s, *results, j, &c);
2937 /* Given a COMPONENT_REF T, return the constraint_expr vector for it.
2938 If address_p is true the result will be taken its address of. */
2941 get_constraint_for_component_ref (tree t, VEC(ce_s, heap) **results,
2945 HOST_WIDE_INT bitsize = -1;
2946 HOST_WIDE_INT bitmaxsize = -1;
2947 HOST_WIDE_INT bitpos;
2949 struct constraint_expr *result;
2951 /* Some people like to do cute things like take the address of
2954 while (handled_component_p (forzero)
2955 || INDIRECT_REF_P (forzero))
2956 forzero = TREE_OPERAND (forzero, 0);
2958 if (CONSTANT_CLASS_P (forzero) && integer_zerop (forzero))
2960 struct constraint_expr temp;
2963 temp.var = integer_id;
2965 VEC_safe_push (ce_s, heap, *results, &temp);
2969 t = get_ref_base_and_extent (t, &bitpos, &bitsize, &bitmaxsize);
2971 /* Pretend to take the address of the base, we'll take care of
2972 adding the required subset of sub-fields below. */
2973 get_constraint_for_1 (t, results, true);
2974 gcc_assert (VEC_length (ce_s, *results) == 1);
2975 result = VEC_last (ce_s, *results);
2977 if (result->type == SCALAR
2978 && get_varinfo (result->var)->is_full_var)
2979 /* For single-field vars do not bother about the offset. */
2981 else if (result->type == SCALAR)
2983 /* In languages like C, you can access one past the end of an
2984 array. You aren't allowed to dereference it, so we can
2985 ignore this constraint. When we handle pointer subtraction,
2986 we may have to do something cute here. */
2988 if ((unsigned HOST_WIDE_INT)bitpos < get_varinfo (result->var)->fullsize
2991 /* It's also not true that the constraint will actually start at the
2992 right offset, it may start in some padding. We only care about
2993 setting the constraint to the first actual field it touches, so
2995 struct constraint_expr cexpr = *result;
2997 VEC_pop (ce_s, *results);
2999 for (curr = get_varinfo (cexpr.var); curr; curr = curr->next)
3001 if (ranges_overlap_p (curr->offset, curr->size,
3002 bitpos, bitmaxsize))
3004 cexpr.var = curr->id;
3005 VEC_safe_push (ce_s, heap, *results, &cexpr);
3010 /* If we are going to take the address of this field then
3011 to be able to compute reachability correctly add at least
3012 the last field of the variable. */
3014 && VEC_length (ce_s, *results) == 0)
3016 curr = get_varinfo (cexpr.var);
3017 while (curr->next != NULL)
3019 cexpr.var = curr->id;
3020 VEC_safe_push (ce_s, heap, *results, &cexpr);
3023 /* Assert that we found *some* field there. The user couldn't be
3024 accessing *only* padding. */
3025 /* Still the user could access one past the end of an array
3026 embedded in a struct resulting in accessing *only* padding. */
3027 gcc_assert (VEC_length (ce_s, *results) >= 1
3028 || ref_contains_array_ref (orig_t));
3030 else if (bitmaxsize == 0)
3032 if (dump_file && (dump_flags & TDF_DETAILS))
3033 fprintf (dump_file, "Access to zero-sized part of variable,"
3037 if (dump_file && (dump_flags & TDF_DETAILS))
3038 fprintf (dump_file, "Access to past the end of variable, ignoring\n");
3040 else if (result->type == DEREF)
3042 /* If we do not know exactly where the access goes say so. Note
3043 that only for non-structure accesses we know that we access
3044 at most one subfiled of any variable. */
3046 || bitsize != bitmaxsize
3047 || AGGREGATE_TYPE_P (TREE_TYPE (orig_t)))
3048 result->offset = UNKNOWN_OFFSET;
3050 result->offset = bitpos;
3052 else if (result->type == ADDRESSOF)
3054 /* We can end up here for component references on a
3055 VIEW_CONVERT_EXPR <>(&foobar). */
3056 result->type = SCALAR;
3057 result->var = anything_id;
3065 /* Dereference the constraint expression CONS, and return the result.
3066 DEREF (ADDRESSOF) = SCALAR
3067 DEREF (SCALAR) = DEREF
3068 DEREF (DEREF) = (temp = DEREF1; result = DEREF(temp))
3069 This is needed so that we can handle dereferencing DEREF constraints. */
3072 do_deref (VEC (ce_s, heap) **constraints)
3074 struct constraint_expr *c;
3077 for (i = 0; VEC_iterate (ce_s, *constraints, i, c); i++)
3079 if (c->type == SCALAR)
3081 else if (c->type == ADDRESSOF)
3083 else if (c->type == DEREF)
3085 struct constraint_expr tmplhs;
3086 tmplhs = new_scalar_tmp_constraint_exp ("dereftmp");
3087 process_constraint (new_constraint (tmplhs, *c));
3088 c->var = tmplhs.var;
3095 static void get_constraint_for_1 (tree, VEC (ce_s, heap) **, bool);
3097 /* Given a tree T, return the constraint expression for taking the
3101 get_constraint_for_address_of (tree t, VEC (ce_s, heap) **results)
3103 struct constraint_expr *c;
3106 get_constraint_for_1 (t, results, true);
3108 for (i = 0; VEC_iterate (ce_s, *results, i, c); i++)
3110 if (c->type == DEREF)
3113 c->type = ADDRESSOF;
3117 /* Given a tree T, return the constraint expression for it. */
3120 get_constraint_for_1 (tree t, VEC (ce_s, heap) **results, bool address_p)
3122 struct constraint_expr temp;
3124 /* x = integer is all glommed to a single variable, which doesn't
3125 point to anything by itself. That is, of course, unless it is an
3126 integer constant being treated as a pointer, in which case, we
3127 will return that this is really the addressof anything. This
3128 happens below, since it will fall into the default case. The only
3129 case we know something about an integer treated like a pointer is
3130 when it is the NULL pointer, and then we just say it points to
3133 Do not do that if -fno-delete-null-pointer-checks though, because
3134 in that case *NULL does not fail, so it _should_ alias *anything.
3135 It is not worth adding a new option or renaming the existing one,
3136 since this case is relatively obscure. */
3137 if (flag_delete_null_pointer_checks
3138 && ((TREE_CODE (t) == INTEGER_CST
3139 && integer_zerop (t))
3140 /* The only valid CONSTRUCTORs in gimple with pointer typed
3141 elements are zero-initializer. */
3142 || TREE_CODE (t) == CONSTRUCTOR))
3144 temp.var = nothing_id;
3145 temp.type = ADDRESSOF;
3147 VEC_safe_push (ce_s, heap, *results, &temp);
3151 /* String constants are read-only. */
3152 if (TREE_CODE (t) == STRING_CST)
3154 temp.var = readonly_id;
3157 VEC_safe_push (ce_s, heap, *results, &temp);
3161 switch (TREE_CODE_CLASS (TREE_CODE (t)))
3163 case tcc_expression:
3165 switch (TREE_CODE (t))
3168 get_constraint_for_address_of (TREE_OPERAND (t, 0), results);
3176 switch (TREE_CODE (t))
3180 get_constraint_for_1 (TREE_OPERAND (t, 0), results, address_p);
3185 case ARRAY_RANGE_REF:
3187 get_constraint_for_component_ref (t, results, address_p);
3189 case VIEW_CONVERT_EXPR:
3190 get_constraint_for_1 (TREE_OPERAND (t, 0), results, address_p);
3192 /* We are missing handling for TARGET_MEM_REF here. */
3197 case tcc_exceptional:
3199 switch (TREE_CODE (t))
3203 get_constraint_for_ssa_var (t, results, address_p);
3210 case tcc_declaration:
3212 get_constraint_for_ssa_var (t, results, address_p);
3218 /* The default fallback is a constraint from anything. */
3219 temp.type = ADDRESSOF;
3220 temp.var = anything_id;
3222 VEC_safe_push (ce_s, heap, *results, &temp);
3225 /* Given a gimple tree T, return the constraint expression vector for it. */
3228 get_constraint_for (tree t, VEC (ce_s, heap) **results)
3230 gcc_assert (VEC_length (ce_s, *results) == 0);
3232 get_constraint_for_1 (t, results, false);
3236 /* Efficiently generates constraints from all entries in *RHSC to all
3237 entries in *LHSC. */
3240 process_all_all_constraints (VEC (ce_s, heap) *lhsc, VEC (ce_s, heap) *rhsc)
3242 struct constraint_expr *lhsp, *rhsp;
3245 if (VEC_length (ce_s, lhsc) <= 1
3246 || VEC_length (ce_s, rhsc) <= 1)
3248 for (i = 0; VEC_iterate (ce_s, lhsc, i, lhsp); ++i)
3249 for (j = 0; VEC_iterate (ce_s, rhsc, j, rhsp); ++j)
3250 process_constraint (new_constraint (*lhsp, *rhsp));
3254 struct constraint_expr tmp;
3255 tmp = new_scalar_tmp_constraint_exp ("allalltmp");
3256 for (i = 0; VEC_iterate (ce_s, rhsc, i, rhsp); ++i)
3257 process_constraint (new_constraint (tmp, *rhsp));
3258 for (i = 0; VEC_iterate (ce_s, lhsc, i, lhsp); ++i)
3259 process_constraint (new_constraint (*lhsp, tmp));
3263 /* Handle aggregate copies by expanding into copies of the respective
3264 fields of the structures. */
3267 do_structure_copy (tree lhsop, tree rhsop)
3269 struct constraint_expr *lhsp, *rhsp;
3270 VEC (ce_s, heap) *lhsc = NULL, *rhsc = NULL;
3273 get_constraint_for (lhsop, &lhsc);
3274 get_constraint_for (rhsop, &rhsc);
3275 lhsp = VEC_index (ce_s, lhsc, 0);
3276 rhsp = VEC_index (ce_s, rhsc, 0);
3277 if (lhsp->type == DEREF
3278 || (lhsp->type == ADDRESSOF && lhsp->var == anything_id)
3279 || rhsp->type == DEREF)
3280 process_all_all_constraints (lhsc, rhsc);
3281 else if (lhsp->type == SCALAR
3282 && (rhsp->type == SCALAR
3283 || rhsp->type == ADDRESSOF))
3285 HOST_WIDE_INT lhssize, lhsmaxsize, lhsoffset;
3286 HOST_WIDE_INT rhssize, rhsmaxsize, rhsoffset;
3288 get_ref_base_and_extent (lhsop, &lhsoffset, &lhssize, &lhsmaxsize);
3289 get_ref_base_and_extent (rhsop, &rhsoffset, &rhssize, &rhsmaxsize);
3290 for (j = 0; VEC_iterate (ce_s, lhsc, j, lhsp);)
3292 varinfo_t lhsv, rhsv;
3293 rhsp = VEC_index (ce_s, rhsc, k);
3294 lhsv = get_varinfo (lhsp->var);
3295 rhsv = get_varinfo (rhsp->var);
3296 if (lhsv->may_have_pointers
3297 && ranges_overlap_p (lhsv->offset + rhsoffset, lhsv->size,
3298 rhsv->offset + lhsoffset, rhsv->size))
3299 process_constraint (new_constraint (*lhsp, *rhsp));
3300 if (lhsv->offset + rhsoffset + lhsv->size
3301 > rhsv->offset + lhsoffset + rhsv->size)
3304 if (k >= VEC_length (ce_s, rhsc))
3314 VEC_free (ce_s, heap, lhsc);
3315 VEC_free (ce_s, heap, rhsc);
3318 /* Create a constraint ID = OP. */
3321 make_constraint_to (unsigned id, tree op)
3323 VEC(ce_s, heap) *rhsc = NULL;
3324 struct constraint_expr *c;
3325 struct constraint_expr includes;
3329 includes.offset = 0;
3330 includes.type = SCALAR;
3332 get_constraint_for (op, &rhsc);
3333 for (j = 0; VEC_iterate (ce_s, rhsc, j, c); j++)
3334 process_constraint (new_constraint (includes, *c));
3335 VEC_free (ce_s, heap, rhsc);
3338 /* Create a constraint ID = &FROM. */
3341 make_constraint_from (varinfo_t vi, int from)
3343 struct constraint_expr lhs, rhs;
3351 rhs.type = ADDRESSOF;
3352 process_constraint (new_constraint (lhs, rhs));
3355 /* Create a constraint ID = FROM. */
3358 make_copy_constraint (varinfo_t vi, int from)
3360 struct constraint_expr lhs, rhs;
3369 process_constraint (new_constraint (lhs, rhs));
3372 /* Make constraints necessary to make OP escape. */
3375 make_escape_constraint (tree op)
3377 make_constraint_to (escaped_id, op);
3380 /* Create a new artificial heap variable with NAME and make a
3381 constraint from it to LHS. Return the created variable. */
3384 make_constraint_from_heapvar (varinfo_t lhs, const char *name)
3387 tree heapvar = heapvar_lookup (lhs->decl, lhs->offset);
3389 if (heapvar == NULL_TREE)
3392 heapvar = create_tmp_var_raw (ptr_type_node, name);
3393 DECL_EXTERNAL (heapvar) = 1;
3395 heapvar_insert (lhs->decl, lhs->offset, heapvar);
3397 ann = get_var_ann (heapvar);
3398 ann->is_heapvar = 1;
3401 /* For global vars we need to add a heapvar to the list of referenced
3402 vars of a different function than it was created for originally. */
3403 if (gimple_referenced_vars (cfun))
3404 add_referenced_var (heapvar);
3406 vi = new_var_info (heapvar, name);
3407 vi->is_artificial_var = true;
3408 vi->is_heap_var = true;
3409 vi->is_unknown_size_var = true;
3413 vi->is_full_var = true;
3414 insert_vi_for_tree (heapvar, vi);
3416 make_constraint_from (lhs, vi->id);
3421 /* Create a new artificial heap variable with NAME and make a
3422 constraint from it to LHS. Set flags according to a tag used
3423 for tracking restrict pointers. */
3426 make_constraint_from_restrict (varinfo_t lhs, const char *name)
3429 vi = make_constraint_from_heapvar (lhs, name);
3430 vi->is_restrict_var = 1;
3431 vi->is_global_var = 0;
3432 vi->is_special_var = 1;
3433 vi->may_have_pointers = 0;
3436 /* For non-IPA mode, generate constraints necessary for a call on the
3440 handle_rhs_call (gimple stmt, VEC(ce_s, heap) **results)
3442 struct constraint_expr rhsc;
3445 for (i = 0; i < gimple_call_num_args (stmt); ++i)
3447 tree arg = gimple_call_arg (stmt, i);
3449 /* Find those pointers being passed, and make sure they end up
3450 pointing to anything. */
3451 if (could_have_pointers (arg))
3452 make_escape_constraint (arg);
3455 /* The static chain escapes as well. */
3456 if (gimple_call_chain (stmt))
3457 make_escape_constraint (gimple_call_chain (stmt));
3459 /* And if we applied NRV the address of the return slot escapes as well. */
3460 if (gimple_call_return_slot_opt_p (stmt)
3461 && gimple_call_lhs (stmt) != NULL_TREE
3462 && TREE_ADDRESSABLE (TREE_TYPE (gimple_call_lhs (stmt))))
3464 VEC(ce_s, heap) *tmpc = NULL;
3465 struct constraint_expr lhsc, *c;
3466 get_constraint_for_address_of (gimple_call_lhs (stmt), &tmpc);
3467 lhsc.var = escaped_id;
3470 for (i = 0; VEC_iterate (ce_s, tmpc, i, c); ++i)
3471 process_constraint (new_constraint (lhsc, *c));
3472 VEC_free(ce_s, heap, tmpc);
3475 /* Regular functions return nonlocal memory. */
3476 rhsc.var = nonlocal_id;
3479 VEC_safe_push (ce_s, heap, *results, &rhsc);
3482 /* For non-IPA mode, generate constraints necessary for a call
3483 that returns a pointer and assigns it to LHS. This simply makes
3484 the LHS point to global and escaped variables. */
3487 handle_lhs_call (tree lhs, int flags, VEC(ce_s, heap) *rhsc, tree fndecl)
3489 VEC(ce_s, heap) *lhsc = NULL;
3491 get_constraint_for (lhs, &lhsc);
3493 if (flags & ECF_MALLOC)
3496 vi = make_constraint_from_heapvar (get_vi_for_tree (lhs), "HEAP");
3497 /* We delay marking allocated storage global until we know if
3499 DECL_EXTERNAL (vi->decl) = 0;
3500 vi->is_global_var = 0;
3501 /* If this is not a real malloc call assume the memory was
3502 initialized and thus may point to global memory. All
3503 builtin functions with the malloc attribute behave in a sane way. */
3505 || DECL_BUILT_IN_CLASS (fndecl) != BUILT_IN_NORMAL)
3506 make_constraint_from (vi, nonlocal_id);
3508 else if (VEC_length (ce_s, rhsc) > 0)
3510 /* If the store is to a global decl make sure to
3511 add proper escape constraints. */
3512 lhs = get_base_address (lhs);
3515 && is_global_var (lhs))
3517 struct constraint_expr tmpc;
3518 tmpc.var = escaped_id;
3521 VEC_safe_push (ce_s, heap, lhsc, &tmpc);
3523 process_all_all_constraints (lhsc, rhsc);
3525 VEC_free (ce_s, heap, lhsc);
3528 /* For non-IPA mode, generate constraints necessary for a call of a
3529 const function that returns a pointer in the statement STMT. */
3532 handle_const_call (gimple stmt, VEC(ce_s, heap) **results)
3534 struct constraint_expr rhsc;
3537 /* Treat nested const functions the same as pure functions as far
3538 as the static chain is concerned. */
3539 if (gimple_call_chain (stmt))
3541 make_constraint_to (callused_id, gimple_call_chain (stmt));
3542 rhsc.var = callused_id;
3545 VEC_safe_push (ce_s, heap, *results, &rhsc);
3548 /* May return arguments. */
3549 for (k = 0; k < gimple_call_num_args (stmt); ++k)
3551 tree arg = gimple_call_arg (stmt, k);
3553 if (could_have_pointers (arg))
3555 VEC(ce_s, heap) *argc = NULL;
3557 struct constraint_expr *argp;
3558 get_constraint_for (arg, &argc);
3559 for (i = 0; VEC_iterate (ce_s, argc, i, argp); ++i)
3560 VEC_safe_push (ce_s, heap, *results, argp);
3561 VEC_free(ce_s, heap, argc);
3565 /* May return addresses of globals. */
3566 rhsc.var = nonlocal_id;
3568 rhsc.type = ADDRESSOF;
3569 VEC_safe_push (ce_s, heap, *results, &rhsc);
3572 /* For non-IPA mode, generate constraints necessary for a call to a
3573 pure function in statement STMT. */
3576 handle_pure_call (gimple stmt, VEC(ce_s, heap) **results)
3578 struct constraint_expr rhsc;
3580 bool need_callused = false;
3582 /* Memory reached from pointer arguments is call-used. */
3583 for (i = 0; i < gimple_call_num_args (stmt); ++i)
3585 tree arg = gimple_call_arg (stmt, i);
3587 if (could_have_pointers (arg))
3589 make_constraint_to (callused_id, arg);
3590 need_callused = true;
3594 /* The static chain is used as well. */
3595 if (gimple_call_chain (stmt))
3597 make_constraint_to (callused_id, gimple_call_chain (stmt));
3598 need_callused = true;
3601 /* Pure functions may return callused and nonlocal memory. */
3604 rhsc.var = callused_id;
3607 VEC_safe_push (ce_s, heap, *results, &rhsc);
3609 rhsc.var = nonlocal_id;
3612 VEC_safe_push (ce_s, heap, *results, &rhsc);
3615 /* Walk statement T setting up aliasing constraints according to the
3616 references found in T. This function is the main part of the
3617 constraint builder. AI points to auxiliary alias information used
3618 when building alias sets and computing alias grouping heuristics. */
3621 find_func_aliases (gimple origt)
3624 VEC(ce_s, heap) *lhsc = NULL;
3625 VEC(ce_s, heap) *rhsc = NULL;
3626 struct constraint_expr *c;
3628 /* Now build constraints expressions. */
3629 if (gimple_code (t) == GIMPLE_PHI)
3631 gcc_assert (!AGGREGATE_TYPE_P (TREE_TYPE (gimple_phi_result (t))));
3633 /* Only care about pointers and structures containing
3635 if (could_have_pointers (gimple_phi_result (t)))
3640 /* For a phi node, assign all the arguments to
3642 get_constraint_for (gimple_phi_result (t), &lhsc);
3643 for (i = 0; i < gimple_phi_num_args (t); i++)
3645 tree strippedrhs = PHI_ARG_DEF (t, i);
3647 STRIP_NOPS (strippedrhs);
3648 get_constraint_for (gimple_phi_arg_def (t, i), &rhsc);
3650 for (j = 0; VEC_iterate (ce_s, lhsc, j, c); j++)
3652 struct constraint_expr *c2;
3653 while (VEC_length (ce_s, rhsc) > 0)
3655 c2 = VEC_last (ce_s, rhsc);
3656 process_constraint (new_constraint (*c, *c2));
3657 VEC_pop (ce_s, rhsc);
3663 /* In IPA mode, we need to generate constraints to pass call
3664 arguments through their calls. There are two cases,
3665 either a GIMPLE_CALL returning a value, or just a plain
3666 GIMPLE_CALL when we are not.
3668 In non-ipa mode, we need to generate constraints for each
3669 pointer passed by address. */
3670 else if (is_gimple_call (t))
3672 tree fndecl = gimple_call_fndecl (t);
3673 if (fndecl != NULL_TREE
3674 && DECL_BUILT_IN_CLASS (fndecl) == BUILT_IN_NORMAL)
3675 /* ??? All builtins that are handled here need to be handled
3676 in the alias-oracle query functions explicitly! */
3677 switch (DECL_FUNCTION_CODE (fndecl))
3679 /* All the following functions return a pointer to the same object
3680 as their first argument points to. The functions do not add
3681 to the ESCAPED solution. The functions make the first argument
3682 pointed to memory point to what the second argument pointed to
3683 memory points to. */
3684 case BUILT_IN_STRCPY:
3685 case BUILT_IN_STRNCPY:
3686 case BUILT_IN_BCOPY:
3687 case BUILT_IN_MEMCPY:
3688 case BUILT_IN_MEMMOVE:
3689 case BUILT_IN_MEMPCPY:
3690 case BUILT_IN_STPCPY:
3691 case BUILT_IN_STPNCPY:
3692 case BUILT_IN_STRCAT:
3693 case BUILT_IN_STRNCAT:
3695 tree res = gimple_call_lhs (t);
3696 tree dest = gimple_call_arg (t, (DECL_FUNCTION_CODE (fndecl)
3697 == BUILT_IN_BCOPY ? 1 : 0));
3698 tree src = gimple_call_arg (t, (DECL_FUNCTION_CODE (fndecl)
3699 == BUILT_IN_BCOPY ? 0 : 1));
3700 if (res != NULL_TREE)
3702 get_constraint_for (res, &lhsc);
3703 if (DECL_FUNCTION_CODE (fndecl) == BUILT_IN_MEMPCPY
3704 || DECL_FUNCTION_CODE (fndecl) == BUILT_IN_STPCPY
3705 || DECL_FUNCTION_CODE (fndecl) == BUILT_IN_STPNCPY)
3706 get_constraint_for_ptr_offset (dest, NULL_TREE, &rhsc);
3708 get_constraint_for (dest, &rhsc);
3709 process_all_all_constraints (lhsc, rhsc);
3710 VEC_free (ce_s, heap, lhsc);
3711 VEC_free (ce_s, heap, rhsc);
3713 get_constraint_for_ptr_offset (dest, NULL_TREE, &lhsc);
3714 get_constraint_for_ptr_offset (src, NULL_TREE, &rhsc);
3717 process_all_all_constraints (lhsc, rhsc);
3718 VEC_free (ce_s, heap, lhsc);
3719 VEC_free (ce_s, heap, rhsc);
3722 case BUILT_IN_MEMSET:
3724 tree res = gimple_call_lhs (t);
3725 tree dest = gimple_call_arg (t, 0);
3728 struct constraint_expr ac;
3729 if (res != NULL_TREE)
3731 get_constraint_for (res, &lhsc);
3732 get_constraint_for (dest, &rhsc);
3733 process_all_all_constraints (lhsc, rhsc);
3734 VEC_free (ce_s, heap, lhsc);
3735 VEC_free (ce_s, heap, rhsc);
3737 get_constraint_for_ptr_offset (dest, NULL_TREE, &lhsc);
3739 if (flag_delete_null_pointer_checks
3740 && integer_zerop (gimple_call_arg (t, 1)))
3742 ac.type = ADDRESSOF;
3743 ac.var = nothing_id;
3748 ac.var = integer_id;
3751 for (i = 0; VEC_iterate (ce_s, lhsc, i, lhsp); ++i)
3752 process_constraint (new_constraint (*lhsp, ac));
3753 VEC_free (ce_s, heap, lhsc);
3756 /* All the following functions do not return pointers, do not
3757 modify the points-to sets of memory reachable from their
3758 arguments and do not add to the ESCAPED solution. */
3759 case BUILT_IN_SINCOS:
3760 case BUILT_IN_SINCOSF:
3761 case BUILT_IN_SINCOSL:
3762 case BUILT_IN_FREXP:
3763 case BUILT_IN_FREXPF:
3764 case BUILT_IN_FREXPL:
3765 case BUILT_IN_GAMMA_R:
3766 case BUILT_IN_GAMMAF_R:
3767 case BUILT_IN_GAMMAL_R:
3768 case BUILT_IN_LGAMMA_R:
3769 case BUILT_IN_LGAMMAF_R:
3770 case BUILT_IN_LGAMMAL_R:
3772 case BUILT_IN_MODFF:
3773 case BUILT_IN_MODFL:
3774 case BUILT_IN_REMQUO:
3775 case BUILT_IN_REMQUOF:
3776 case BUILT_IN_REMQUOL:
3779 /* printf-style functions may have hooks to set pointers to
3780 point to somewhere into the generated string. Leave them
3781 for a later excercise... */
3783 /* Fallthru to general call handling. */;
3787 && !lookup_vi_for_tree (fndecl)))
3789 VEC(ce_s, heap) *rhsc = NULL;
3790 int flags = gimple_call_flags (t);
3792 /* Const functions can return their arguments and addresses
3793 of global memory but not of escaped memory. */
3794 if (flags & (ECF_CONST|ECF_NOVOPS))
3796 if (gimple_call_lhs (t)
3797 && could_have_pointers (gimple_call_lhs (t)))
3798 handle_const_call (t, &rhsc);
3800 /* Pure functions can return addresses in and of memory
3801 reachable from their arguments, but they are not an escape
3802 point for reachable memory of their arguments. */
3803 else if (flags & (ECF_PURE|ECF_LOOPING_CONST_OR_PURE))
3804 handle_pure_call (t, &rhsc);
3806 handle_rhs_call (t, &rhsc);
3807 if (gimple_call_lhs (t)
3808 && could_have_pointers (gimple_call_lhs (t)))
3809 handle_lhs_call (gimple_call_lhs (t), flags, rhsc, fndecl);
3810 VEC_free (ce_s, heap, rhsc);
3820 lhsop = gimple_call_lhs (t);
3821 decl = gimple_call_fndecl (t);
3823 /* If we can directly resolve the function being called, do so.
3824 Otherwise, it must be some sort of indirect expression that
3825 we should still be able to handle. */
3827 fi = get_vi_for_tree (decl);
3830 decl = gimple_call_fn (t);
3831 fi = get_vi_for_tree (decl);
3834 /* Assign all the passed arguments to the appropriate incoming
3835 parameters of the function. */
3836 for (j = 0; j < gimple_call_num_args (t); j++)
3838 struct constraint_expr lhs ;
3839 struct constraint_expr *rhsp;
3840 tree arg = gimple_call_arg (t, j);
3842 get_constraint_for (arg, &rhsc);
3843 if (TREE_CODE (decl) != FUNCTION_DECL)
3852 lhs.var = first_vi_for_offset (fi, i)->id;
3855 while (VEC_length (ce_s, rhsc) != 0)
3857 rhsp = VEC_last (ce_s, rhsc);
3858 process_constraint (new_constraint (lhs, *rhsp));
3859 VEC_pop (ce_s, rhsc);
3864 /* If we are returning a value, assign it to the result. */
3867 struct constraint_expr rhs;
3868 struct constraint_expr *lhsp;
3871 get_constraint_for (lhsop, &lhsc);
3872 if (TREE_CODE (decl) != FUNCTION_DECL)
3881 rhs.var = first_vi_for_offset (fi, i)->id;
3884 for (j = 0; VEC_iterate (ce_s, lhsc, j, lhsp); j++)
3885 process_constraint (new_constraint (*lhsp, rhs));
3889 /* Otherwise, just a regular assignment statement. Only care about
3890 operations with pointer result, others are dealt with as escape
3891 points if they have pointer operands. */
3892 else if (is_gimple_assign (t)
3893 && could_have_pointers (gimple_assign_lhs (t)))
3895 /* Otherwise, just a regular assignment statement. */
3896 tree lhsop = gimple_assign_lhs (t);
3897 tree rhsop = (gimple_num_ops (t) == 2) ? gimple_assign_rhs1 (t) : NULL;
3899 if (rhsop && AGGREGATE_TYPE_P (TREE_TYPE (lhsop)))
3900 do_structure_copy (lhsop, rhsop);
3903 struct constraint_expr temp;
3904 get_constraint_for (lhsop, &lhsc);
3906 if (gimple_assign_rhs_code (t) == POINTER_PLUS_EXPR)
3907 get_constraint_for_ptr_offset (gimple_assign_rhs1 (t),
3908 gimple_assign_rhs2 (t), &rhsc);
3909 else if ((CONVERT_EXPR_CODE_P (gimple_assign_rhs_code (t))
3910 && !(POINTER_TYPE_P (gimple_expr_type (t))
3911 && !POINTER_TYPE_P (TREE_TYPE (rhsop))))
3912 || gimple_assign_single_p (t))
3913 get_constraint_for (rhsop, &rhsc);
3916 temp.type = ADDRESSOF;
3917 temp.var = anything_id;
3919 VEC_safe_push (ce_s, heap, rhsc, &temp);
3921 process_all_all_constraints (lhsc, rhsc);
3923 /* If there is a store to a global variable the rhs escapes. */
3924 if ((lhsop = get_base_address (lhsop)) != NULL_TREE
3926 && is_global_var (lhsop))
3927 make_escape_constraint (rhsop);
3928 /* If this is a conversion of a non-restrict pointer to a
3929 restrict pointer track it with a new heapvar. */
3930 else if (gimple_assign_cast_p (t)
3931 && POINTER_TYPE_P (TREE_TYPE (rhsop))
3932 && POINTER_TYPE_P (TREE_TYPE (lhsop))
3933 && !TYPE_RESTRICT (TREE_TYPE (rhsop))
3934 && TYPE_RESTRICT (TREE_TYPE (lhsop)))
3935 make_constraint_from_restrict (get_vi_for_tree (lhsop),
3938 /* For conversions of pointers to non-pointers the pointer escapes. */
3939 else if (gimple_assign_cast_p (t)
3940 && POINTER_TYPE_P (TREE_TYPE (gimple_assign_rhs1 (t)))
3941 && !POINTER_TYPE_P (TREE_TYPE (gimple_assign_lhs (t))))
3943 make_escape_constraint (gimple_assign_rhs1 (t));
3945 /* Handle escapes through return. */
3946 else if (gimple_code (t) == GIMPLE_RETURN
3947 && gimple_return_retval (t) != NULL_TREE
3948 && could_have_pointers (gimple_return_retval (t)))
3950 make_escape_constraint (gimple_return_retval (t));
3952 /* Handle asms conservatively by adding escape constraints to everything. */
3953 else if (gimple_code (t) == GIMPLE_ASM)
3955 unsigned i, noutputs;
3956 const char **oconstraints;
3957 const char *constraint;
3958 bool allows_mem, allows_reg, is_inout;
3960 noutputs = gimple_asm_noutputs (t);
3961 oconstraints = XALLOCAVEC (const char *, noutputs);
3963 for (i = 0; i < noutputs; ++i)
3965 tree link = gimple_asm_output_op (t, i);
3966 tree op = TREE_VALUE (link);
3968 constraint = TREE_STRING_POINTER (TREE_VALUE (TREE_PURPOSE (link)));
3969 oconstraints[i] = constraint;
3970 parse_output_constraint (&constraint, i, 0, 0, &allows_mem,
3971 &allows_reg, &is_inout);
3973 /* A memory constraint makes the address of the operand escape. */
3974 if (!allows_reg && allows_mem)
3975 make_escape_constraint (build_fold_addr_expr (op));
3977 /* The asm may read global memory, so outputs may point to
3978 any global memory. */
3979 if (op && could_have_pointers (op))
3981 VEC(ce_s, heap) *lhsc = NULL;
3982 struct constraint_expr rhsc, *lhsp;
3984 get_constraint_for (op, &lhsc);
3985 rhsc.var = nonlocal_id;
3988 for (j = 0; VEC_iterate (ce_s, lhsc, j, lhsp); j++)
3989 process_constraint (new_constraint (*lhsp, rhsc));
3990 VEC_free (ce_s, heap, lhsc);
3993 for (i = 0; i < gimple_asm_ninputs (t); ++i)
3995 tree link = gimple_asm_input_op (t, i);
3996 tree op = TREE_VALUE (link);
3998 constraint = TREE_STRING_POINTER (TREE_VALUE (TREE_PURPOSE (link)));
4000 parse_input_constraint (&constraint, 0, 0, noutputs, 0, oconstraints,
4001 &allows_mem, &allows_reg);
4003 /* A memory constraint makes the address of the operand escape. */
4004 if (!allows_reg && allows_mem)
4005 make_escape_constraint (build_fold_addr_expr (op));
4006 /* Strictly we'd only need the constraint to ESCAPED if
4007 the asm clobbers memory, otherwise using CALLUSED
4009 else if (op && could_have_pointers (op))
4010 make_escape_constraint (op);
4014 VEC_free (ce_s, heap, rhsc);
4015 VEC_free (ce_s, heap, lhsc);
4019 /* Find the first varinfo in the same variable as START that overlaps with
4020 OFFSET. Return NULL if we can't find one. */
4023 first_vi_for_offset (varinfo_t start, unsigned HOST_WIDE_INT offset)
4025 /* If the offset is outside of the variable, bail out. */
4026 if (offset >= start->fullsize)
4029 /* If we cannot reach offset from start, lookup the first field
4030 and start from there. */
4031 if (start->offset > offset)
4032 start = lookup_vi_for_tree (start->decl);
4036 /* We may not find a variable in the field list with the actual
4037 offset when when we have glommed a structure to a variable.
4038 In that case, however, offset should still be within the size
4040 if (offset >= start->offset
4041 && (offset - start->offset) < start->size)
4050 /* Find the first varinfo in the same variable as START that overlaps with
4051 OFFSET. If there is no such varinfo the varinfo directly preceding
4052 OFFSET is returned. */
4055 first_or_preceding_vi_for_offset (varinfo_t start,
4056 unsigned HOST_WIDE_INT offset)
4058 /* If we cannot reach offset from start, lookup the first field
4059 and start from there. */
4060 if (start->offset > offset)
4061 start = lookup_vi_for_tree (start->decl);
4063 /* We may not find a variable in the field list with the actual
4064 offset when when we have glommed a structure to a variable.
4065 In that case, however, offset should still be within the size
4067 If we got beyond the offset we look for return the field
4068 directly preceding offset which may be the last field. */
4070 && offset >= start->offset
4071 && !((offset - start->offset) < start->size))
4072 start = start->next;
4078 /* Insert the varinfo FIELD into the field list for BASE, at the front
4082 insert_into_field_list (varinfo_t base, varinfo_t field)
4084 varinfo_t prev = base;
4085 varinfo_t curr = base->next;
4091 /* Insert the varinfo FIELD into the field list for BASE, ordered by
4095 insert_into_field_list_sorted (varinfo_t base, varinfo_t field)
4097 varinfo_t prev = base;
4098 varinfo_t curr = base->next;
4109 if (field->offset <= curr->offset)
4114 field->next = prev->next;
4119 /* This structure is used during pushing fields onto the fieldstack
4120 to track the offset of the field, since bitpos_of_field gives it
4121 relative to its immediate containing type, and we want it relative
4122 to the ultimate containing object. */
4126 /* Offset from the base of the base containing object to this field. */
4127 HOST_WIDE_INT offset;
4129 /* Size, in bits, of the field. */
4130 unsigned HOST_WIDE_INT size;
4132 unsigned has_unknown_size : 1;
4134 unsigned may_have_pointers : 1;
4136 unsigned only_restrict_pointers : 1;
4138 typedef struct fieldoff fieldoff_s;
4140 DEF_VEC_O(fieldoff_s);
4141 DEF_VEC_ALLOC_O(fieldoff_s,heap);
4143 /* qsort comparison function for two fieldoff's PA and PB */
4146 fieldoff_compare (const void *pa, const void *pb)
4148 const fieldoff_s *foa = (const fieldoff_s *)pa;
4149 const fieldoff_s *fob = (const fieldoff_s *)pb;
4150 unsigned HOST_WIDE_INT foasize, fobsize;
4152 if (foa->offset < fob->offset)
4154 else if (foa->offset > fob->offset)
4157 foasize = foa->size;
4158 fobsize = fob->size;
4159 if (foasize < fobsize)
4161 else if (foasize > fobsize)
4166 /* Sort a fieldstack according to the field offset and sizes. */
4168 sort_fieldstack (VEC(fieldoff_s,heap) *fieldstack)
4170 qsort (VEC_address (fieldoff_s, fieldstack),
4171 VEC_length (fieldoff_s, fieldstack),
4172 sizeof (fieldoff_s),
4176 /* Return true if V is a tree that we can have subvars for.
4177 Normally, this is any aggregate type. Also complex
4178 types which are not gimple registers can have subvars. */
4181 var_can_have_subvars (const_tree v)
4183 /* Volatile variables should never have subvars. */
4184 if (TREE_THIS_VOLATILE (v))
4187 /* Non decls or memory tags can never have subvars. */
4191 /* Aggregates without overlapping fields can have subvars. */
4192 if (TREE_CODE (TREE_TYPE (v)) == RECORD_TYPE)
4198 /* Given a TYPE, and a vector of field offsets FIELDSTACK, push all
4199 the fields of TYPE onto fieldstack, recording their offsets along
4202 OFFSET is used to keep track of the offset in this entire
4203 structure, rather than just the immediately containing structure.
4204 Returns the number of fields pushed. */
4207 push_fields_onto_fieldstack (tree type, VEC(fieldoff_s,heap) **fieldstack,
4208 HOST_WIDE_INT offset)
4213 if (TREE_CODE (type) != RECORD_TYPE)
4216 /* If the vector of fields is growing too big, bail out early.
4217 Callers check for VEC_length <= MAX_FIELDS_FOR_FIELD_SENSITIVE, make
4219 if (VEC_length (fieldoff_s, *fieldstack) > MAX_FIELDS_FOR_FIELD_SENSITIVE)
4222 for (field = TYPE_FIELDS (type); field; field = TREE_CHAIN (field))
4223 if (TREE_CODE (field) == FIELD_DECL)
4227 HOST_WIDE_INT foff = bitpos_of_field (field);
4229 if (!var_can_have_subvars (field)
4230 || TREE_CODE (TREE_TYPE (field)) == QUAL_UNION_TYPE
4231 || TREE_CODE (TREE_TYPE (field)) == UNION_TYPE)
4233 else if (!(pushed = push_fields_onto_fieldstack
4234 (TREE_TYPE (field), fieldstack, offset + foff))
4235 && (DECL_SIZE (field)
4236 && !integer_zerop (DECL_SIZE (field))))
4237 /* Empty structures may have actual size, like in C++. So
4238 see if we didn't push any subfields and the size is
4239 nonzero, push the field onto the stack. */
4244 fieldoff_s *pair = NULL;
4245 bool has_unknown_size = false;
4247 if (!VEC_empty (fieldoff_s, *fieldstack))
4248 pair = VEC_last (fieldoff_s, *fieldstack);
4250 if (!DECL_SIZE (field)
4251 || !host_integerp (DECL_SIZE (field), 1))
4252 has_unknown_size = true;
4254 /* If adjacent fields do not contain pointers merge them. */
4256 && !pair->may_have_pointers
4257 && !could_have_pointers (field)
4258 && !pair->has_unknown_size
4259 && !has_unknown_size
4260 && pair->offset + (HOST_WIDE_INT)pair->size == offset + foff)
4262 pair = VEC_last (fieldoff_s, *fieldstack);
4263 pair->size += TREE_INT_CST_LOW (DECL_SIZE (field));
4267 pair = VEC_safe_push (fieldoff_s, heap, *fieldstack, NULL);
4268 pair->offset = offset + foff;
4269 pair->has_unknown_size = has_unknown_size;
4270 if (!has_unknown_size)
4271 pair->size = TREE_INT_CST_LOW (DECL_SIZE (field));
4274 pair->may_have_pointers = could_have_pointers (field);
4275 pair->only_restrict_pointers
4276 = (!has_unknown_size
4277 && POINTER_TYPE_P (TREE_TYPE (field))
4278 && TYPE_RESTRICT (TREE_TYPE (field)));
4289 /* Count the number of arguments DECL has, and set IS_VARARGS to true
4290 if it is a varargs function. */
4293 count_num_arguments (tree decl, bool *is_varargs)
4295 unsigned int num = 0;
4298 /* Capture named arguments for K&R functions. They do not
4299 have a prototype and thus no TYPE_ARG_TYPES. */
4300 for (t = DECL_ARGUMENTS (decl); t; t = TREE_CHAIN (t))
4303 /* Check if the function has variadic arguments. */
4304 for (t = TYPE_ARG_TYPES (TREE_TYPE (decl)); t; t = TREE_CHAIN (t))
4305 if (TREE_VALUE (t) == void_type_node)
4313 /* Creation function node for DECL, using NAME, and return the index
4314 of the variable we've created for the function. */
4317 create_function_info_for (tree decl, const char *name)
4322 bool is_varargs = false;
4324 /* Create the variable info. */
4326 vi = new_var_info (decl, name);
4329 vi->fullsize = count_num_arguments (decl, &is_varargs) + 1;
4330 insert_vi_for_tree (vi->decl, vi);
4334 /* If it's varargs, we don't know how many arguments it has, so we
4340 vi->is_unknown_size_var = true;
4344 arg = DECL_ARGUMENTS (decl);
4346 /* Set up variables for each argument. */
4347 for (i = 1; i < vi->fullsize; i++)
4350 const char *newname;
4352 tree argdecl = decl;
4357 asprintf (&tempname, "%s.arg%d", name, i-1);
4358 newname = ggc_strdup (tempname);
4361 argvi = new_var_info (argdecl, newname);
4364 argvi->is_full_var = true;
4365 argvi->fullsize = vi->fullsize;
4366 insert_into_field_list_sorted (vi, argvi);
4367 stats.total_vars ++;
4370 insert_vi_for_tree (arg, argvi);
4371 arg = TREE_CHAIN (arg);
4375 /* Create a variable for the return var. */
4376 if (DECL_RESULT (decl) != NULL
4377 || !VOID_TYPE_P (TREE_TYPE (TREE_TYPE (decl))))
4380 const char *newname;
4382 tree resultdecl = decl;
4386 if (DECL_RESULT (decl))
4387 resultdecl = DECL_RESULT (decl);
4389 asprintf (&tempname, "%s.result", name);
4390 newname = ggc_strdup (tempname);
4393 resultvi = new_var_info (resultdecl, newname);
4394 resultvi->offset = i;
4396 resultvi->fullsize = vi->fullsize;
4397 resultvi->is_full_var = true;
4398 insert_into_field_list_sorted (vi, resultvi);
4399 stats.total_vars ++;
4400 if (DECL_RESULT (decl))
4401 insert_vi_for_tree (DECL_RESULT (decl), resultvi);
4408 /* Return true if FIELDSTACK contains fields that overlap.
4409 FIELDSTACK is assumed to be sorted by offset. */
4412 check_for_overlaps (VEC (fieldoff_s,heap) *fieldstack)
4414 fieldoff_s *fo = NULL;
4416 HOST_WIDE_INT lastoffset = -1;
4418 for (i = 0; VEC_iterate (fieldoff_s, fieldstack, i, fo); i++)
4420 if (fo->offset == lastoffset)
4422 lastoffset = fo->offset;
4427 /* Create a varinfo structure for NAME and DECL, and add it to VARMAP.
4428 This will also create any varinfo structures necessary for fields
4432 create_variable_info_for (tree decl, const char *name)
4435 tree decl_type = TREE_TYPE (decl);
4436 tree declsize = DECL_P (decl) ? DECL_SIZE (decl) : TYPE_SIZE (decl_type);
4437 VEC (fieldoff_s,heap) *fieldstack = NULL;
4439 if (var_can_have_subvars (decl) && use_field_sensitive)
4440 push_fields_onto_fieldstack (decl_type, &fieldstack, 0);
4442 /* If the variable doesn't have subvars, we may end up needing to
4443 sort the field list and create fake variables for all the
4445 vi = new_var_info (decl, name);
4447 vi->may_have_pointers = could_have_pointers (decl);
4449 || !host_integerp (declsize, 1))
4451 vi->is_unknown_size_var = true;
4457 vi->fullsize = TREE_INT_CST_LOW (declsize);
4458 vi->size = vi->fullsize;
4461 insert_vi_for_tree (vi->decl, vi);
4462 if (vi->is_global_var
4463 && (!flag_whole_program || !in_ipa_mode)
4464 && vi->may_have_pointers)
4466 if (POINTER_TYPE_P (TREE_TYPE (decl))
4467 && TYPE_RESTRICT (TREE_TYPE (decl)))
4468 make_constraint_from_restrict (vi, "GLOBAL_RESTRICT");
4469 make_copy_constraint (vi, nonlocal_id);
4473 if (use_field_sensitive
4474 && !vi->is_unknown_size_var
4475 && var_can_have_subvars (decl)
4476 && VEC_length (fieldoff_s, fieldstack) > 1
4477 && VEC_length (fieldoff_s, fieldstack) <= MAX_FIELDS_FOR_FIELD_SENSITIVE)
4479 fieldoff_s *fo = NULL;
4480 bool notokay = false;
4483 for (i = 0; !notokay && VEC_iterate (fieldoff_s, fieldstack, i, fo); i++)
4485 if (fo->has_unknown_size
4493 /* We can't sort them if we have a field with a variable sized type,
4494 which will make notokay = true. In that case, we are going to return
4495 without creating varinfos for the fields anyway, so sorting them is a
4499 sort_fieldstack (fieldstack);
4500 /* Due to some C++ FE issues, like PR 22488, we might end up
4501 what appear to be overlapping fields even though they,
4502 in reality, do not overlap. Until the C++ FE is fixed,
4503 we will simply disable field-sensitivity for these cases. */
4504 notokay = check_for_overlaps (fieldstack);
4508 if (VEC_length (fieldoff_s, fieldstack) != 0)
4509 fo = VEC_index (fieldoff_s, fieldstack, 0);
4511 if (fo == NULL || notokay)
4513 vi->is_unknown_size_var = 1;
4516 vi->is_full_var = true;
4517 VEC_free (fieldoff_s, heap, fieldstack);
4521 vi->size = fo->size;
4522 vi->offset = fo->offset;
4523 vi->may_have_pointers = fo->may_have_pointers;
4524 if (vi->is_global_var
4525 && (!flag_whole_program || !in_ipa_mode)
4526 && vi->may_have_pointers)
4528 if (fo->only_restrict_pointers)
4529 make_constraint_from_restrict (vi, "GLOBAL_RESTRICT");
4531 for (i = VEC_length (fieldoff_s, fieldstack) - 1;
4532 i >= 1 && VEC_iterate (fieldoff_s, fieldstack, i, fo);
4536 const char *newname = "NULL";
4541 asprintf (&tempname, "%s." HOST_WIDE_INT_PRINT_DEC
4542 "+" HOST_WIDE_INT_PRINT_DEC,
4543 vi->name, fo->offset, fo->size);
4544 newname = ggc_strdup (tempname);
4547 newvi = new_var_info (decl, newname);
4548 newvi->offset = fo->offset;
4549 newvi->size = fo->size;
4550 newvi->fullsize = vi->fullsize;
4551 newvi->may_have_pointers = fo->may_have_pointers;
4552 insert_into_field_list (vi, newvi);
4553 if ((newvi->is_global_var || TREE_CODE (decl) == PARM_DECL)
4554 && newvi->may_have_pointers)
4556 if (fo->only_restrict_pointers)
4557 make_constraint_from_restrict (newvi, "GLOBAL_RESTRICT");
4558 if (newvi->is_global_var && !in_ipa_mode)
4559 make_copy_constraint (newvi, nonlocal_id);
4566 vi->is_full_var = true;
4568 VEC_free (fieldoff_s, heap, fieldstack);
4573 /* Print out the points-to solution for VAR to FILE. */
4576 dump_solution_for_var (FILE *file, unsigned int var)
4578 varinfo_t vi = get_varinfo (var);
4582 if (find (var) != var)
4584 varinfo_t vipt = get_varinfo (find (var));
4585 fprintf (file, "%s = same as %s\n", vi->name, vipt->name);
4589 fprintf (file, "%s = { ", vi->name);
4590 EXECUTE_IF_SET_IN_BITMAP (vi->solution, 0, i, bi)
4592 fprintf (file, "%s ", get_varinfo (i)->name);
4594 fprintf (file, "}\n");
4598 /* Print the points-to solution for VAR to stdout. */
4601 debug_solution_for_var (unsigned int var)
4603 dump_solution_for_var (stdout, var);
4606 /* Create varinfo structures for all of the variables in the
4607 function for intraprocedural mode. */
4610 intra_create_variable_infos (void)
4614 /* For each incoming pointer argument arg, create the constraint ARG
4615 = NONLOCAL or a dummy variable if it is a restrict qualified
4616 passed-by-reference argument. */
4617 for (t = DECL_ARGUMENTS (current_function_decl); t; t = TREE_CHAIN (t))
4621 if (!could_have_pointers (t))
4624 /* For restrict qualified pointers to objects passed by
4625 reference build a real representative for the pointed-to object. */
4626 if (DECL_BY_REFERENCE (t)
4627 && POINTER_TYPE_P (TREE_TYPE (t))
4628 && TYPE_RESTRICT (TREE_TYPE (t)))
4630 struct constraint_expr lhsc, rhsc;
4632 tree heapvar = heapvar_lookup (t, 0);
4633 if (heapvar == NULL_TREE)
4636 heapvar = create_tmp_var_raw (TREE_TYPE (TREE_TYPE (t)),
4638 DECL_EXTERNAL (heapvar) = 1;
4639 heapvar_insert (t, 0, heapvar);
4640 ann = get_var_ann (heapvar);
4641 ann->is_heapvar = 1;
4643 if (gimple_referenced_vars (cfun))
4644 add_referenced_var (heapvar);
4645 lhsc.var = get_vi_for_tree (t)->id;
4648 rhsc.var = (vi = get_vi_for_tree (heapvar))->id;
4649 rhsc.type = ADDRESSOF;
4651 process_constraint (new_constraint (lhsc, rhsc));
4652 vi->is_restrict_var = 1;
4656 for (p = get_vi_for_tree (t); p; p = p->next)
4657 if (p->may_have_pointers)
4658 make_constraint_from (p, nonlocal_id);
4659 if (POINTER_TYPE_P (TREE_TYPE (t))
4660 && TYPE_RESTRICT (TREE_TYPE (t)))
4661 make_constraint_from_restrict (get_vi_for_tree (t), "PARM_RESTRICT");
4664 /* Add a constraint for a result decl that is passed by reference. */
4665 if (DECL_RESULT (cfun->decl)
4666 && DECL_BY_REFERENCE (DECL_RESULT (cfun->decl)))
4668 varinfo_t p, result_vi = get_vi_for_tree (DECL_RESULT (cfun->decl));
4670 for (p = result_vi; p; p = p->next)
4671 make_constraint_from (p, nonlocal_id);
4674 /* Add a constraint for the incoming static chain parameter. */
4675 if (cfun->static_chain_decl != NULL_TREE)
4677 varinfo_t p, chain_vi = get_vi_for_tree (cfun->static_chain_decl);
4679 for (p = chain_vi; p; p = p->next)
4680 make_constraint_from (p, nonlocal_id);
4684 /* Structure used to put solution bitmaps in a hashtable so they can
4685 be shared among variables with the same points-to set. */
4687 typedef struct shared_bitmap_info
4691 } *shared_bitmap_info_t;
4692 typedef const struct shared_bitmap_info *const_shared_bitmap_info_t;
4694 static htab_t shared_bitmap_table;
4696 /* Hash function for a shared_bitmap_info_t */
4699 shared_bitmap_hash (const void *p)
4701 const_shared_bitmap_info_t const bi = (const_shared_bitmap_info_t) p;
4702 return bi->hashcode;
4705 /* Equality function for two shared_bitmap_info_t's. */
4708 shared_bitmap_eq (const void *p1, const void *p2)
4710 const_shared_bitmap_info_t const sbi1 = (const_shared_bitmap_info_t) p1;
4711 const_shared_bitmap_info_t const sbi2 = (const_shared_bitmap_info_t) p2;
4712 return bitmap_equal_p (sbi1->pt_vars, sbi2->pt_vars);
4715 /* Lookup a bitmap in the shared bitmap hashtable, and return an already
4716 existing instance if there is one, NULL otherwise. */
4719 shared_bitmap_lookup (bitmap pt_vars)
4722 struct shared_bitmap_info sbi;
4724 sbi.pt_vars = pt_vars;
4725 sbi.hashcode = bitmap_hash (pt_vars);
4727 slot = htab_find_slot_with_hash (shared_bitmap_table, &sbi,
4728 sbi.hashcode, NO_INSERT);
4732 return ((shared_bitmap_info_t) *slot)->pt_vars;
4736 /* Add a bitmap to the shared bitmap hashtable. */
4739 shared_bitmap_add (bitmap pt_vars)
4742 shared_bitmap_info_t sbi = XNEW (struct shared_bitmap_info);
4744 sbi->pt_vars = pt_vars;
4745 sbi->hashcode = bitmap_hash (pt_vars);
4747 slot = htab_find_slot_with_hash (shared_bitmap_table, sbi,
4748 sbi->hashcode, INSERT);
4749 gcc_assert (!*slot);
4750 *slot = (void *) sbi;
4754 /* Set bits in INTO corresponding to the variable uids in solution set FROM. */
4757 set_uids_in_ptset (bitmap into, bitmap from, struct pt_solution *pt)
4762 EXECUTE_IF_SET_IN_BITMAP (from, 0, i, bi)
4764 varinfo_t vi = get_varinfo (i);
4766 /* The only artificial variables that are allowed in a may-alias
4767 set are heap variables. */
4768 if (vi->is_artificial_var && !vi->is_heap_var)
4771 if (TREE_CODE (vi->decl) == VAR_DECL
4772 || TREE_CODE (vi->decl) == PARM_DECL
4773 || TREE_CODE (vi->decl) == RESULT_DECL)
4775 /* Add the decl to the points-to set. Note that the points-to
4776 set contains global variables. */
4777 bitmap_set_bit (into, DECL_UID (vi->decl));
4778 if (vi->is_global_var)
4779 pt->vars_contains_global = true;
4785 /* Compute the points-to solution *PT for the variable VI. */
4788 find_what_var_points_to (varinfo_t orig_vi, struct pt_solution *pt)
4792 bitmap finished_solution;
4796 memset (pt, 0, sizeof (struct pt_solution));
4798 /* This variable may have been collapsed, let's get the real
4800 vi = get_varinfo (find (orig_vi->id));
4802 /* Translate artificial variables into SSA_NAME_PTR_INFO
4804 EXECUTE_IF_SET_IN_BITMAP (vi->solution, 0, i, bi)
4806 varinfo_t vi = get_varinfo (i);
4808 if (vi->is_artificial_var)
4810 if (vi->id == nothing_id)
4812 else if (vi->id == escaped_id)
4814 else if (vi->id == callused_id)
4816 else if (vi->id == nonlocal_id)
4818 else if (vi->is_heap_var)
4819 /* We represent heapvars in the points-to set properly. */
4821 else if (vi->id == readonly_id)
4824 else if (vi->id == anything_id
4825 || vi->id == integer_id)
4828 if (vi->is_restrict_var)
4829 pt->vars_contains_restrict = true;
4832 /* Instead of doing extra work, simply do not create
4833 elaborate points-to information for pt_anything pointers. */
4835 && (orig_vi->is_artificial_var
4836 || !pt->vars_contains_restrict))
4839 /* Share the final set of variables when possible. */
4840 finished_solution = BITMAP_GGC_ALLOC ();
4841 stats.points_to_sets_created++;
4843 set_uids_in_ptset (finished_solution, vi->solution, pt);
4844 result = shared_bitmap_lookup (finished_solution);
4847 shared_bitmap_add (finished_solution);
4848 pt->vars = finished_solution;
4853 bitmap_clear (finished_solution);
4857 /* Given a pointer variable P, fill in its points-to set. */
4860 find_what_p_points_to (tree p)
4862 struct ptr_info_def *pi;
4866 /* For parameters, get at the points-to set for the actual parm
4868 if (TREE_CODE (p) == SSA_NAME
4869 && TREE_CODE (SSA_NAME_VAR (p)) == PARM_DECL
4870 && SSA_NAME_IS_DEFAULT_DEF (p))
4871 lookup_p = SSA_NAME_VAR (p);
4873 vi = lookup_vi_for_tree (lookup_p);
4877 pi = get_ptr_info (p);
4878 find_what_var_points_to (vi, &pi->pt);
4882 /* Query statistics for points-to solutions. */
4885 unsigned HOST_WIDE_INT pt_solution_includes_may_alias;
4886 unsigned HOST_WIDE_INT pt_solution_includes_no_alias;
4887 unsigned HOST_WIDE_INT pt_solutions_intersect_may_alias;
4888 unsigned HOST_WIDE_INT pt_solutions_intersect_no_alias;
4892 dump_pta_stats (FILE *s)
4894 fprintf (s, "\nPTA query stats:\n");
4895 fprintf (s, " pt_solution_includes: "
4896 HOST_WIDE_INT_PRINT_DEC" disambiguations, "
4897 HOST_WIDE_INT_PRINT_DEC" queries\n",
4898 pta_stats.pt_solution_includes_no_alias,
4899 pta_stats.pt_solution_includes_no_alias
4900 + pta_stats.pt_solution_includes_may_alias);
4901 fprintf (s, " pt_solutions_intersect: "
4902 HOST_WIDE_INT_PRINT_DEC" disambiguations, "
4903 HOST_WIDE_INT_PRINT_DEC" queries\n",
4904 pta_stats.pt_solutions_intersect_no_alias,
4905 pta_stats.pt_solutions_intersect_no_alias
4906 + pta_stats.pt_solutions_intersect_may_alias);
4910 /* Reset the points-to solution *PT to a conservative default
4911 (point to anything). */
4914 pt_solution_reset (struct pt_solution *pt)
4916 memset (pt, 0, sizeof (struct pt_solution));
4917 pt->anything = true;
4920 /* Set the points-to solution *PT to point only to the variables
4924 pt_solution_set (struct pt_solution *pt, bitmap vars)
4929 memset (pt, 0, sizeof (struct pt_solution));
4931 EXECUTE_IF_SET_IN_BITMAP (vars, 0, i, bi)
4933 tree var = referenced_var_lookup (i);
4934 if (is_global_var (var))
4936 pt->vars_contains_global = true;
4942 /* Return true if the points-to solution *PT is empty. */
4945 pt_solution_empty_p (struct pt_solution *pt)
4952 && !bitmap_empty_p (pt->vars))
4955 /* If the solution includes ESCAPED, check if that is empty. */
4957 && !pt_solution_empty_p (&cfun->gimple_df->escaped))
4963 /* Return true if the points-to solution *PT includes global memory. */
4966 pt_solution_includes_global (struct pt_solution *pt)
4970 || pt->vars_contains_global)
4974 return pt_solution_includes_global (&cfun->gimple_df->escaped);
4979 /* Return true if the points-to solution *PT includes the variable
4980 declaration DECL. */
4983 pt_solution_includes_1 (struct pt_solution *pt, const_tree decl)
4989 && is_global_var (decl))
4993 && bitmap_bit_p (pt->vars, DECL_UID (decl)))
4996 /* If the solution includes ESCAPED, check it. */
4998 && pt_solution_includes_1 (&cfun->gimple_df->escaped, decl))
5005 pt_solution_includes (struct pt_solution *pt, const_tree decl)
5007 bool res = pt_solution_includes_1 (pt, decl);
5009 ++pta_stats.pt_solution_includes_may_alias;
5011 ++pta_stats.pt_solution_includes_no_alias;
5015 /* Return true if both points-to solutions PT1 and PT2 have a non-empty
5019 pt_solutions_intersect_1 (struct pt_solution *pt1, struct pt_solution *pt2)
5021 if (pt1->anything || pt2->anything)
5024 /* If either points to unknown global memory and the other points to
5025 any global memory they alias. */
5028 || pt2->vars_contains_global))
5030 && pt1->vars_contains_global))
5033 /* Check the escaped solution if required. */
5034 if ((pt1->escaped || pt2->escaped)
5035 && !pt_solution_empty_p (&cfun->gimple_df->escaped))
5037 /* If both point to escaped memory and that solution
5038 is not empty they alias. */
5039 if (pt1->escaped && pt2->escaped)
5042 /* If either points to escaped memory see if the escaped solution
5043 intersects with the other. */
5045 && pt_solutions_intersect_1 (&cfun->gimple_df->escaped, pt2))
5047 && pt_solutions_intersect_1 (&cfun->gimple_df->escaped, pt1)))
5051 /* Now both pointers alias if their points-to solution intersects. */
5054 && bitmap_intersect_p (pt1->vars, pt2->vars));
5058 pt_solutions_intersect (struct pt_solution *pt1, struct pt_solution *pt2)
5060 bool res = pt_solutions_intersect_1 (pt1, pt2);
5062 ++pta_stats.pt_solutions_intersect_may_alias;
5064 ++pta_stats.pt_solutions_intersect_no_alias;
5068 /* Return true if both points-to solutions PT1 and PT2 for two restrict
5069 qualified pointers are possibly based on the same pointer. */
5072 pt_solutions_same_restrict_base (struct pt_solution *pt1,
5073 struct pt_solution *pt2)
5075 /* If we deal with points-to solutions of two restrict qualified
5076 pointers solely rely on the pointed-to variable bitmap intersection.
5077 For two pointers that are based on each other the bitmaps will
5079 if (pt1->vars_contains_restrict
5080 && pt2->vars_contains_restrict)
5082 gcc_assert (pt1->vars && pt2->vars);
5083 return bitmap_intersect_p (pt1->vars, pt2->vars);
5090 /* Dump points-to information to OUTFILE. */
5093 dump_sa_points_to_info (FILE *outfile)
5097 fprintf (outfile, "\nPoints-to sets\n\n");
5099 if (dump_flags & TDF_STATS)
5101 fprintf (outfile, "Stats:\n");
5102 fprintf (outfile, "Total vars: %d\n", stats.total_vars);
5103 fprintf (outfile, "Non-pointer vars: %d\n",
5104 stats.nonpointer_vars);
5105 fprintf (outfile, "Statically unified vars: %d\n",
5106 stats.unified_vars_static);
5107 fprintf (outfile, "Dynamically unified vars: %d\n",
5108 stats.unified_vars_dynamic);
5109 fprintf (outfile, "Iterations: %d\n", stats.iterations);
5110 fprintf (outfile, "Number of edges: %d\n", stats.num_edges);
5111 fprintf (outfile, "Number of implicit edges: %d\n",
5112 stats.num_implicit_edges);
5115 for (i = 0; i < VEC_length (varinfo_t, varmap); i++)
5116 dump_solution_for_var (outfile, i);
5120 /* Debug points-to information to stderr. */
5123 debug_sa_points_to_info (void)
5125 dump_sa_points_to_info (stderr);
5129 /* Initialize the always-existing constraint variables for NULL
5130 ANYTHING, READONLY, and INTEGER */
5133 init_base_vars (void)
5135 struct constraint_expr lhs, rhs;
5136 varinfo_t var_anything;
5137 varinfo_t var_nothing;
5138 varinfo_t var_readonly;
5139 varinfo_t var_escaped;
5140 varinfo_t var_nonlocal;
5141 varinfo_t var_callused;
5142 varinfo_t var_storedanything;
5143 varinfo_t var_integer;
5145 /* Create the NULL variable, used to represent that a variable points
5147 var_nothing = new_var_info (NULL_TREE, "NULL");
5148 gcc_assert (var_nothing->id == nothing_id);
5149 var_nothing->is_artificial_var = 1;
5150 var_nothing->offset = 0;
5151 var_nothing->size = ~0;
5152 var_nothing->fullsize = ~0;
5153 var_nothing->is_special_var = 1;
5155 /* Create the ANYTHING variable, used to represent that a variable
5156 points to some unknown piece of memory. */
5157 var_anything = new_var_info (NULL_TREE, "ANYTHING");
5158 gcc_assert (var_anything->id == anything_id);
5159 var_anything->is_artificial_var = 1;
5160 var_anything->size = ~0;
5161 var_anything->offset = 0;
5162 var_anything->next = NULL;
5163 var_anything->fullsize = ~0;
5164 var_anything->is_special_var = 1;
5166 /* Anything points to anything. This makes deref constraints just
5167 work in the presence of linked list and other p = *p type loops,
5168 by saying that *ANYTHING = ANYTHING. */
5170 lhs.var = anything_id;
5172 rhs.type = ADDRESSOF;
5173 rhs.var = anything_id;
5176 /* This specifically does not use process_constraint because
5177 process_constraint ignores all anything = anything constraints, since all
5178 but this one are redundant. */
5179 VEC_safe_push (constraint_t, heap, constraints, new_constraint (lhs, rhs));
5181 /* Create the READONLY variable, used to represent that a variable
5182 points to readonly memory. */
5183 var_readonly = new_var_info (NULL_TREE, "READONLY");
5184 gcc_assert (var_readonly->id == readonly_id);
5185 var_readonly->is_artificial_var = 1;
5186 var_readonly->offset = 0;
5187 var_readonly->size = ~0;
5188 var_readonly->fullsize = ~0;
5189 var_readonly->next = NULL;
5190 var_readonly->is_special_var = 1;
5192 /* readonly memory points to anything, in order to make deref
5193 easier. In reality, it points to anything the particular
5194 readonly variable can point to, but we don't track this
5197 lhs.var = readonly_id;
5199 rhs.type = ADDRESSOF;
5200 rhs.var = readonly_id; /* FIXME */
5202 process_constraint (new_constraint (lhs, rhs));
5204 /* Create the ESCAPED variable, used to represent the set of escaped
5206 var_escaped = new_var_info (NULL_TREE, "ESCAPED");
5207 gcc_assert (var_escaped->id == escaped_id);
5208 var_escaped->is_artificial_var = 1;
5209 var_escaped->offset = 0;
5210 var_escaped->size = ~0;
5211 var_escaped->fullsize = ~0;
5212 var_escaped->is_special_var = 0;
5214 /* Create the NONLOCAL variable, used to represent the set of nonlocal
5216 var_nonlocal = new_var_info (NULL_TREE, "NONLOCAL");
5217 gcc_assert (var_nonlocal->id == nonlocal_id);
5218 var_nonlocal->is_artificial_var = 1;
5219 var_nonlocal->offset = 0;
5220 var_nonlocal->size = ~0;
5221 var_nonlocal->fullsize = ~0;
5222 var_nonlocal->is_special_var = 1;
5224 /* ESCAPED = *ESCAPED, because escaped is may-deref'd at calls, etc. */
5226 lhs.var = escaped_id;
5229 rhs.var = escaped_id;
5231 process_constraint (new_constraint (lhs, rhs));
5233 /* ESCAPED = ESCAPED + UNKNOWN_OFFSET, because if a sub-field escapes the
5234 whole variable escapes. */
5236 lhs.var = escaped_id;
5239 rhs.var = escaped_id;
5240 rhs.offset = UNKNOWN_OFFSET;
5241 process_constraint (new_constraint (lhs, rhs));
5243 /* *ESCAPED = NONLOCAL. This is true because we have to assume
5244 everything pointed to by escaped points to what global memory can
5247 lhs.var = escaped_id;
5250 rhs.var = nonlocal_id;
5252 process_constraint (new_constraint (lhs, rhs));
5254 /* NONLOCAL = &NONLOCAL, NONLOCAL = &ESCAPED. This is true because
5255 global memory may point to global memory and escaped memory. */
5257 lhs.var = nonlocal_id;
5259 rhs.type = ADDRESSOF;
5260 rhs.var = nonlocal_id;
5262 process_constraint (new_constraint (lhs, rhs));
5263 rhs.type = ADDRESSOF;
5264 rhs.var = escaped_id;
5266 process_constraint (new_constraint (lhs, rhs));
5268 /* Create the CALLUSED variable, used to represent the set of call-used
5270 var_callused = new_var_info (NULL_TREE, "CALLUSED");
5271 gcc_assert (var_callused->id == callused_id);
5272 var_callused->is_artificial_var = 1;
5273 var_callused->offset = 0;
5274 var_callused->size = ~0;
5275 var_callused->fullsize = ~0;
5276 var_callused->is_special_var = 0;
5278 /* CALLUSED = *CALLUSED, because call-used is may-deref'd at calls, etc. */
5280 lhs.var = callused_id;
5283 rhs.var = callused_id;
5285 process_constraint (new_constraint (lhs, rhs));
5287 /* CALLUSED = CALLUSED + UNKNOWN, because if a sub-field is call-used the
5288 whole variable is call-used. */
5290 lhs.var = callused_id;
5293 rhs.var = callused_id;
5294 rhs.offset = UNKNOWN_OFFSET;
5295 process_constraint (new_constraint (lhs, rhs));
5297 /* Create the STOREDANYTHING variable, used to represent the set of
5298 variables stored to *ANYTHING. */
5299 var_storedanything = new_var_info (NULL_TREE, "STOREDANYTHING");
5300 gcc_assert (var_storedanything->id == storedanything_id);
5301 var_storedanything->is_artificial_var = 1;
5302 var_storedanything->offset = 0;
5303 var_storedanything->size = ~0;
5304 var_storedanything->fullsize = ~0;
5305 var_storedanything->is_special_var = 0;
5307 /* Create the INTEGER variable, used to represent that a variable points
5308 to what an INTEGER "points to". */
5309 var_integer = new_var_info (NULL_TREE, "INTEGER");
5310 gcc_assert (var_integer->id == integer_id);
5311 var_integer->is_artificial_var = 1;
5312 var_integer->size = ~0;
5313 var_integer->fullsize = ~0;
5314 var_integer->offset = 0;
5315 var_integer->next = NULL;
5316 var_integer->is_special_var = 1;
5318 /* INTEGER = ANYTHING, because we don't know where a dereference of
5319 a random integer will point to. */
5321 lhs.var = integer_id;
5323 rhs.type = ADDRESSOF;
5324 rhs.var = anything_id;
5326 process_constraint (new_constraint (lhs, rhs));
5329 /* Initialize things necessary to perform PTA */
5332 init_alias_vars (void)
5334 use_field_sensitive = (MAX_FIELDS_FOR_FIELD_SENSITIVE > 1);
5336 bitmap_obstack_initialize (&pta_obstack);
5337 bitmap_obstack_initialize (&oldpta_obstack);
5338 bitmap_obstack_initialize (&predbitmap_obstack);
5340 constraint_pool = create_alloc_pool ("Constraint pool",
5341 sizeof (struct constraint), 30);
5342 variable_info_pool = create_alloc_pool ("Variable info pool",
5343 sizeof (struct variable_info), 30);
5344 constraints = VEC_alloc (constraint_t, heap, 8);
5345 varmap = VEC_alloc (varinfo_t, heap, 8);
5346 vi_for_tree = pointer_map_create ();
5348 memset (&stats, 0, sizeof (stats));
5349 shared_bitmap_table = htab_create (511, shared_bitmap_hash,
5350 shared_bitmap_eq, free);
5354 /* Remove the REF and ADDRESS edges from GRAPH, as well as all the
5355 predecessor edges. */
5358 remove_preds_and_fake_succs (constraint_graph_t graph)
5362 /* Clear the implicit ref and address nodes from the successor
5364 for (i = 0; i < FIRST_REF_NODE; i++)
5366 if (graph->succs[i])
5367 bitmap_clear_range (graph->succs[i], FIRST_REF_NODE,
5368 FIRST_REF_NODE * 2);
5371 /* Free the successor list for the non-ref nodes. */
5372 for (i = FIRST_REF_NODE; i < graph->size; i++)
5374 if (graph->succs[i])
5375 BITMAP_FREE (graph->succs[i]);
5378 /* Now reallocate the size of the successor list as, and blow away
5379 the predecessor bitmaps. */
5380 graph->size = VEC_length (varinfo_t, varmap);
5381 graph->succs = XRESIZEVEC (bitmap, graph->succs, graph->size);
5383 free (graph->implicit_preds);
5384 graph->implicit_preds = NULL;
5385 free (graph->preds);
5386 graph->preds = NULL;
5387 bitmap_obstack_release (&predbitmap_obstack);
5390 /* Initialize the heapvar for statement mapping. */
5393 init_alias_heapvars (void)
5395 if (!heapvar_for_stmt)
5396 heapvar_for_stmt = htab_create_ggc (11, tree_map_hash, heapvar_map_eq,
5400 /* Delete the heapvar for statement mapping. */
5403 delete_alias_heapvars (void)
5405 if (heapvar_for_stmt)
5406 htab_delete (heapvar_for_stmt);
5407 heapvar_for_stmt = NULL;
5410 /* Solve the constraint set. */
5413 solve_constraints (void)
5415 struct scc_info *si;
5419 fprintf (dump_file, "Points-to analysis\n\nConstraints:\n\n");
5420 dump_constraints (dump_file);
5425 "\nCollapsing static cycles and doing variable "
5428 init_graph (VEC_length (varinfo_t, varmap) * 2);
5431 fprintf (dump_file, "Building predecessor graph\n");
5432 build_pred_graph ();
5435 fprintf (dump_file, "Detecting pointer and location "
5437 si = perform_var_substitution (graph);
5440 fprintf (dump_file, "Rewriting constraints and unifying "
5442 rewrite_constraints (graph, si);
5444 build_succ_graph ();
5445 free_var_substitution_info (si);
5447 if (dump_file && (dump_flags & TDF_GRAPH))
5448 dump_constraint_graph (dump_file);
5450 move_complex_constraints (graph);
5453 fprintf (dump_file, "Uniting pointer but not location equivalent "
5455 unite_pointer_equivalences (graph);
5458 fprintf (dump_file, "Finding indirect cycles\n");
5459 find_indirect_cycles (graph);
5461 /* Implicit nodes and predecessors are no longer necessary at this
5463 remove_preds_and_fake_succs (graph);
5466 fprintf (dump_file, "Solving graph\n");
5468 solve_graph (graph);
5471 dump_sa_points_to_info (dump_file);
5474 /* Create points-to sets for the current function. See the comments
5475 at the start of the file for an algorithmic overview. */
5478 compute_points_to_sets (void)
5484 timevar_push (TV_TREE_PTA);
5487 init_alias_heapvars ();
5489 intra_create_variable_infos ();
5491 /* Now walk all statements and derive aliases. */
5494 gimple_stmt_iterator gsi;
5496 for (gsi = gsi_start_phis (bb); !gsi_end_p (gsi); gsi_next (&gsi))
5498 gimple phi = gsi_stmt (gsi);
5500 if (is_gimple_reg (gimple_phi_result (phi)))
5501 find_func_aliases (phi);
5504 for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi); gsi_next (&gsi))
5506 gimple stmt = gsi_stmt (gsi);
5508 find_func_aliases (stmt);
5512 /* From the constraints compute the points-to sets. */
5513 solve_constraints ();
5515 /* Compute the points-to sets for ESCAPED and CALLUSED used for
5516 call-clobber analysis. */
5517 find_what_var_points_to (get_varinfo (escaped_id),
5518 &cfun->gimple_df->escaped);
5519 find_what_var_points_to (get_varinfo (callused_id),
5520 &cfun->gimple_df->callused);
5522 /* Make sure the ESCAPED solution (which is used as placeholder in
5523 other solutions) does not reference itself. This simplifies
5524 points-to solution queries. */
5525 cfun->gimple_df->escaped.escaped = 0;
5527 /* Mark escaped HEAP variables as global. */
5528 for (i = 0; VEC_iterate (varinfo_t, varmap, i, vi); ++i)
5530 && !vi->is_restrict_var
5531 && !vi->is_global_var)
5532 DECL_EXTERNAL (vi->decl) = vi->is_global_var
5533 = pt_solution_includes (&cfun->gimple_df->escaped, vi->decl);
5535 /* Compute the points-to sets for pointer SSA_NAMEs. */
5536 for (i = 0; i < num_ssa_names; ++i)
5538 tree ptr = ssa_name (i);
5540 && POINTER_TYPE_P (TREE_TYPE (ptr)))
5541 find_what_p_points_to (ptr);
5544 timevar_pop (TV_TREE_PTA);
5548 /* Delete created points-to sets. */
5551 delete_points_to_sets (void)
5555 htab_delete (shared_bitmap_table);
5556 if (dump_file && (dump_flags & TDF_STATS))
5557 fprintf (dump_file, "Points to sets created:%d\n",
5558 stats.points_to_sets_created);
5560 pointer_map_destroy (vi_for_tree);
5561 bitmap_obstack_release (&pta_obstack);
5562 VEC_free (constraint_t, heap, constraints);
5564 for (i = 0; i < graph->size; i++)
5565 VEC_free (constraint_t, heap, graph->complex[i]);
5566 free (graph->complex);
5569 free (graph->succs);
5571 free (graph->pe_rep);
5572 free (graph->indirect_cycles);
5575 VEC_free (varinfo_t, heap, varmap);
5576 free_alloc_pool (variable_info_pool);
5577 free_alloc_pool (constraint_pool);
5581 /* Compute points-to information for every SSA_NAME pointer in the
5582 current function and compute the transitive closure of escaped
5583 variables to re-initialize the call-clobber states of local variables. */
5586 compute_may_aliases (void)
5588 /* For each pointer P_i, determine the sets of variables that P_i may
5589 point-to. Compute the reachability set of escaped and call-used
5591 compute_points_to_sets ();
5593 /* Debugging dumps. */
5596 dump_alias_info (dump_file);
5598 if (dump_flags & TDF_DETAILS)
5599 dump_referenced_vars (dump_file);
5602 /* Deallocate memory used by aliasing data structures and the internal
5603 points-to solution. */
5604 delete_points_to_sets ();
5606 gcc_assert (!need_ssa_update_p (cfun));
5612 gate_tree_pta (void)
5614 return flag_tree_pta;
5617 /* A dummy pass to cause points-to information to be computed via
5618 TODO_rebuild_alias. */
5620 struct gimple_opt_pass pass_build_alias =
5625 gate_tree_pta, /* gate */
5629 0, /* static_pass_number */
5630 TV_NONE, /* tv_id */
5631 PROP_cfg | PROP_ssa, /* properties_required */
5632 0, /* properties_provided */
5633 0, /* properties_destroyed */
5634 0, /* todo_flags_start */
5635 TODO_rebuild_alias | TODO_dump_func /* todo_flags_finish */
5639 /* A dummy pass to cause points-to information to be computed via
5640 TODO_rebuild_alias. */
5642 struct gimple_opt_pass pass_build_ealias =
5646 "ealias", /* name */
5647 gate_tree_pta, /* gate */
5651 0, /* static_pass_number */
5652 TV_NONE, /* tv_id */
5653 PROP_cfg | PROP_ssa, /* properties_required */
5654 0, /* properties_provided */
5655 0, /* properties_destroyed */
5656 0, /* todo_flags_start */
5657 TODO_rebuild_alias | TODO_dump_func /* todo_flags_finish */
5662 /* Return true if we should execute IPA PTA. */
5668 /* Don't bother doing anything if the program has errors. */
5669 && !(errorcount || sorrycount));
5672 /* Execute the driver for IPA PTA. */
5674 ipa_pta_execute (void)
5676 struct cgraph_node *node;
5680 init_alias_heapvars ();
5683 /* Build the constraints. */
5684 for (node = cgraph_nodes; node; node = node->next)
5686 /* Nodes without a body are not interesting. Especially do not
5687 visit clones at this point for now - we get duplicate decls
5688 there for inline clones at least. */
5689 if (!gimple_has_body_p (node->decl)
5693 /* It does not make sense to have graph edges into or out of
5694 externally visible functions. There is no extra information
5695 we can gather from them. */
5696 if (node->local.externally_visible)
5699 create_function_info_for (node->decl,
5700 cgraph_node_name (node));
5703 for (node = cgraph_nodes; node; node = node->next)
5705 struct function *func;
5709 /* Nodes without a body are not interesting. */
5710 if (!gimple_has_body_p (node->decl)
5716 "Generating constraints for %s\n",
5717 cgraph_node_name (node));
5719 func = DECL_STRUCT_FUNCTION (node->decl);
5720 old_func_decl = current_function_decl;
5722 current_function_decl = node->decl;
5724 /* For externally visible functions use local constraints for
5725 their arguments. For local functions we see all callers
5726 and thus do not need initial constraints for parameters. */
5727 if (node->local.externally_visible)
5728 intra_create_variable_infos ();
5730 /* Build constriants for the function body. */
5731 FOR_EACH_BB_FN (bb, func)
5733 gimple_stmt_iterator gsi;
5735 for (gsi = gsi_start_phis (bb); !gsi_end_p (gsi);
5738 gimple phi = gsi_stmt (gsi);
5740 if (is_gimple_reg (gimple_phi_result (phi)))
5741 find_func_aliases (phi);
5744 for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi); gsi_next (&gsi))
5746 gimple stmt = gsi_stmt (gsi);
5748 find_func_aliases (stmt);
5752 current_function_decl = old_func_decl;
5756 /* From the constraints compute the points-to sets. */
5757 solve_constraints ();
5759 delete_points_to_sets ();
5766 struct simple_ipa_opt_pass pass_ipa_pta =
5771 gate_ipa_pta, /* gate */
5772 ipa_pta_execute, /* execute */
5775 0, /* static_pass_number */
5776 TV_IPA_PTA, /* tv_id */
5777 0, /* properties_required */
5778 0, /* properties_provided */
5779 0, /* properties_destroyed */
5780 0, /* todo_flags_start */
5781 TODO_update_ssa /* todo_flags_finish */
5786 #include "gt-tree-ssa-structalias.h"
OSDN Git Service
