1 /* Tree based points-to analysis
2 Copyright (C) 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc.
3 Contributed by Daniel Berlin <dberlin@dberlin.org>
5 This file is part of GCC.
7 GCC is free software; you can redistribute it and/or modify
8 under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 GCC is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with GCC; see the file COPYING3. If not see
19 <http://www.gnu.org/licenses/>. */
23 #include "coretypes.h"
31 #include "hard-reg-set.h"
32 #include "basic-block.h"
35 #include "tree-flow.h"
36 #include "tree-inline.h"
38 #include "diagnostic.h"
44 #include "tree-pass.h"
46 #include "alloc-pool.h"
47 #include "splay-tree.h"
51 #include "pointer-set.h"
53 /* The idea behind this analyzer is to generate set constraints from the
54 program, then solve the resulting constraints in order to generate the
57 Set constraints are a way of modeling program analysis problems that
58 involve sets. They consist of an inclusion constraint language,
59 describing the variables (each variable is a set) and operations that
60 are involved on the variables, and a set of rules that derive facts
61 from these operations. To solve a system of set constraints, you derive
62 all possible facts under the rules, which gives you the correct sets
65 See "Efficient Field-sensitive pointer analysis for C" by "David
66 J. Pearce and Paul H. J. Kelly and Chris Hankin, at
67 http://citeseer.ist.psu.edu/pearce04efficient.html
69 Also see "Ultra-fast Aliasing Analysis using CLA: A Million Lines
70 of C Code in a Second" by ""Nevin Heintze and Olivier Tardieu" at
71 http://citeseer.ist.psu.edu/heintze01ultrafast.html
73 There are three types of real constraint expressions, DEREF,
74 ADDRESSOF, and SCALAR. Each constraint expression consists
75 of a constraint type, a variable, and an offset.
77 SCALAR is a constraint expression type used to represent x, whether
78 it appears on the LHS or the RHS of a statement.
79 DEREF is a constraint expression type used to represent *x, whether
80 it appears on the LHS or the RHS of a statement.
81 ADDRESSOF is a constraint expression used to represent &x, whether
82 it appears on the LHS or the RHS of a statement.
84 Each pointer variable in the program is assigned an integer id, and
85 each field of a structure variable is assigned an integer id as well.
87 Structure variables are linked to their list of fields through a "next
88 field" in each variable that points to the next field in offset
90 Each variable for a structure field has
92 1. "size", that tells the size in bits of that field.
93 2. "fullsize, that tells the size in bits of the entire structure.
94 3. "offset", that tells the offset in bits from the beginning of the
95 structure to this field.
107 foo.a -> id 1, size 32, offset 0, fullsize 64, next foo.b
108 foo.b -> id 2, size 32, offset 32, fullsize 64, next NULL
109 bar -> id 3, size 32, offset 0, fullsize 32, next NULL
112 In order to solve the system of set constraints, the following is
115 1. Each constraint variable x has a solution set associated with it,
118 2. Constraints are separated into direct, copy, and complex.
119 Direct constraints are ADDRESSOF constraints that require no extra
120 processing, such as P = &Q
121 Copy constraints are those of the form P = Q.
122 Complex constraints are all the constraints involving dereferences
123 and offsets (including offsetted copies).
125 3. All direct constraints of the form P = &Q are processed, such
126 that Q is added to Sol(P)
128 4. All complex constraints for a given constraint variable are stored in a
129 linked list attached to that variable's node.
131 5. A directed graph is built out of the copy constraints. Each
132 constraint variable is a node in the graph, and an edge from
133 Q to P is added for each copy constraint of the form P = Q
135 6. The graph is then walked, and solution sets are
136 propagated along the copy edges, such that an edge from Q to P
137 causes Sol(P) <- Sol(P) union Sol(Q).
139 7. As we visit each node, all complex constraints associated with
140 that node are processed by adding appropriate copy edges to the graph, or the
141 appropriate variables to the solution set.
143 8. The process of walking the graph is iterated until no solution
146 Prior to walking the graph in steps 6 and 7, We perform static
147 cycle elimination on the constraint graph, as well
148 as off-line variable substitution.
150 TODO: Adding offsets to pointer-to-structures can be handled (IE not punted
151 on and turned into anything), but isn't. You can just see what offset
152 inside the pointed-to struct it's going to access.
154 TODO: Constant bounded arrays can be handled as if they were structs of the
155 same number of elements.
157 TODO: Modeling heap and incoming pointers becomes much better if we
158 add fields to them as we discover them, which we could do.
160 TODO: We could handle unions, but to be honest, it's probably not
161 worth the pain or slowdown. */
163 static GTY ((if_marked ("tree_map_marked_p"), param_is (struct tree_map)))
164 htab_t heapvar_for_stmt;
166 static bool use_field_sensitive = true;
167 static int in_ipa_mode = 0;
169 /* Used for predecessor bitmaps. */
170 static bitmap_obstack predbitmap_obstack;
172 /* Used for points-to sets. */
173 static bitmap_obstack pta_obstack;
175 /* Used for oldsolution members of variables. */
176 static bitmap_obstack oldpta_obstack;
178 /* Used for per-solver-iteration bitmaps. */
179 static bitmap_obstack iteration_obstack;
181 static unsigned int create_variable_info_for (tree, const char *);
182 typedef struct constraint_graph *constraint_graph_t;
183 static void unify_nodes (constraint_graph_t, unsigned int, unsigned int, bool);
186 typedef struct constraint *constraint_t;
188 DEF_VEC_P(constraint_t);
189 DEF_VEC_ALLOC_P(constraint_t,heap);
191 #define EXECUTE_IF_IN_NONNULL_BITMAP(a, b, c, d) \
193 EXECUTE_IF_SET_IN_BITMAP (a, b, c, d)
195 static struct constraint_stats
197 unsigned int total_vars;
198 unsigned int nonpointer_vars;
199 unsigned int unified_vars_static;
200 unsigned int unified_vars_dynamic;
201 unsigned int iterations;
202 unsigned int num_edges;
203 unsigned int num_implicit_edges;
204 unsigned int points_to_sets_created;
209 /* ID of this variable */
212 /* True if this is a variable created by the constraint analysis, such as
213 heap variables and constraints we had to break up. */
214 unsigned int is_artificial_var:1;
216 /* True if this is a special variable whose solution set should not be
218 unsigned int is_special_var:1;
220 /* True for variables whose size is not known or variable. */
221 unsigned int is_unknown_size_var:1;
223 /* True for (sub-)fields that represent a whole variable. */
224 unsigned int is_full_var : 1;
226 /* True if this is a heap variable. */
227 unsigned int is_heap_var:1;
229 /* True if we may not use TBAA to prune references to this
230 variable. This is used for C++ placement new. */
231 unsigned int no_tbaa_pruning : 1;
233 /* True if this field may contain pointers. */
234 unsigned int may_have_pointers : 1;
236 /* A link to the variable for the next field in this structure. */
237 struct variable_info *next;
239 /* Offset of this variable, in bits, from the base variable */
240 unsigned HOST_WIDE_INT offset;
242 /* Size of the variable, in bits. */
243 unsigned HOST_WIDE_INT size;
245 /* Full size of the base variable, in bits. */
246 unsigned HOST_WIDE_INT fullsize;
248 /* Name of this variable */
251 /* Tree that this variable is associated with. */
254 /* Points-to set for this variable. */
257 /* Old points-to set for this variable. */
260 typedef struct variable_info *varinfo_t;
262 static varinfo_t first_vi_for_offset (varinfo_t, unsigned HOST_WIDE_INT);
263 static varinfo_t first_or_preceding_vi_for_offset (varinfo_t,
264 unsigned HOST_WIDE_INT);
265 static varinfo_t lookup_vi_for_tree (tree);
267 /* Pool of variable info structures. */
268 static alloc_pool variable_info_pool;
270 DEF_VEC_P(varinfo_t);
272 DEF_VEC_ALLOC_P(varinfo_t, heap);
274 /* Table of variable info structures for constraint variables.
275 Indexed directly by variable info id. */
276 static VEC(varinfo_t,heap) *varmap;
278 /* Return the varmap element N */
280 static inline varinfo_t
281 get_varinfo (unsigned int n)
283 return VEC_index (varinfo_t, varmap, n);
286 /* Static IDs for the special variables. */
287 enum { nothing_id = 0, anything_id = 1, readonly_id = 2,
288 escaped_id = 3, nonlocal_id = 4, callused_id = 5,
289 storedanything_id = 6, integer_id = 7 };
291 /* Variable that represents the unknown pointer. */
292 static varinfo_t var_anything;
293 static tree anything_tree;
295 /* Variable that represents the NULL pointer. */
296 static varinfo_t var_nothing;
297 static tree nothing_tree;
299 /* Variable that represents read only memory. */
300 static varinfo_t var_readonly;
301 static tree readonly_tree;
303 /* Variable that represents escaped memory. */
304 static varinfo_t var_escaped;
305 static tree escaped_tree;
307 /* Variable that represents nonlocal memory. */
308 static varinfo_t var_nonlocal;
309 static tree nonlocal_tree;
311 /* Variable that represents call-used memory. */
312 static varinfo_t var_callused;
313 static tree callused_tree;
315 /* Variable that represents variables that are stored to anything. */
316 static varinfo_t var_storedanything;
317 static tree storedanything_tree;
319 /* Variable that represents integers. This is used for when people do things
321 static varinfo_t var_integer;
322 static tree integer_tree;
324 /* Lookup a heap var for FROM, and return it if we find one. */
327 heapvar_lookup (tree from)
329 struct tree_map *h, in;
332 h = (struct tree_map *) htab_find_with_hash (heapvar_for_stmt, &in,
333 htab_hash_pointer (from));
339 /* Insert a mapping FROM->TO in the heap var for statement
343 heapvar_insert (tree from, tree to)
348 h = GGC_NEW (struct tree_map);
349 h->hash = htab_hash_pointer (from);
352 loc = htab_find_slot_with_hash (heapvar_for_stmt, h, h->hash, INSERT);
353 *(struct tree_map **) loc = h;
356 /* Return a new variable info structure consisting for a variable
357 named NAME, and using constraint graph node NODE. */
360 new_var_info (tree t, unsigned int id, const char *name)
362 varinfo_t ret = (varinfo_t) pool_alloc (variable_info_pool);
368 ret->is_artificial_var = false;
369 ret->is_heap_var = false;
370 ret->is_special_var = false;
371 ret->is_unknown_size_var = false;
372 ret->is_full_var = false;
373 ret->may_have_pointers = true;
375 if (TREE_CODE (var) == SSA_NAME)
376 var = SSA_NAME_VAR (var);
377 ret->no_tbaa_pruning = (DECL_P (var)
378 && POINTER_TYPE_P (TREE_TYPE (var))
379 && DECL_NO_TBAA_P (var));
380 ret->solution = BITMAP_ALLOC (&pta_obstack);
381 ret->oldsolution = BITMAP_ALLOC (&oldpta_obstack);
386 typedef enum {SCALAR, DEREF, ADDRESSOF} constraint_expr_type;
388 /* An expression that appears in a constraint. */
390 struct constraint_expr
392 /* Constraint type. */
393 constraint_expr_type type;
395 /* Variable we are referring to in the constraint. */
398 /* Offset, in bits, of this constraint from the beginning of
399 variables it ends up referring to.
401 IOW, in a deref constraint, we would deref, get the result set,
402 then add OFFSET to each member. */
403 HOST_WIDE_INT offset;
406 /* Use 0x8000... as special unknown offset. */
407 #define UNKNOWN_OFFSET ((HOST_WIDE_INT)-1 << (HOST_BITS_PER_WIDE_INT-1))
409 typedef struct constraint_expr ce_s;
411 DEF_VEC_ALLOC_O(ce_s, heap);
412 static void get_constraint_for_1 (tree, VEC(ce_s, heap) **, bool);
413 static void get_constraint_for (tree, VEC(ce_s, heap) **);
414 static void do_deref (VEC (ce_s, heap) **);
416 /* Our set constraints are made up of two constraint expressions, one
419 As described in the introduction, our set constraints each represent an
420 operation between set valued variables.
424 struct constraint_expr lhs;
425 struct constraint_expr rhs;
428 /* List of constraints that we use to build the constraint graph from. */
430 static VEC(constraint_t,heap) *constraints;
431 static alloc_pool constraint_pool;
435 DEF_VEC_ALLOC_I(int, heap);
437 /* The constraint graph is represented as an array of bitmaps
438 containing successor nodes. */
440 struct constraint_graph
442 /* Size of this graph, which may be different than the number of
443 nodes in the variable map. */
446 /* Explicit successors of each node. */
449 /* Implicit predecessors of each node (Used for variable
451 bitmap *implicit_preds;
453 /* Explicit predecessors of each node (Used for variable substitution). */
456 /* Indirect cycle representatives, or -1 if the node has no indirect
458 int *indirect_cycles;
460 /* Representative node for a node. rep[a] == a unless the node has
464 /* Equivalence class representative for a label. This is used for
465 variable substitution. */
468 /* Pointer equivalence label for a node. All nodes with the same
469 pointer equivalence label can be unified together at some point
470 (either during constraint optimization or after the constraint
474 /* Pointer equivalence representative for a label. This is used to
475 handle nodes that are pointer equivalent but not location
476 equivalent. We can unite these once the addressof constraints
477 are transformed into initial points-to sets. */
480 /* Pointer equivalence label for each node, used during variable
482 unsigned int *pointer_label;
484 /* Location equivalence label for each node, used during location
485 equivalence finding. */
486 unsigned int *loc_label;
488 /* Pointed-by set for each node, used during location equivalence
489 finding. This is pointed-by rather than pointed-to, because it
490 is constructed using the predecessor graph. */
493 /* Points to sets for pointer equivalence. This is *not* the actual
494 points-to sets for nodes. */
497 /* Bitmap of nodes where the bit is set if the node is a direct
498 node. Used for variable substitution. */
499 sbitmap direct_nodes;
501 /* Bitmap of nodes where the bit is set if the node is address
502 taken. Used for variable substitution. */
503 bitmap address_taken;
505 /* Vector of complex constraints for each graph node. Complex
506 constraints are those involving dereferences or offsets that are
508 VEC(constraint_t,heap) **complex;
511 static constraint_graph_t graph;
513 /* During variable substitution and the offline version of indirect
514 cycle finding, we create nodes to represent dereferences and
515 address taken constraints. These represent where these start and
517 #define FIRST_REF_NODE (VEC_length (varinfo_t, varmap))
518 #define LAST_REF_NODE (FIRST_REF_NODE + (FIRST_REF_NODE - 1))
520 /* Return the representative node for NODE, if NODE has been unioned
522 This function performs path compression along the way to finding
523 the representative. */
526 find (unsigned int node)
528 gcc_assert (node < graph->size);
529 if (graph->rep[node] != node)
530 return graph->rep[node] = find (graph->rep[node]);
534 /* Union the TO and FROM nodes to the TO nodes.
535 Note that at some point in the future, we may want to do
536 union-by-rank, in which case we are going to have to return the
537 node we unified to. */
540 unite (unsigned int to, unsigned int from)
542 gcc_assert (to < graph->size && from < graph->size);
543 if (to != from && graph->rep[from] != to)
545 graph->rep[from] = to;
551 /* Create a new constraint consisting of LHS and RHS expressions. */
554 new_constraint (const struct constraint_expr lhs,
555 const struct constraint_expr rhs)
557 constraint_t ret = (constraint_t) pool_alloc (constraint_pool);
563 /* Print out constraint C to FILE. */
566 dump_constraint (FILE *file, constraint_t c)
568 if (c->lhs.type == ADDRESSOF)
570 else if (c->lhs.type == DEREF)
572 fprintf (file, "%s", get_varinfo (c->lhs.var)->name);
573 if (c->lhs.offset == UNKNOWN_OFFSET)
574 fprintf (file, " + UNKNOWN");
575 else if (c->lhs.offset != 0)
576 fprintf (file, " + " HOST_WIDE_INT_PRINT_DEC, c->lhs.offset);
577 fprintf (file, " = ");
578 if (c->rhs.type == ADDRESSOF)
580 else if (c->rhs.type == DEREF)
582 fprintf (file, "%s", get_varinfo (c->rhs.var)->name);
583 if (c->rhs.offset == UNKNOWN_OFFSET)
584 fprintf (file, " + UNKNOWN");
585 else if (c->rhs.offset != 0)
586 fprintf (file, " + " HOST_WIDE_INT_PRINT_DEC, c->rhs.offset);
587 fprintf (file, "\n");
591 void debug_constraint (constraint_t);
592 void debug_constraints (void);
593 void debug_constraint_graph (void);
594 void debug_solution_for_var (unsigned int);
595 void debug_sa_points_to_info (void);
597 /* Print out constraint C to stderr. */
600 debug_constraint (constraint_t c)
602 dump_constraint (stderr, c);
605 /* Print out all constraints to FILE */
608 dump_constraints (FILE *file)
612 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
613 dump_constraint (file, c);
616 /* Print out all constraints to stderr. */
619 debug_constraints (void)
621 dump_constraints (stderr);
624 /* Print out to FILE the edge in the constraint graph that is created by
625 constraint c. The edge may have a label, depending on the type of
626 constraint that it represents. If complex1, e.g: a = *b, then the label
627 is "=*", if complex2, e.g: *a = b, then the label is "*=", if
628 complex with an offset, e.g: a = b + 8, then the label is "+".
629 Otherwise the edge has no label. */
632 dump_constraint_edge (FILE *file, constraint_t c)
634 if (c->rhs.type != ADDRESSOF)
636 const char *src = get_varinfo (c->rhs.var)->name;
637 const char *dst = get_varinfo (c->lhs.var)->name;
638 fprintf (file, " \"%s\" -> \"%s\" ", src, dst);
639 /* Due to preprocessing of constraints, instructions like *a = *b are
640 illegal; thus, we do not have to handle such cases. */
641 if (c->lhs.type == DEREF)
642 fprintf (file, " [ label=\"*=\" ] ;\n");
643 else if (c->rhs.type == DEREF)
644 fprintf (file, " [ label=\"=*\" ] ;\n");
647 /* We must check the case where the constraint is an offset.
648 In this case, it is treated as a complex constraint. */
649 if (c->rhs.offset != c->lhs.offset)
650 fprintf (file, " [ label=\"+\" ] ;\n");
652 fprintf (file, " ;\n");
657 /* Print the constraint graph in dot format. */
660 dump_constraint_graph (FILE *file)
662 unsigned int i=0, size;
665 /* Only print the graph if it has already been initialized: */
669 /* Print the constraints used to produce the constraint graph. The
670 constraints will be printed as comments in the dot file: */
671 fprintf (file, "\n\n/* Constraints used in the constraint graph:\n");
672 dump_constraints (file);
673 fprintf (file, "*/\n");
675 /* Prints the header of the dot file: */
676 fprintf (file, "\n\n// The constraint graph in dot format:\n");
677 fprintf (file, "strict digraph {\n");
678 fprintf (file, " node [\n shape = box\n ]\n");
679 fprintf (file, " edge [\n fontsize = \"12\"\n ]\n");
680 fprintf (file, "\n // List of nodes in the constraint graph:\n");
682 /* The next lines print the nodes in the graph. In order to get the
683 number of nodes in the graph, we must choose the minimum between the
684 vector VEC (varinfo_t, varmap) and graph->size. If the graph has not
685 yet been initialized, then graph->size == 0, otherwise we must only
686 read nodes that have an entry in VEC (varinfo_t, varmap). */
687 size = VEC_length (varinfo_t, varmap);
688 size = size < graph->size ? size : graph->size;
689 for (i = 0; i < size; i++)
691 const char *name = get_varinfo (graph->rep[i])->name;
692 fprintf (file, " \"%s\" ;\n", name);
695 /* Go over the list of constraints printing the edges in the constraint
697 fprintf (file, "\n // The constraint edges:\n");
698 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
700 dump_constraint_edge (file, c);
702 /* Prints the tail of the dot file. By now, only the closing bracket. */
703 fprintf (file, "}\n\n\n");
706 /* Print out the constraint graph to stderr. */
709 debug_constraint_graph (void)
711 dump_constraint_graph (stderr);
716 The solver is a simple worklist solver, that works on the following
719 sbitmap changed_nodes = all zeroes;
721 For each node that is not already collapsed:
723 set bit in changed nodes
725 while (changed_count > 0)
727 compute topological ordering for constraint graph
729 find and collapse cycles in the constraint graph (updating
730 changed if necessary)
732 for each node (n) in the graph in topological order:
735 Process each complex constraint associated with the node,
736 updating changed if necessary.
738 For each outgoing edge from n, propagate the solution from n to
739 the destination of the edge, updating changed as necessary.
743 /* Return true if two constraint expressions A and B are equal. */
746 constraint_expr_equal (struct constraint_expr a, struct constraint_expr b)
748 return a.type == b.type && a.var == b.var && a.offset == b.offset;
751 /* Return true if constraint expression A is less than constraint expression
752 B. This is just arbitrary, but consistent, in order to give them an
756 constraint_expr_less (struct constraint_expr a, struct constraint_expr b)
758 if (a.type == b.type)
761 return a.offset < b.offset;
763 return a.var < b.var;
766 return a.type < b.type;
769 /* Return true if constraint A is less than constraint B. This is just
770 arbitrary, but consistent, in order to give them an ordering. */
773 constraint_less (const constraint_t a, const constraint_t b)
775 if (constraint_expr_less (a->lhs, b->lhs))
777 else if (constraint_expr_less (b->lhs, a->lhs))
780 return constraint_expr_less (a->rhs, b->rhs);
783 /* Return true if two constraints A and B are equal. */
786 constraint_equal (struct constraint a, struct constraint b)
788 return constraint_expr_equal (a.lhs, b.lhs)
789 && constraint_expr_equal (a.rhs, b.rhs);
793 /* Find a constraint LOOKFOR in the sorted constraint vector VEC */
796 constraint_vec_find (VEC(constraint_t,heap) *vec,
797 struct constraint lookfor)
805 place = VEC_lower_bound (constraint_t, vec, &lookfor, constraint_less);
806 if (place >= VEC_length (constraint_t, vec))
808 found = VEC_index (constraint_t, vec, place);
809 if (!constraint_equal (*found, lookfor))
814 /* Union two constraint vectors, TO and FROM. Put the result in TO. */
817 constraint_set_union (VEC(constraint_t,heap) **to,
818 VEC(constraint_t,heap) **from)
823 for (i = 0; VEC_iterate (constraint_t, *from, i, c); i++)
825 if (constraint_vec_find (*to, *c) == NULL)
827 unsigned int place = VEC_lower_bound (constraint_t, *to, c,
829 VEC_safe_insert (constraint_t, heap, *to, place, c);
834 /* Expands the solution in SET to all sub-fields of variables included.
835 Union the expanded result into RESULT. */
838 solution_set_expand (bitmap result, bitmap set)
844 /* In a first pass record all variables we need to add all
845 sub-fields off. This avoids quadratic behavior. */
846 EXECUTE_IF_SET_IN_BITMAP (set, 0, j, bi)
848 varinfo_t v = get_varinfo (j);
849 if (v->is_artificial_var
852 v = lookup_vi_for_tree (v->decl);
854 vars = BITMAP_ALLOC (NULL);
855 bitmap_set_bit (vars, v->id);
858 /* In the second pass now do the addition to the solution and
859 to speed up solving add it to the delta as well. */
862 EXECUTE_IF_SET_IN_BITMAP (vars, 0, j, bi)
864 varinfo_t v = get_varinfo (j);
865 for (; v != NULL; v = v->next)
866 bitmap_set_bit (result, v->id);
872 /* Take a solution set SET, add OFFSET to each member of the set, and
873 overwrite SET with the result when done. */
876 solution_set_add (bitmap set, HOST_WIDE_INT offset)
878 bitmap result = BITMAP_ALLOC (&iteration_obstack);
882 /* If the offset is unknown we have to expand the solution to
884 if (offset == UNKNOWN_OFFSET)
886 solution_set_expand (set, set);
890 EXECUTE_IF_SET_IN_BITMAP (set, 0, i, bi)
892 varinfo_t vi = get_varinfo (i);
894 /* If this is a variable with just one field just set its bit
896 if (vi->is_artificial_var
897 || vi->is_unknown_size_var
899 bitmap_set_bit (result, i);
902 unsigned HOST_WIDE_INT fieldoffset = vi->offset + offset;
904 /* If the offset makes the pointer point to before the
905 variable use offset zero for the field lookup. */
907 && fieldoffset > vi->offset)
911 vi = first_or_preceding_vi_for_offset (vi, fieldoffset);
913 bitmap_set_bit (result, vi->id);
914 /* If the result is not exactly at fieldoffset include the next
915 field as well. See get_constraint_for_ptr_offset for more
917 if (vi->offset != fieldoffset
919 bitmap_set_bit (result, vi->next->id);
923 bitmap_copy (set, result);
924 BITMAP_FREE (result);
927 /* Union solution sets TO and FROM, and add INC to each member of FROM in the
931 set_union_with_increment (bitmap to, bitmap from, HOST_WIDE_INT inc)
934 return bitmap_ior_into (to, from);
940 tmp = BITMAP_ALLOC (&iteration_obstack);
941 bitmap_copy (tmp, from);
942 solution_set_add (tmp, inc);
943 res = bitmap_ior_into (to, tmp);
949 /* Insert constraint C into the list of complex constraints for graph
953 insert_into_complex (constraint_graph_t graph,
954 unsigned int var, constraint_t c)
956 VEC (constraint_t, heap) *complex = graph->complex[var];
957 unsigned int place = VEC_lower_bound (constraint_t, complex, c,
960 /* Only insert constraints that do not already exist. */
961 if (place >= VEC_length (constraint_t, complex)
962 || !constraint_equal (*c, *VEC_index (constraint_t, complex, place)))
963 VEC_safe_insert (constraint_t, heap, graph->complex[var], place, c);
967 /* Condense two variable nodes into a single variable node, by moving
968 all associated info from SRC to TO. */
971 merge_node_constraints (constraint_graph_t graph, unsigned int to,
977 gcc_assert (find (from) == to);
979 /* Move all complex constraints from src node into to node */
980 for (i = 0; VEC_iterate (constraint_t, graph->complex[from], i, c); i++)
982 /* In complex constraints for node src, we may have either
983 a = *src, and *src = a, or an offseted constraint which are
984 always added to the rhs node's constraints. */
986 if (c->rhs.type == DEREF)
988 else if (c->lhs.type == DEREF)
993 constraint_set_union (&graph->complex[to], &graph->complex[from]);
994 VEC_free (constraint_t, heap, graph->complex[from]);
995 graph->complex[from] = NULL;
999 /* Remove edges involving NODE from GRAPH. */
1002 clear_edges_for_node (constraint_graph_t graph, unsigned int node)
1004 if (graph->succs[node])
1005 BITMAP_FREE (graph->succs[node]);
1008 /* Merge GRAPH nodes FROM and TO into node TO. */
1011 merge_graph_nodes (constraint_graph_t graph, unsigned int to,
1014 if (graph->indirect_cycles[from] != -1)
1016 /* If we have indirect cycles with the from node, and we have
1017 none on the to node, the to node has indirect cycles from the
1018 from node now that they are unified.
1019 If indirect cycles exist on both, unify the nodes that they
1020 are in a cycle with, since we know they are in a cycle with
1022 if (graph->indirect_cycles[to] == -1)
1023 graph->indirect_cycles[to] = graph->indirect_cycles[from];
1026 /* Merge all the successor edges. */
1027 if (graph->succs[from])
1029 if (!graph->succs[to])
1030 graph->succs[to] = BITMAP_ALLOC (&pta_obstack);
1031 bitmap_ior_into (graph->succs[to],
1032 graph->succs[from]);
1035 clear_edges_for_node (graph, from);
1039 /* Add an indirect graph edge to GRAPH, going from TO to FROM if
1040 it doesn't exist in the graph already. */
1043 add_implicit_graph_edge (constraint_graph_t graph, unsigned int to,
1049 if (!graph->implicit_preds[to])
1050 graph->implicit_preds[to] = BITMAP_ALLOC (&predbitmap_obstack);
1052 if (bitmap_set_bit (graph->implicit_preds[to], from))
1053 stats.num_implicit_edges++;
1056 /* Add a predecessor graph edge to GRAPH, going from TO to FROM if
1057 it doesn't exist in the graph already.
1058 Return false if the edge already existed, true otherwise. */
1061 add_pred_graph_edge (constraint_graph_t graph, unsigned int to,
1064 if (!graph->preds[to])
1065 graph->preds[to] = BITMAP_ALLOC (&predbitmap_obstack);
1066 bitmap_set_bit (graph->preds[to], from);
1069 /* Add a graph edge to GRAPH, going from FROM to TO if
1070 it doesn't exist in the graph already.
1071 Return false if the edge already existed, true otherwise. */
1074 add_graph_edge (constraint_graph_t graph, unsigned int to,
1085 if (!graph->succs[from])
1086 graph->succs[from] = BITMAP_ALLOC (&pta_obstack);
1087 if (bitmap_set_bit (graph->succs[from], to))
1090 if (to < FIRST_REF_NODE && from < FIRST_REF_NODE)
1098 /* Return true if {DEST.SRC} is an existing graph edge in GRAPH. */
1101 valid_graph_edge (constraint_graph_t graph, unsigned int src,
1104 return (graph->succs[dest]
1105 && bitmap_bit_p (graph->succs[dest], src));
1108 /* Initialize the constraint graph structure to contain SIZE nodes. */
1111 init_graph (unsigned int size)
1115 graph = XCNEW (struct constraint_graph);
1117 graph->succs = XCNEWVEC (bitmap, graph->size);
1118 graph->indirect_cycles = XNEWVEC (int, graph->size);
1119 graph->rep = XNEWVEC (unsigned int, graph->size);
1120 graph->complex = XCNEWVEC (VEC(constraint_t, heap) *, size);
1121 graph->pe = XCNEWVEC (unsigned int, graph->size);
1122 graph->pe_rep = XNEWVEC (int, graph->size);
1124 for (j = 0; j < graph->size; j++)
1127 graph->pe_rep[j] = -1;
1128 graph->indirect_cycles[j] = -1;
1132 /* Build the constraint graph, adding only predecessor edges right now. */
1135 build_pred_graph (void)
1141 graph->implicit_preds = XCNEWVEC (bitmap, graph->size);
1142 graph->preds = XCNEWVEC (bitmap, graph->size);
1143 graph->pointer_label = XCNEWVEC (unsigned int, graph->size);
1144 graph->loc_label = XCNEWVEC (unsigned int, graph->size);
1145 graph->pointed_by = XCNEWVEC (bitmap, graph->size);
1146 graph->points_to = XCNEWVEC (bitmap, graph->size);
1147 graph->eq_rep = XNEWVEC (int, graph->size);
1148 graph->direct_nodes = sbitmap_alloc (graph->size);
1149 graph->address_taken = BITMAP_ALLOC (&predbitmap_obstack);
1150 sbitmap_zero (graph->direct_nodes);
1152 for (j = 0; j < FIRST_REF_NODE; j++)
1154 if (!get_varinfo (j)->is_special_var)
1155 SET_BIT (graph->direct_nodes, j);
1158 for (j = 0; j < graph->size; j++)
1159 graph->eq_rep[j] = -1;
1161 for (j = 0; j < VEC_length (varinfo_t, varmap); j++)
1162 graph->indirect_cycles[j] = -1;
1164 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
1166 struct constraint_expr lhs = c->lhs;
1167 struct constraint_expr rhs = c->rhs;
1168 unsigned int lhsvar = lhs.var;
1169 unsigned int rhsvar = rhs.var;
1171 if (lhs.type == DEREF)
1174 if (rhs.offset == 0 && lhs.offset == 0 && rhs.type == SCALAR)
1175 add_pred_graph_edge (graph, FIRST_REF_NODE + lhsvar, rhsvar);
1177 else if (rhs.type == DEREF)
1180 if (rhs.offset == 0 && lhs.offset == 0 && lhs.type == SCALAR)
1181 add_pred_graph_edge (graph, lhsvar, FIRST_REF_NODE + rhsvar);
1183 RESET_BIT (graph->direct_nodes, lhsvar);
1185 else if (rhs.type == ADDRESSOF)
1190 if (graph->points_to[lhsvar] == NULL)
1191 graph->points_to[lhsvar] = BITMAP_ALLOC (&predbitmap_obstack);
1192 bitmap_set_bit (graph->points_to[lhsvar], rhsvar);
1194 if (graph->pointed_by[rhsvar] == NULL)
1195 graph->pointed_by[rhsvar] = BITMAP_ALLOC (&predbitmap_obstack);
1196 bitmap_set_bit (graph->pointed_by[rhsvar], lhsvar);
1198 /* Implicitly, *x = y */
1199 add_implicit_graph_edge (graph, FIRST_REF_NODE + lhsvar, rhsvar);
1201 /* All related variables are no longer direct nodes. */
1202 RESET_BIT (graph->direct_nodes, rhsvar);
1203 v = get_varinfo (rhsvar);
1204 if (!v->is_full_var)
1206 v = lookup_vi_for_tree (v->decl);
1209 RESET_BIT (graph->direct_nodes, v->id);
1214 bitmap_set_bit (graph->address_taken, rhsvar);
1216 else if (lhsvar > anything_id
1217 && lhsvar != rhsvar && lhs.offset == 0 && rhs.offset == 0)
1220 add_pred_graph_edge (graph, lhsvar, rhsvar);
1221 /* Implicitly, *x = *y */
1222 add_implicit_graph_edge (graph, FIRST_REF_NODE + lhsvar,
1223 FIRST_REF_NODE + rhsvar);
1225 else if (lhs.offset != 0 || rhs.offset != 0)
1227 if (rhs.offset != 0)
1228 RESET_BIT (graph->direct_nodes, lhs.var);
1229 else if (lhs.offset != 0)
1230 RESET_BIT (graph->direct_nodes, rhs.var);
1235 /* Build the constraint graph, adding successor edges. */
1238 build_succ_graph (void)
1243 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
1245 struct constraint_expr lhs;
1246 struct constraint_expr rhs;
1247 unsigned int lhsvar;
1248 unsigned int rhsvar;
1255 lhsvar = find (lhs.var);
1256 rhsvar = find (rhs.var);
1258 if (lhs.type == DEREF)
1260 if (rhs.offset == 0 && lhs.offset == 0 && rhs.type == SCALAR)
1261 add_graph_edge (graph, FIRST_REF_NODE + lhsvar, rhsvar);
1263 else if (rhs.type == DEREF)
1265 if (rhs.offset == 0 && lhs.offset == 0 && lhs.type == SCALAR)
1266 add_graph_edge (graph, lhsvar, FIRST_REF_NODE + rhsvar);
1268 else if (rhs.type == ADDRESSOF)
1271 gcc_assert (find (rhs.var) == rhs.var);
1272 bitmap_set_bit (get_varinfo (lhsvar)->solution, rhsvar);
1274 else if (lhsvar > anything_id
1275 && lhsvar != rhsvar && lhs.offset == 0 && rhs.offset == 0)
1277 add_graph_edge (graph, lhsvar, rhsvar);
1281 /* Add edges from STOREDANYTHING to all non-direct nodes. */
1282 t = find (storedanything_id);
1283 for (i = integer_id + 1; i < FIRST_REF_NODE; ++i)
1285 if (!TEST_BIT (graph->direct_nodes, i))
1286 add_graph_edge (graph, find (i), t);
1291 /* Changed variables on the last iteration. */
1292 static unsigned int changed_count;
1293 static sbitmap changed;
1295 DEF_VEC_I(unsigned);
1296 DEF_VEC_ALLOC_I(unsigned,heap);
1299 /* Strongly Connected Component visitation info. */
1306 unsigned int *node_mapping;
1308 VEC(unsigned,heap) *scc_stack;
1312 /* Recursive routine to find strongly connected components in GRAPH.
1313 SI is the SCC info to store the information in, and N is the id of current
1314 graph node we are processing.
1316 This is Tarjan's strongly connected component finding algorithm, as
1317 modified by Nuutila to keep only non-root nodes on the stack.
1318 The algorithm can be found in "On finding the strongly connected
1319 connected components in a directed graph" by Esko Nuutila and Eljas
1320 Soisalon-Soininen, in Information Processing Letters volume 49,
1321 number 1, pages 9-14. */
1324 scc_visit (constraint_graph_t graph, struct scc_info *si, unsigned int n)
1328 unsigned int my_dfs;
1330 SET_BIT (si->visited, n);
1331 si->dfs[n] = si->current_index ++;
1332 my_dfs = si->dfs[n];
1334 /* Visit all the successors. */
1335 EXECUTE_IF_IN_NONNULL_BITMAP (graph->succs[n], 0, i, bi)
1339 if (i > LAST_REF_NODE)
1343 if (TEST_BIT (si->deleted, w))
1346 if (!TEST_BIT (si->visited, w))
1347 scc_visit (graph, si, w);
1349 unsigned int t = find (w);
1350 unsigned int nnode = find (n);
1351 gcc_assert (nnode == n);
1353 if (si->dfs[t] < si->dfs[nnode])
1354 si->dfs[n] = si->dfs[t];
1358 /* See if any components have been identified. */
1359 if (si->dfs[n] == my_dfs)
1361 if (VEC_length (unsigned, si->scc_stack) > 0
1362 && si->dfs[VEC_last (unsigned, si->scc_stack)] >= my_dfs)
1364 bitmap scc = BITMAP_ALLOC (NULL);
1365 bool have_ref_node = n >= FIRST_REF_NODE;
1366 unsigned int lowest_node;
1369 bitmap_set_bit (scc, n);
1371 while (VEC_length (unsigned, si->scc_stack) != 0
1372 && si->dfs[VEC_last (unsigned, si->scc_stack)] >= my_dfs)
1374 unsigned int w = VEC_pop (unsigned, si->scc_stack);
1376 bitmap_set_bit (scc, w);
1377 if (w >= FIRST_REF_NODE)
1378 have_ref_node = true;
1381 lowest_node = bitmap_first_set_bit (scc);
1382 gcc_assert (lowest_node < FIRST_REF_NODE);
1384 /* Collapse the SCC nodes into a single node, and mark the
1386 EXECUTE_IF_SET_IN_BITMAP (scc, 0, i, bi)
1388 if (i < FIRST_REF_NODE)
1390 if (unite (lowest_node, i))
1391 unify_nodes (graph, lowest_node, i, false);
1395 unite (lowest_node, i);
1396 graph->indirect_cycles[i - FIRST_REF_NODE] = lowest_node;
1400 SET_BIT (si->deleted, n);
1403 VEC_safe_push (unsigned, heap, si->scc_stack, n);
1406 /* Unify node FROM into node TO, updating the changed count if
1407 necessary when UPDATE_CHANGED is true. */
1410 unify_nodes (constraint_graph_t graph, unsigned int to, unsigned int from,
1411 bool update_changed)
1414 gcc_assert (to != from && find (to) == to);
1415 if (dump_file && (dump_flags & TDF_DETAILS))
1416 fprintf (dump_file, "Unifying %s to %s\n",
1417 get_varinfo (from)->name,
1418 get_varinfo (to)->name);
1421 stats.unified_vars_dynamic++;
1423 stats.unified_vars_static++;
1425 merge_graph_nodes (graph, to, from);
1426 merge_node_constraints (graph, to, from);
1428 if (get_varinfo (from)->no_tbaa_pruning)
1429 get_varinfo (to)->no_tbaa_pruning = true;
1431 /* Mark TO as changed if FROM was changed. If TO was already marked
1432 as changed, decrease the changed count. */
1434 if (update_changed && TEST_BIT (changed, from))
1436 RESET_BIT (changed, from);
1437 if (!TEST_BIT (changed, to))
1438 SET_BIT (changed, to);
1441 gcc_assert (changed_count > 0);
1445 if (get_varinfo (from)->solution)
1447 /* If the solution changes because of the merging, we need to mark
1448 the variable as changed. */
1449 if (bitmap_ior_into (get_varinfo (to)->solution,
1450 get_varinfo (from)->solution))
1452 if (update_changed && !TEST_BIT (changed, to))
1454 SET_BIT (changed, to);
1459 BITMAP_FREE (get_varinfo (from)->solution);
1460 BITMAP_FREE (get_varinfo (from)->oldsolution);
1462 if (stats.iterations > 0)
1464 BITMAP_FREE (get_varinfo (to)->oldsolution);
1465 get_varinfo (to)->oldsolution = BITMAP_ALLOC (&oldpta_obstack);
1468 if (valid_graph_edge (graph, to, to))
1470 if (graph->succs[to])
1471 bitmap_clear_bit (graph->succs[to], to);
1475 /* Information needed to compute the topological ordering of a graph. */
1479 /* sbitmap of visited nodes. */
1481 /* Array that stores the topological order of the graph, *in
1483 VEC(unsigned,heap) *topo_order;
1487 /* Initialize and return a topological info structure. */
1489 static struct topo_info *
1490 init_topo_info (void)
1492 size_t size = graph->size;
1493 struct topo_info *ti = XNEW (struct topo_info);
1494 ti->visited = sbitmap_alloc (size);
1495 sbitmap_zero (ti->visited);
1496 ti->topo_order = VEC_alloc (unsigned, heap, 1);
1501 /* Free the topological sort info pointed to by TI. */
1504 free_topo_info (struct topo_info *ti)
1506 sbitmap_free (ti->visited);
1507 VEC_free (unsigned, heap, ti->topo_order);
1511 /* Visit the graph in topological order, and store the order in the
1512 topo_info structure. */
1515 topo_visit (constraint_graph_t graph, struct topo_info *ti,
1521 SET_BIT (ti->visited, n);
1523 if (graph->succs[n])
1524 EXECUTE_IF_SET_IN_BITMAP (graph->succs[n], 0, j, bi)
1526 if (!TEST_BIT (ti->visited, j))
1527 topo_visit (graph, ti, j);
1530 VEC_safe_push (unsigned, heap, ti->topo_order, n);
1533 /* Process a constraint C that represents x = *(y + off), using DELTA as the
1534 starting solution for y. */
1537 do_sd_constraint (constraint_graph_t graph, constraint_t c,
1540 unsigned int lhs = c->lhs.var;
1542 bitmap sol = get_varinfo (lhs)->solution;
1545 HOST_WIDE_INT roffset = c->rhs.offset;
1547 /* Our IL does not allow this. */
1548 gcc_assert (c->lhs.offset == 0);
1550 /* If the solution of Y contains anything it is good enough to transfer
1552 if (bitmap_bit_p (delta, anything_id))
1554 flag |= bitmap_set_bit (sol, anything_id);
1558 /* If we do not know at with offset the rhs is dereferenced compute
1559 the reachability set of DELTA, conservatively assuming it is
1560 dereferenced at all valid offsets. */
1561 if (roffset == UNKNOWN_OFFSET)
1563 solution_set_expand (delta, delta);
1564 /* No further offset processing is necessary. */
1568 /* For each variable j in delta (Sol(y)), add
1569 an edge in the graph from j to x, and union Sol(j) into Sol(x). */
1570 EXECUTE_IF_SET_IN_BITMAP (delta, 0, j, bi)
1572 varinfo_t v = get_varinfo (j);
1573 HOST_WIDE_INT fieldoffset = v->offset + roffset;
1577 fieldoffset = v->offset;
1578 else if (roffset != 0)
1579 v = first_vi_for_offset (v, fieldoffset);
1580 /* If the access is outside of the variable we can ignore it. */
1588 /* Adding edges from the special vars is pointless.
1589 They don't have sets that can change. */
1590 if (get_varinfo (t)->is_special_var)
1591 flag |= bitmap_ior_into (sol, get_varinfo (t)->solution);
1592 /* Merging the solution from ESCAPED needlessly increases
1593 the set. Use ESCAPED as representative instead. */
1594 else if (v->id == escaped_id)
1595 flag |= bitmap_set_bit (sol, escaped_id);
1596 else if (add_graph_edge (graph, lhs, t))
1597 flag |= bitmap_ior_into (sol, get_varinfo (t)->solution);
1599 /* If the variable is not exactly at the requested offset
1600 we have to include the next one. */
1601 if (v->offset == (unsigned HOST_WIDE_INT)fieldoffset
1606 fieldoffset = v->offset;
1612 /* If the LHS solution changed, mark the var as changed. */
1615 get_varinfo (lhs)->solution = sol;
1616 if (!TEST_BIT (changed, lhs))
1618 SET_BIT (changed, lhs);
1624 /* Process a constraint C that represents *(x + off) = y using DELTA
1625 as the starting solution for x. */
1628 do_ds_constraint (constraint_t c, bitmap delta)
1630 unsigned int rhs = c->rhs.var;
1631 bitmap sol = get_varinfo (rhs)->solution;
1634 HOST_WIDE_INT loff = c->lhs.offset;
1636 /* Our IL does not allow this. */
1637 gcc_assert (c->rhs.offset == 0);
1639 /* If the solution of y contains ANYTHING simply use the ANYTHING
1640 solution. This avoids needlessly increasing the points-to sets. */
1641 if (bitmap_bit_p (sol, anything_id))
1642 sol = get_varinfo (find (anything_id))->solution;
1644 /* If the solution for x contains ANYTHING we have to merge the
1645 solution of y into all pointer variables which we do via
1647 if (bitmap_bit_p (delta, anything_id))
1649 unsigned t = find (storedanything_id);
1650 if (add_graph_edge (graph, t, rhs))
1652 if (bitmap_ior_into (get_varinfo (t)->solution, sol))
1654 if (!TEST_BIT (changed, t))
1656 SET_BIT (changed, t);
1664 /* If we do not know at with offset the rhs is dereferenced compute
1665 the reachability set of DELTA, conservatively assuming it is
1666 dereferenced at all valid offsets. */
1667 if (loff == UNKNOWN_OFFSET)
1669 solution_set_expand (delta, delta);
1673 /* For each member j of delta (Sol(x)), add an edge from y to j and
1674 union Sol(y) into Sol(j) */
1675 EXECUTE_IF_SET_IN_BITMAP (delta, 0, j, bi)
1677 varinfo_t v = get_varinfo (j);
1679 HOST_WIDE_INT fieldoffset = v->offset + loff;
1681 if (v->is_special_var)
1685 fieldoffset = v->offset;
1687 v = first_vi_for_offset (v, fieldoffset);
1688 /* If the access is outside of the variable we can ignore it. */
1694 if (v->may_have_pointers)
1697 if (add_graph_edge (graph, t, rhs))
1699 if (bitmap_ior_into (get_varinfo (t)->solution, sol))
1702 sol = get_varinfo (rhs)->solution;
1703 if (!TEST_BIT (changed, t))
1705 SET_BIT (changed, t);
1712 /* If the variable is not exactly at the requested offset
1713 we have to include the next one. */
1714 if (v->offset == (unsigned HOST_WIDE_INT)fieldoffset
1719 fieldoffset = v->offset;
1725 /* Handle a non-simple (simple meaning requires no iteration),
1726 constraint (IE *x = &y, x = *y, *x = y, and x = y with offsets involved). */
1729 do_complex_constraint (constraint_graph_t graph, constraint_t c, bitmap delta)
1731 if (c->lhs.type == DEREF)
1733 if (c->rhs.type == ADDRESSOF)
1740 do_ds_constraint (c, delta);
1743 else if (c->rhs.type == DEREF)
1746 if (!(get_varinfo (c->lhs.var)->is_special_var))
1747 do_sd_constraint (graph, c, delta);
1755 gcc_assert (c->rhs.type == SCALAR && c->lhs.type == SCALAR);
1756 solution = get_varinfo (c->rhs.var)->solution;
1757 tmp = get_varinfo (c->lhs.var)->solution;
1759 flag = set_union_with_increment (tmp, solution, c->rhs.offset);
1763 get_varinfo (c->lhs.var)->solution = tmp;
1764 if (!TEST_BIT (changed, c->lhs.var))
1766 SET_BIT (changed, c->lhs.var);
1773 /* Initialize and return a new SCC info structure. */
1775 static struct scc_info *
1776 init_scc_info (size_t size)
1778 struct scc_info *si = XNEW (struct scc_info);
1781 si->current_index = 0;
1782 si->visited = sbitmap_alloc (size);
1783 sbitmap_zero (si->visited);
1784 si->deleted = sbitmap_alloc (size);
1785 sbitmap_zero (si->deleted);
1786 si->node_mapping = XNEWVEC (unsigned int, size);
1787 si->dfs = XCNEWVEC (unsigned int, size);
1789 for (i = 0; i < size; i++)
1790 si->node_mapping[i] = i;
1792 si->scc_stack = VEC_alloc (unsigned, heap, 1);
1796 /* Free an SCC info structure pointed to by SI */
1799 free_scc_info (struct scc_info *si)
1801 sbitmap_free (si->visited);
1802 sbitmap_free (si->deleted);
1803 free (si->node_mapping);
1805 VEC_free (unsigned, heap, si->scc_stack);
1810 /* Find indirect cycles in GRAPH that occur, using strongly connected
1811 components, and note them in the indirect cycles map.
1813 This technique comes from Ben Hardekopf and Calvin Lin,
1814 "It Pays to be Lazy: Fast and Accurate Pointer Analysis for Millions of
1815 Lines of Code", submitted to PLDI 2007. */
1818 find_indirect_cycles (constraint_graph_t graph)
1821 unsigned int size = graph->size;
1822 struct scc_info *si = init_scc_info (size);
1824 for (i = 0; i < MIN (LAST_REF_NODE, size); i ++ )
1825 if (!TEST_BIT (si->visited, i) && find (i) == i)
1826 scc_visit (graph, si, i);
1831 /* Compute a topological ordering for GRAPH, and store the result in the
1832 topo_info structure TI. */
1835 compute_topo_order (constraint_graph_t graph,
1836 struct topo_info *ti)
1839 unsigned int size = graph->size;
1841 for (i = 0; i != size; ++i)
1842 if (!TEST_BIT (ti->visited, i) && find (i) == i)
1843 topo_visit (graph, ti, i);
1846 /* Structure used to for hash value numbering of pointer equivalence
1849 typedef struct equiv_class_label
1852 unsigned int equivalence_class;
1854 } *equiv_class_label_t;
1855 typedef const struct equiv_class_label *const_equiv_class_label_t;
1857 /* A hashtable for mapping a bitmap of labels->pointer equivalence
1859 static htab_t pointer_equiv_class_table;
1861 /* A hashtable for mapping a bitmap of labels->location equivalence
1863 static htab_t location_equiv_class_table;
1865 /* Hash function for a equiv_class_label_t */
1868 equiv_class_label_hash (const void *p)
1870 const_equiv_class_label_t const ecl = (const_equiv_class_label_t) p;
1871 return ecl->hashcode;
1874 /* Equality function for two equiv_class_label_t's. */
1877 equiv_class_label_eq (const void *p1, const void *p2)
1879 const_equiv_class_label_t const eql1 = (const_equiv_class_label_t) p1;
1880 const_equiv_class_label_t const eql2 = (const_equiv_class_label_t) p2;
1881 return bitmap_equal_p (eql1->labels, eql2->labels);
1884 /* Lookup a equivalence class in TABLE by the bitmap of LABELS it
1888 equiv_class_lookup (htab_t table, bitmap labels)
1891 struct equiv_class_label ecl;
1893 ecl.labels = labels;
1894 ecl.hashcode = bitmap_hash (labels);
1896 slot = htab_find_slot_with_hash (table, &ecl,
1897 ecl.hashcode, NO_INSERT);
1901 return ((equiv_class_label_t) *slot)->equivalence_class;
1905 /* Add an equivalence class named EQUIVALENCE_CLASS with labels LABELS
1909 equiv_class_add (htab_t table, unsigned int equivalence_class,
1913 equiv_class_label_t ecl = XNEW (struct equiv_class_label);
1915 ecl->labels = labels;
1916 ecl->equivalence_class = equivalence_class;
1917 ecl->hashcode = bitmap_hash (labels);
1919 slot = htab_find_slot_with_hash (table, ecl,
1920 ecl->hashcode, INSERT);
1921 gcc_assert (!*slot);
1922 *slot = (void *) ecl;
1925 /* Perform offline variable substitution.
1927 This is a worst case quadratic time way of identifying variables
1928 that must have equivalent points-to sets, including those caused by
1929 static cycles, and single entry subgraphs, in the constraint graph.
1931 The technique is described in "Exploiting Pointer and Location
1932 Equivalence to Optimize Pointer Analysis. In the 14th International
1933 Static Analysis Symposium (SAS), August 2007." It is known as the
1934 "HU" algorithm, and is equivalent to value numbering the collapsed
1935 constraint graph including evaluating unions.
1937 The general method of finding equivalence classes is as follows:
1938 Add fake nodes (REF nodes) and edges for *a = b and a = *b constraints.
1939 Initialize all non-REF nodes to be direct nodes.
1940 For each constraint a = a U {b}, we set pts(a) = pts(a) u {fresh
1942 For each constraint containing the dereference, we also do the same
1945 We then compute SCC's in the graph and unify nodes in the same SCC,
1948 For each non-collapsed node x:
1949 Visit all unvisited explicit incoming edges.
1950 Ignoring all non-pointers, set pts(x) = Union of pts(a) for y
1952 Lookup the equivalence class for pts(x).
1953 If we found one, equivalence_class(x) = found class.
1954 Otherwise, equivalence_class(x) = new class, and new_class is
1955 added to the lookup table.
1957 All direct nodes with the same equivalence class can be replaced
1958 with a single representative node.
1959 All unlabeled nodes (label == 0) are not pointers and all edges
1960 involving them can be eliminated.
1961 We perform these optimizations during rewrite_constraints
1963 In addition to pointer equivalence class finding, we also perform
1964 location equivalence class finding. This is the set of variables
1965 that always appear together in points-to sets. We use this to
1966 compress the size of the points-to sets. */
1968 /* Current maximum pointer equivalence class id. */
1969 static int pointer_equiv_class;
1971 /* Current maximum location equivalence class id. */
1972 static int location_equiv_class;
1974 /* Recursive routine to find strongly connected components in GRAPH,
1975 and label it's nodes with DFS numbers. */
1978 condense_visit (constraint_graph_t graph, struct scc_info *si, unsigned int n)
1982 unsigned int my_dfs;
1984 gcc_assert (si->node_mapping[n] == n);
1985 SET_BIT (si->visited, n);
1986 si->dfs[n] = si->current_index ++;
1987 my_dfs = si->dfs[n];
1989 /* Visit all the successors. */
1990 EXECUTE_IF_IN_NONNULL_BITMAP (graph->preds[n], 0, i, bi)
1992 unsigned int w = si->node_mapping[i];
1994 if (TEST_BIT (si->deleted, w))
1997 if (!TEST_BIT (si->visited, w))
1998 condense_visit (graph, si, w);
2000 unsigned int t = si->node_mapping[w];
2001 unsigned int nnode = si->node_mapping[n];
2002 gcc_assert (nnode == n);
2004 if (si->dfs[t] < si->dfs[nnode])
2005 si->dfs[n] = si->dfs[t];
2009 /* Visit all the implicit predecessors. */
2010 EXECUTE_IF_IN_NONNULL_BITMAP (graph->implicit_preds[n], 0, i, bi)
2012 unsigned int w = si->node_mapping[i];
2014 if (TEST_BIT (si->deleted, w))
2017 if (!TEST_BIT (si->visited, w))
2018 condense_visit (graph, si, w);
2020 unsigned int t = si->node_mapping[w];
2021 unsigned int nnode = si->node_mapping[n];
2022 gcc_assert (nnode == n);
2024 if (si->dfs[t] < si->dfs[nnode])
2025 si->dfs[n] = si->dfs[t];
2029 /* See if any components have been identified. */
2030 if (si->dfs[n] == my_dfs)
2032 while (VEC_length (unsigned, si->scc_stack) != 0
2033 && si->dfs[VEC_last (unsigned, si->scc_stack)] >= my_dfs)
2035 unsigned int w = VEC_pop (unsigned, si->scc_stack);
2036 si->node_mapping[w] = n;
2038 if (!TEST_BIT (graph->direct_nodes, w))
2039 RESET_BIT (graph->direct_nodes, n);
2041 /* Unify our nodes. */
2042 if (graph->preds[w])
2044 if (!graph->preds[n])
2045 graph->preds[n] = BITMAP_ALLOC (&predbitmap_obstack);
2046 bitmap_ior_into (graph->preds[n], graph->preds[w]);
2048 if (graph->implicit_preds[w])
2050 if (!graph->implicit_preds[n])
2051 graph->implicit_preds[n] = BITMAP_ALLOC (&predbitmap_obstack);
2052 bitmap_ior_into (graph->implicit_preds[n],
2053 graph->implicit_preds[w]);
2055 if (graph->points_to[w])
2057 if (!graph->points_to[n])
2058 graph->points_to[n] = BITMAP_ALLOC (&predbitmap_obstack);
2059 bitmap_ior_into (graph->points_to[n],
2060 graph->points_to[w]);
2063 SET_BIT (si->deleted, n);
2066 VEC_safe_push (unsigned, heap, si->scc_stack, n);
2069 /* Label pointer equivalences. */
2072 label_visit (constraint_graph_t graph, struct scc_info *si, unsigned int n)
2076 SET_BIT (si->visited, n);
2078 if (!graph->points_to[n])
2079 graph->points_to[n] = BITMAP_ALLOC (&predbitmap_obstack);
2081 /* Label and union our incoming edges's points to sets. */
2082 EXECUTE_IF_IN_NONNULL_BITMAP (graph->preds[n], 0, i, bi)
2084 unsigned int w = si->node_mapping[i];
2085 if (!TEST_BIT (si->visited, w))
2086 label_visit (graph, si, w);
2088 /* Skip unused edges */
2089 if (w == n || graph->pointer_label[w] == 0)
2092 if (graph->points_to[w])
2093 bitmap_ior_into(graph->points_to[n], graph->points_to[w]);
2095 /* Indirect nodes get fresh variables. */
2096 if (!TEST_BIT (graph->direct_nodes, n))
2097 bitmap_set_bit (graph->points_to[n], FIRST_REF_NODE + n);
2099 if (!bitmap_empty_p (graph->points_to[n]))
2101 unsigned int label = equiv_class_lookup (pointer_equiv_class_table,
2102 graph->points_to[n]);
2105 label = pointer_equiv_class++;
2106 equiv_class_add (pointer_equiv_class_table,
2107 label, graph->points_to[n]);
2109 graph->pointer_label[n] = label;
2113 /* Perform offline variable substitution, discovering equivalence
2114 classes, and eliminating non-pointer variables. */
2116 static struct scc_info *
2117 perform_var_substitution (constraint_graph_t graph)
2120 unsigned int size = graph->size;
2121 struct scc_info *si = init_scc_info (size);
2123 bitmap_obstack_initialize (&iteration_obstack);
2124 pointer_equiv_class_table = htab_create (511, equiv_class_label_hash,
2125 equiv_class_label_eq, free);
2126 location_equiv_class_table = htab_create (511, equiv_class_label_hash,
2127 equiv_class_label_eq, free);
2128 pointer_equiv_class = 1;
2129 location_equiv_class = 1;
2131 /* Condense the nodes, which means to find SCC's, count incoming
2132 predecessors, and unite nodes in SCC's. */
2133 for (i = 0; i < FIRST_REF_NODE; i++)
2134 if (!TEST_BIT (si->visited, si->node_mapping[i]))
2135 condense_visit (graph, si, si->node_mapping[i]);
2137 sbitmap_zero (si->visited);
2138 /* Actually the label the nodes for pointer equivalences */
2139 for (i = 0; i < FIRST_REF_NODE; i++)
2140 if (!TEST_BIT (si->visited, si->node_mapping[i]))
2141 label_visit (graph, si, si->node_mapping[i]);
2143 /* Calculate location equivalence labels. */
2144 for (i = 0; i < FIRST_REF_NODE; i++)
2151 if (!graph->pointed_by[i])
2153 pointed_by = BITMAP_ALLOC (&iteration_obstack);
2155 /* Translate the pointed-by mapping for pointer equivalence
2157 EXECUTE_IF_SET_IN_BITMAP (graph->pointed_by[i], 0, j, bi)
2159 bitmap_set_bit (pointed_by,
2160 graph->pointer_label[si->node_mapping[j]]);
2162 /* The original pointed_by is now dead. */
2163 BITMAP_FREE (graph->pointed_by[i]);
2165 /* Look up the location equivalence label if one exists, or make
2167 label = equiv_class_lookup (location_equiv_class_table,
2171 label = location_equiv_class++;
2172 equiv_class_add (location_equiv_class_table,
2177 if (dump_file && (dump_flags & TDF_DETAILS))
2178 fprintf (dump_file, "Found location equivalence for node %s\n",
2179 get_varinfo (i)->name);
2180 BITMAP_FREE (pointed_by);
2182 graph->loc_label[i] = label;
2186 if (dump_file && (dump_flags & TDF_DETAILS))
2187 for (i = 0; i < FIRST_REF_NODE; i++)
2189 bool direct_node = TEST_BIT (graph->direct_nodes, i);
2191 "Equivalence classes for %s node id %d:%s are pointer: %d"
2193 direct_node ? "Direct node" : "Indirect node", i,
2194 get_varinfo (i)->name,
2195 graph->pointer_label[si->node_mapping[i]],
2196 graph->loc_label[si->node_mapping[i]]);
2199 /* Quickly eliminate our non-pointer variables. */
2201 for (i = 0; i < FIRST_REF_NODE; i++)
2203 unsigned int node = si->node_mapping[i];
2205 if (graph->pointer_label[node] == 0)
2207 if (dump_file && (dump_flags & TDF_DETAILS))
2209 "%s is a non-pointer variable, eliminating edges.\n",
2210 get_varinfo (node)->name);
2211 stats.nonpointer_vars++;
2212 clear_edges_for_node (graph, node);
2219 /* Free information that was only necessary for variable
2223 free_var_substitution_info (struct scc_info *si)
2226 free (graph->pointer_label);
2227 free (graph->loc_label);
2228 free (graph->pointed_by);
2229 free (graph->points_to);
2230 free (graph->eq_rep);
2231 sbitmap_free (graph->direct_nodes);
2232 htab_delete (pointer_equiv_class_table);
2233 htab_delete (location_equiv_class_table);
2234 bitmap_obstack_release (&iteration_obstack);
2237 /* Return an existing node that is equivalent to NODE, which has
2238 equivalence class LABEL, if one exists. Return NODE otherwise. */
2241 find_equivalent_node (constraint_graph_t graph,
2242 unsigned int node, unsigned int label)
2244 /* If the address version of this variable is unused, we can
2245 substitute it for anything else with the same label.
2246 Otherwise, we know the pointers are equivalent, but not the
2247 locations, and we can unite them later. */
2249 if (!bitmap_bit_p (graph->address_taken, node))
2251 gcc_assert (label < graph->size);
2253 if (graph->eq_rep[label] != -1)
2255 /* Unify the two variables since we know they are equivalent. */
2256 if (unite (graph->eq_rep[label], node))
2257 unify_nodes (graph, graph->eq_rep[label], node, false);
2258 return graph->eq_rep[label];
2262 graph->eq_rep[label] = node;
2263 graph->pe_rep[label] = node;
2268 gcc_assert (label < graph->size);
2269 graph->pe[node] = label;
2270 if (graph->pe_rep[label] == -1)
2271 graph->pe_rep[label] = node;
2277 /* Unite pointer equivalent but not location equivalent nodes in
2278 GRAPH. This may only be performed once variable substitution is
2282 unite_pointer_equivalences (constraint_graph_t graph)
2286 /* Go through the pointer equivalences and unite them to their
2287 representative, if they aren't already. */
2288 for (i = 0; i < FIRST_REF_NODE; i++)
2290 unsigned int label = graph->pe[i];
2293 int label_rep = graph->pe_rep[label];
2295 if (label_rep == -1)
2298 label_rep = find (label_rep);
2299 if (label_rep >= 0 && unite (label_rep, find (i)))
2300 unify_nodes (graph, label_rep, i, false);
2305 /* Move complex constraints to the GRAPH nodes they belong to. */
2308 move_complex_constraints (constraint_graph_t graph)
2313 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
2317 struct constraint_expr lhs = c->lhs;
2318 struct constraint_expr rhs = c->rhs;
2320 if (lhs.type == DEREF)
2322 insert_into_complex (graph, lhs.var, c);
2324 else if (rhs.type == DEREF)
2326 if (!(get_varinfo (lhs.var)->is_special_var))
2327 insert_into_complex (graph, rhs.var, c);
2329 else if (rhs.type != ADDRESSOF && lhs.var > anything_id
2330 && (lhs.offset != 0 || rhs.offset != 0))
2332 insert_into_complex (graph, rhs.var, c);
2339 /* Optimize and rewrite complex constraints while performing
2340 collapsing of equivalent nodes. SI is the SCC_INFO that is the
2341 result of perform_variable_substitution. */
2344 rewrite_constraints (constraint_graph_t graph,
2345 struct scc_info *si)
2351 for (j = 0; j < graph->size; j++)
2352 gcc_assert (find (j) == j);
2354 for (i = 0; VEC_iterate (constraint_t, constraints, i, c); i++)
2356 struct constraint_expr lhs = c->lhs;
2357 struct constraint_expr rhs = c->rhs;
2358 unsigned int lhsvar = find (lhs.var);
2359 unsigned int rhsvar = find (rhs.var);
2360 unsigned int lhsnode, rhsnode;
2361 unsigned int lhslabel, rhslabel;
2363 lhsnode = si->node_mapping[lhsvar];
2364 rhsnode = si->node_mapping[rhsvar];
2365 lhslabel = graph->pointer_label[lhsnode];
2366 rhslabel = graph->pointer_label[rhsnode];
2368 /* See if it is really a non-pointer variable, and if so, ignore
2372 if (dump_file && (dump_flags & TDF_DETAILS))
2375 fprintf (dump_file, "%s is a non-pointer variable,"
2376 "ignoring constraint:",
2377 get_varinfo (lhs.var)->name);
2378 dump_constraint (dump_file, c);
2380 VEC_replace (constraint_t, constraints, i, NULL);
2386 if (dump_file && (dump_flags & TDF_DETAILS))
2389 fprintf (dump_file, "%s is a non-pointer variable,"
2390 "ignoring constraint:",
2391 get_varinfo (rhs.var)->name);
2392 dump_constraint (dump_file, c);
2394 VEC_replace (constraint_t, constraints, i, NULL);
2398 lhsvar = find_equivalent_node (graph, lhsvar, lhslabel);
2399 rhsvar = find_equivalent_node (graph, rhsvar, rhslabel);
2400 c->lhs.var = lhsvar;
2401 c->rhs.var = rhsvar;
2406 /* Eliminate indirect cycles involving NODE. Return true if NODE was
2407 part of an SCC, false otherwise. */
2410 eliminate_indirect_cycles (unsigned int node)
2412 if (graph->indirect_cycles[node] != -1
2413 && !bitmap_empty_p (get_varinfo (node)->solution))
2416 VEC(unsigned,heap) *queue = NULL;
2418 unsigned int to = find (graph->indirect_cycles[node]);
2421 /* We can't touch the solution set and call unify_nodes
2422 at the same time, because unify_nodes is going to do
2423 bitmap unions into it. */
2425 EXECUTE_IF_SET_IN_BITMAP (get_varinfo (node)->solution, 0, i, bi)
2427 if (find (i) == i && i != to)
2430 VEC_safe_push (unsigned, heap, queue, i);
2435 VEC_iterate (unsigned, queue, queuepos, i);
2438 unify_nodes (graph, to, i, true);
2440 VEC_free (unsigned, heap, queue);
2446 /* Solve the constraint graph GRAPH using our worklist solver.
2447 This is based on the PW* family of solvers from the "Efficient Field
2448 Sensitive Pointer Analysis for C" paper.
2449 It works by iterating over all the graph nodes, processing the complex
2450 constraints and propagating the copy constraints, until everything stops
2451 changed. This corresponds to steps 6-8 in the solving list given above. */
2454 solve_graph (constraint_graph_t graph)
2456 unsigned int size = graph->size;
2461 changed = sbitmap_alloc (size);
2462 sbitmap_zero (changed);
2464 /* Mark all initial non-collapsed nodes as changed. */
2465 for (i = 0; i < size; i++)
2467 varinfo_t ivi = get_varinfo (i);
2468 if (find (i) == i && !bitmap_empty_p (ivi->solution)
2469 && ((graph->succs[i] && !bitmap_empty_p (graph->succs[i]))
2470 || VEC_length (constraint_t, graph->complex[i]) > 0))
2472 SET_BIT (changed, i);
2477 /* Allocate a bitmap to be used to store the changed bits. */
2478 pts = BITMAP_ALLOC (&pta_obstack);
2480 while (changed_count > 0)
2483 struct topo_info *ti = init_topo_info ();
2486 bitmap_obstack_initialize (&iteration_obstack);
2488 compute_topo_order (graph, ti);
2490 while (VEC_length (unsigned, ti->topo_order) != 0)
2493 i = VEC_pop (unsigned, ti->topo_order);
2495 /* If this variable is not a representative, skip it. */
2499 /* In certain indirect cycle cases, we may merge this
2500 variable to another. */
2501 if (eliminate_indirect_cycles (i) && find (i) != i)
2504 /* If the node has changed, we need to process the
2505 complex constraints and outgoing edges again. */
2506 if (TEST_BIT (changed, i))
2511 VEC(constraint_t,heap) *complex = graph->complex[i];
2512 bool solution_empty;
2514 RESET_BIT (changed, i);
2517 /* Compute the changed set of solution bits. */
2518 bitmap_and_compl (pts, get_varinfo (i)->solution,
2519 get_varinfo (i)->oldsolution);
2521 if (bitmap_empty_p (pts))
2524 bitmap_ior_into (get_varinfo (i)->oldsolution, pts);
2526 solution = get_varinfo (i)->solution;
2527 solution_empty = bitmap_empty_p (solution);
2529 /* Process the complex constraints */
2530 for (j = 0; VEC_iterate (constraint_t, complex, j, c); j++)
2532 /* XXX: This is going to unsort the constraints in
2533 some cases, which will occasionally add duplicate
2534 constraints during unification. This does not
2535 affect correctness. */
2536 c->lhs.var = find (c->lhs.var);
2537 c->rhs.var = find (c->rhs.var);
2539 /* The only complex constraint that can change our
2540 solution to non-empty, given an empty solution,
2541 is a constraint where the lhs side is receiving
2542 some set from elsewhere. */
2543 if (!solution_empty || c->lhs.type != DEREF)
2544 do_complex_constraint (graph, c, pts);
2547 solution_empty = bitmap_empty_p (solution);
2549 if (!solution_empty)
2552 unsigned eff_escaped_id = find (escaped_id);
2554 /* Propagate solution to all successors. */
2555 EXECUTE_IF_IN_NONNULL_BITMAP (graph->succs[i],
2561 unsigned int to = find (j);
2562 tmp = get_varinfo (to)->solution;
2565 /* Don't try to propagate to ourselves. */
2569 /* If we propagate from ESCAPED use ESCAPED as
2571 if (i == eff_escaped_id)
2572 flag = bitmap_set_bit (tmp, escaped_id);
2574 flag = set_union_with_increment (tmp, pts, 0);
2578 get_varinfo (to)->solution = tmp;
2579 if (!TEST_BIT (changed, to))
2581 SET_BIT (changed, to);
2589 free_topo_info (ti);
2590 bitmap_obstack_release (&iteration_obstack);
2594 sbitmap_free (changed);
2595 bitmap_obstack_release (&oldpta_obstack);
2598 /* Map from trees to variable infos. */
2599 static struct pointer_map_t *vi_for_tree;
2602 /* Insert ID as the variable id for tree T in the vi_for_tree map. */
2605 insert_vi_for_tree (tree t, varinfo_t vi)
2607 void **slot = pointer_map_insert (vi_for_tree, t);
2609 gcc_assert (*slot == NULL);
2613 /* Find the variable info for tree T in VI_FOR_TREE. If T does not
2614 exist in the map, return NULL, otherwise, return the varinfo we found. */
2617 lookup_vi_for_tree (tree t)
2619 void **slot = pointer_map_contains (vi_for_tree, t);
2623 return (varinfo_t) *slot;
2626 /* Return a printable name for DECL */
2629 alias_get_name (tree decl)
2631 const char *res = get_name (decl);
2633 int num_printed = 0;
2642 if (TREE_CODE (decl) == SSA_NAME)
2644 num_printed = asprintf (&temp, "%s_%u",
2645 alias_get_name (SSA_NAME_VAR (decl)),
2646 SSA_NAME_VERSION (decl));
2648 else if (DECL_P (decl))
2650 num_printed = asprintf (&temp, "D.%u", DECL_UID (decl));
2652 if (num_printed > 0)
2654 res = ggc_strdup (temp);
2660 /* Find the variable id for tree T in the map.
2661 If T doesn't exist in the map, create an entry for it and return it. */
2664 get_vi_for_tree (tree t)
2666 void **slot = pointer_map_contains (vi_for_tree, t);
2668 return get_varinfo (create_variable_info_for (t, alias_get_name (t)));
2670 return (varinfo_t) *slot;
2673 /* Get a constraint expression for a new temporary variable. */
2675 static struct constraint_expr
2676 get_constraint_exp_for_temp (tree t)
2678 struct constraint_expr cexpr;
2680 gcc_assert (SSA_VAR_P (t));
2682 cexpr.type = SCALAR;
2683 cexpr.var = get_vi_for_tree (t)->id;
2689 /* Get a constraint expression vector from an SSA_VAR_P node.
2690 If address_p is true, the result will be taken its address of. */
2693 get_constraint_for_ssa_var (tree t, VEC(ce_s, heap) **results, bool address_p)
2695 struct constraint_expr cexpr;
2698 /* We allow FUNCTION_DECLs here even though it doesn't make much sense. */
2699 gcc_assert (SSA_VAR_P (t) || DECL_P (t));
2701 /* For parameters, get at the points-to set for the actual parm
2703 if (TREE_CODE (t) == SSA_NAME
2704 && TREE_CODE (SSA_NAME_VAR (t)) == PARM_DECL
2705 && SSA_NAME_IS_DEFAULT_DEF (t))
2707 get_constraint_for_ssa_var (SSA_NAME_VAR (t), results, address_p);
2711 vi = get_vi_for_tree (t);
2713 cexpr.type = SCALAR;
2715 /* If we determine the result is "anything", and we know this is readonly,
2716 say it points to readonly memory instead. */
2717 if (cexpr.var == anything_id && TREE_READONLY (t))
2720 cexpr.type = ADDRESSOF;
2721 cexpr.var = readonly_id;
2724 /* If we are not taking the address of the constraint expr, add all
2725 sub-fiels of the variable as well. */
2728 for (; vi; vi = vi->next)
2731 VEC_safe_push (ce_s, heap, *results, &cexpr);
2736 VEC_safe_push (ce_s, heap, *results, &cexpr);
2739 /* Process constraint T, performing various simplifications and then
2740 adding it to our list of overall constraints. */
2743 process_constraint (constraint_t t)
2745 struct constraint_expr rhs = t->rhs;
2746 struct constraint_expr lhs = t->lhs;
2748 gcc_assert (rhs.var < VEC_length (varinfo_t, varmap));
2749 gcc_assert (lhs.var < VEC_length (varinfo_t, varmap));
2751 /* If we didn't get any useful constraint from the lhs we get
2752 &ANYTHING as fallback from get_constraint_for. Deal with
2753 it here by turning it into *ANYTHING. */
2754 if (lhs.type == ADDRESSOF
2755 && lhs.var == anything_id)
2758 /* ADDRESSOF on the lhs is invalid. */
2759 gcc_assert (lhs.type != ADDRESSOF);
2761 /* This can happen in our IR with things like n->a = *p */
2762 if (rhs.type == DEREF && lhs.type == DEREF && rhs.var != anything_id)
2764 /* Split into tmp = *rhs, *lhs = tmp */
2765 tree rhsdecl = get_varinfo (rhs.var)->decl;
2766 tree pointertype = TREE_TYPE (rhsdecl);
2767 tree pointedtotype = TREE_TYPE (pointertype);
2768 tree tmpvar = create_tmp_var_raw (pointedtotype, "doubledereftmp");
2769 struct constraint_expr tmplhs = get_constraint_exp_for_temp (tmpvar);
2771 process_constraint (new_constraint (tmplhs, rhs));
2772 process_constraint (new_constraint (lhs, tmplhs));
2774 else if (rhs.type == ADDRESSOF && lhs.type == DEREF)
2776 /* Split into tmp = &rhs, *lhs = tmp */
2777 tree rhsdecl = get_varinfo (rhs.var)->decl;
2778 tree pointertype = TREE_TYPE (rhsdecl);
2779 tree tmpvar = create_tmp_var_raw (pointertype, "derefaddrtmp");
2780 struct constraint_expr tmplhs = get_constraint_exp_for_temp (tmpvar);
2782 process_constraint (new_constraint (tmplhs, rhs));
2783 process_constraint (new_constraint (lhs, tmplhs));
2787 gcc_assert (rhs.type != ADDRESSOF || rhs.offset == 0);
2788 VEC_safe_push (constraint_t, heap, constraints, t);
2792 /* Return true if T is a type that could contain pointers. */
2795 type_could_have_pointers (tree type)
2797 if (POINTER_TYPE_P (type))
2800 if (TREE_CODE (type) == ARRAY_TYPE)
2801 return type_could_have_pointers (TREE_TYPE (type));
2803 return AGGREGATE_TYPE_P (type);
2806 /* Return true if T is a variable of a type that could contain
2810 could_have_pointers (tree t)
2812 return type_could_have_pointers (TREE_TYPE (t));
2815 /* Return the position, in bits, of FIELD_DECL from the beginning of its
2818 static HOST_WIDE_INT
2819 bitpos_of_field (const tree fdecl)
2822 if (!host_integerp (DECL_FIELD_OFFSET (fdecl), 0)
2823 || !host_integerp (DECL_FIELD_BIT_OFFSET (fdecl), 0))
2826 return (TREE_INT_CST_LOW (DECL_FIELD_OFFSET (fdecl)) * 8
2827 + TREE_INT_CST_LOW (DECL_FIELD_BIT_OFFSET (fdecl)));
2831 /* Get constraint expressions for offsetting PTR by OFFSET. Stores the
2832 resulting constraint expressions in *RESULTS. */
2835 get_constraint_for_ptr_offset (tree ptr, tree offset,
2836 VEC (ce_s, heap) **results)
2838 struct constraint_expr *c;
2840 HOST_WIDE_INT rhsunitoffset, rhsoffset;
2842 /* If we do not do field-sensitive PTA adding offsets to pointers
2843 does not change the points-to solution. */
2844 if (!use_field_sensitive)
2846 get_constraint_for (ptr, results);
2850 /* If the offset is not a non-negative integer constant that fits
2851 in a HOST_WIDE_INT, we have to fall back to a conservative
2852 solution which includes all sub-fields of all pointed-to
2853 variables of ptr. */
2854 if (!host_integerp (offset, 0))
2855 rhsoffset = UNKNOWN_OFFSET;
2858 /* Make sure the bit-offset also fits. */
2859 rhsunitoffset = TREE_INT_CST_LOW (offset);
2860 rhsoffset = rhsunitoffset * BITS_PER_UNIT;
2861 if (rhsunitoffset != rhsoffset / BITS_PER_UNIT)
2862 rhsoffset = UNKNOWN_OFFSET;
2865 get_constraint_for (ptr, results);
2869 /* As we are eventually appending to the solution do not use
2870 VEC_iterate here. */
2871 n = VEC_length (ce_s, *results);
2872 for (j = 0; j < n; j++)
2875 c = VEC_index (ce_s, *results, j);
2876 curr = get_varinfo (c->var);
2878 if (c->type == ADDRESSOF
2879 /* If this varinfo represents a full variable just use it. */
2880 && curr->is_full_var)
2882 else if (c->type == ADDRESSOF
2883 /* If we do not know the offset add all subfields. */
2884 && rhsoffset == UNKNOWN_OFFSET)
2886 varinfo_t temp = lookup_vi_for_tree (curr->decl);
2889 struct constraint_expr c2;
2891 c2.type = ADDRESSOF;
2893 VEC_safe_push (ce_s, heap, *results, &c2);
2898 else if (c->type == ADDRESSOF)
2901 unsigned HOST_WIDE_INT offset = curr->offset + rhsoffset;
2903 /* Search the sub-field which overlaps with the
2904 pointed-to offset. If the result is outside of the variable
2905 we have to provide a conservative result, as the variable is
2906 still reachable from the resulting pointer (even though it
2907 technically cannot point to anything). The last and first
2908 sub-fields are such conservative results.
2909 ??? If we always had a sub-field for &object + 1 then
2910 we could represent this in a more precise way. */
2912 && curr->offset < offset)
2914 temp = first_or_preceding_vi_for_offset (curr, offset);
2916 /* If the found variable is not exactly at the pointed to
2917 result, we have to include the next variable in the
2918 solution as well. Otherwise two increments by offset / 2
2919 do not result in the same or a conservative superset
2921 if (temp->offset != offset
2922 && temp->next != NULL)
2924 struct constraint_expr c2;
2925 c2.var = temp->next->id;
2926 c2.type = ADDRESSOF;
2928 VEC_safe_push (ce_s, heap, *results, &c2);
2934 c->offset = rhsoffset;
2939 /* Given a COMPONENT_REF T, return the constraint_expr vector for it.
2940 If address_p is true the result will be taken its address of. */
2943 get_constraint_for_component_ref (tree t, VEC(ce_s, heap) **results,
2947 HOST_WIDE_INT bitsize = -1;
2948 HOST_WIDE_INT bitmaxsize = -1;
2949 HOST_WIDE_INT bitpos;
2951 struct constraint_expr *result;
2953 /* Some people like to do cute things like take the address of
2956 while (!SSA_VAR_P (forzero) && !CONSTANT_CLASS_P (forzero))
2957 forzero = TREE_OPERAND (forzero, 0);
2959 if (CONSTANT_CLASS_P (forzero) && integer_zerop (forzero))
2961 struct constraint_expr temp;
2964 temp.var = integer_id;
2966 VEC_safe_push (ce_s, heap, *results, &temp);
2970 t = get_ref_base_and_extent (t, &bitpos, &bitsize, &bitmaxsize);
2972 /* Pretend to take the address of the base, we'll take care of
2973 adding the required subset of sub-fields below. */
2974 get_constraint_for_1 (t, results, true);
2975 gcc_assert (VEC_length (ce_s, *results) == 1);
2976 result = VEC_last (ce_s, *results);
2978 if (result->type == SCALAR
2979 && get_varinfo (result->var)->is_full_var)
2980 /* For single-field vars do not bother about the offset. */
2982 else if (result->type == SCALAR)
2984 /* In languages like C, you can access one past the end of an
2985 array. You aren't allowed to dereference it, so we can
2986 ignore this constraint. When we handle pointer subtraction,
2987 we may have to do something cute here. */
2989 if ((unsigned HOST_WIDE_INT)bitpos < get_varinfo (result->var)->fullsize
2992 /* It's also not true that the constraint will actually start at the
2993 right offset, it may start in some padding. We only care about
2994 setting the constraint to the first actual field it touches, so
2996 struct constraint_expr cexpr = *result;
2998 VEC_pop (ce_s, *results);
3000 for (curr = get_varinfo (cexpr.var); curr; curr = curr->next)
3002 if (ranges_overlap_p (curr->offset, curr->size,
3003 bitpos, bitmaxsize))
3005 cexpr.var = curr->id;
3006 VEC_safe_push (ce_s, heap, *results, &cexpr);
3011 /* If we are going to take the address of this field then
3012 to be able to compute reachability correctly add at least
3013 the last field of the variable. */
3015 && VEC_length (ce_s, *results) == 0)
3017 curr = get_varinfo (cexpr.var);
3018 while (curr->next != NULL)
3020 cexpr.var = curr->id;
3021 VEC_safe_push (ce_s, heap, *results, &cexpr);
3024 /* Assert that we found *some* field there. The user couldn't be
3025 accessing *only* padding. */
3026 /* Still the user could access one past the end of an array
3027 embedded in a struct resulting in accessing *only* padding. */
3028 gcc_assert (VEC_length (ce_s, *results) >= 1
3029 || ref_contains_array_ref (orig_t));
3031 else if (bitmaxsize == 0)
3033 if (dump_file && (dump_flags & TDF_DETAILS))
3034 fprintf (dump_file, "Access to zero-sized part of variable,"
3038 if (dump_file && (dump_flags & TDF_DETAILS))
3039 fprintf (dump_file, "Access to past the end of variable, ignoring\n");
3041 else if (result->type == DEREF)
3043 /* If we do not know exactly where the access goes say so. Note
3044 that only for non-structure accesses we know that we access
3045 at most one subfiled of any variable. */
3047 || bitsize != bitmaxsize
3048 || AGGREGATE_TYPE_P (TREE_TYPE (orig_t)))
3049 result->offset = UNKNOWN_OFFSET;
3051 result->offset = bitpos;
3053 else if (result->type == ADDRESSOF)
3055 /* We can end up here for component references on a
3056 VIEW_CONVERT_EXPR <>(&foobar). */
3057 result->type = SCALAR;
3058 result->var = anything_id;
3066 /* Dereference the constraint expression CONS, and return the result.
3067 DEREF (ADDRESSOF) = SCALAR
3068 DEREF (SCALAR) = DEREF
3069 DEREF (DEREF) = (temp = DEREF1; result = DEREF(temp))
3070 This is needed so that we can handle dereferencing DEREF constraints. */
3073 do_deref (VEC (ce_s, heap) **constraints)
3075 struct constraint_expr *c;
3078 for (i = 0; VEC_iterate (ce_s, *constraints, i, c); i++)
3080 if (c->type == SCALAR)
3082 else if (c->type == ADDRESSOF)
3084 else if (c->type == DEREF)
3086 tree tmpvar = create_tmp_var_raw (ptr_type_node, "dereftmp");
3087 struct constraint_expr tmplhs = get_constraint_exp_for_temp (tmpvar);
3088 process_constraint (new_constraint (tmplhs, *c));
3089 c->var = tmplhs.var;
3096 /* Given a tree T, return the constraint expression for it. */
3099 get_constraint_for_1 (tree t, VEC (ce_s, heap) **results, bool address_p)
3101 struct constraint_expr temp;
3103 /* x = integer is all glommed to a single variable, which doesn't
3104 point to anything by itself. That is, of course, unless it is an
3105 integer constant being treated as a pointer, in which case, we
3106 will return that this is really the addressof anything. This
3107 happens below, since it will fall into the default case. The only
3108 case we know something about an integer treated like a pointer is
3109 when it is the NULL pointer, and then we just say it points to
3112 Do not do that if -fno-delete-null-pointer-checks though, because
3113 in that case *NULL does not fail, so it _should_ alias *anything.
3114 It is not worth adding a new option or renaming the existing one,
3115 since this case is relatively obscure. */
3116 if (flag_delete_null_pointer_checks
3117 && ((TREE_CODE (t) == INTEGER_CST
3118 && integer_zerop (t))
3119 /* The only valid CONSTRUCTORs in gimple with pointer typed
3120 elements are zero-initializer. */
3121 || TREE_CODE (t) == CONSTRUCTOR))
3123 temp.var = nothing_id;
3124 temp.type = ADDRESSOF;
3126 VEC_safe_push (ce_s, heap, *results, &temp);
3130 /* String constants are read-only. */
3131 if (TREE_CODE (t) == STRING_CST)
3133 temp.var = readonly_id;
3136 VEC_safe_push (ce_s, heap, *results, &temp);
3140 switch (TREE_CODE_CLASS (TREE_CODE (t)))
3142 case tcc_expression:
3144 switch (TREE_CODE (t))
3148 struct constraint_expr *c;
3150 tree exp = TREE_OPERAND (t, 0);
3152 get_constraint_for_1 (exp, results, true);
3154 for (i = 0; VEC_iterate (ce_s, *results, i, c); i++)
3156 if (c->type == DEREF)
3159 c->type = ADDRESSOF;
3170 switch (TREE_CODE (t))
3174 get_constraint_for_1 (TREE_OPERAND (t, 0), results, address_p);
3179 case ARRAY_RANGE_REF:
3181 get_constraint_for_component_ref (t, results, address_p);
3183 case VIEW_CONVERT_EXPR:
3184 get_constraint_for_1 (TREE_OPERAND (t, 0), results, address_p);
3186 /* We are missing handling for TARGET_MEM_REF here. */
3191 case tcc_exceptional:
3193 switch (TREE_CODE (t))
3197 get_constraint_for_ssa_var (t, results, address_p);
3204 case tcc_declaration:
3206 get_constraint_for_ssa_var (t, results, address_p);
3212 /* The default fallback is a constraint from anything. */
3213 temp.type = ADDRESSOF;
3214 temp.var = anything_id;
3216 VEC_safe_push (ce_s, heap, *results, &temp);
3219 /* Given a gimple tree T, return the constraint expression vector for it. */
3222 get_constraint_for (tree t, VEC (ce_s, heap) **results)
3224 gcc_assert (VEC_length (ce_s, *results) == 0);
3226 get_constraint_for_1 (t, results, false);
3229 /* Handle aggregate copies by expanding into copies of the respective
3230 fields of the structures. */
3233 do_structure_copy (tree lhsop, tree rhsop)
3235 struct constraint_expr *lhsp, *rhsp;
3236 VEC (ce_s, heap) *lhsc = NULL, *rhsc = NULL;
3239 get_constraint_for (lhsop, &lhsc);
3240 get_constraint_for (rhsop, &rhsc);
3241 lhsp = VEC_index (ce_s, lhsc, 0);
3242 rhsp = VEC_index (ce_s, rhsc, 0);
3243 if (lhsp->type == DEREF
3244 || (lhsp->type == ADDRESSOF && lhsp->var == anything_id)
3245 || rhsp->type == DEREF)
3247 struct constraint_expr tmp;
3248 tree tmpvar = create_tmp_var_raw (ptr_type_node,
3249 "structcopydereftmp");
3250 tmp.var = get_vi_for_tree (tmpvar)->id;
3253 for (j = 0; VEC_iterate (ce_s, rhsc, j, rhsp); ++j)
3254 process_constraint (new_constraint (tmp, *rhsp));
3255 for (j = 0; VEC_iterate (ce_s, lhsc, j, lhsp); ++j)
3256 process_constraint (new_constraint (*lhsp, tmp));
3258 else if (lhsp->type == SCALAR
3259 && (rhsp->type == SCALAR
3260 || rhsp->type == ADDRESSOF))
3262 tree lhsbase, rhsbase;
3263 HOST_WIDE_INT lhssize, lhsmaxsize, lhsoffset;
3264 HOST_WIDE_INT rhssize, rhsmaxsize, rhsoffset;
3266 lhsbase = get_ref_base_and_extent (lhsop, &lhsoffset,
3267 &lhssize, &lhsmaxsize);
3268 rhsbase = get_ref_base_and_extent (rhsop, &rhsoffset,
3269 &rhssize, &rhsmaxsize);
3270 for (j = 0; VEC_iterate (ce_s, lhsc, j, lhsp);)
3272 varinfo_t lhsv, rhsv;
3273 rhsp = VEC_index (ce_s, rhsc, k);
3274 lhsv = get_varinfo (lhsp->var);
3275 rhsv = get_varinfo (rhsp->var);
3276 if (lhsv->may_have_pointers
3277 && ranges_overlap_p (lhsv->offset + rhsoffset, lhsv->size,
3278 rhsv->offset + lhsoffset, rhsv->size))
3279 process_constraint (new_constraint (*lhsp, *rhsp));
3280 if (lhsv->offset + rhsoffset + lhsv->size
3281 > rhsv->offset + lhsoffset + rhsv->size)
3284 if (k >= VEC_length (ce_s, rhsc))
3294 VEC_free (ce_s, heap, lhsc);
3295 VEC_free (ce_s, heap, rhsc);
3298 /* Create a constraint ID = OP. */
3301 make_constraint_to (unsigned id, tree op)
3303 VEC(ce_s, heap) *rhsc = NULL;
3304 struct constraint_expr *c;
3305 struct constraint_expr includes;
3309 includes.offset = 0;
3310 includes.type = SCALAR;
3312 get_constraint_for (op, &rhsc);
3313 for (j = 0; VEC_iterate (ce_s, rhsc, j, c); j++)
3314 process_constraint (new_constraint (includes, *c));
3315 VEC_free (ce_s, heap, rhsc);
3318 /* Make constraints necessary to make OP escape. */
3321 make_escape_constraint (tree op)
3323 make_constraint_to (escaped_id, op);
3326 /* For non-IPA mode, generate constraints necessary for a call on the
3330 handle_rhs_call (gimple stmt, VEC(ce_s, heap) **results)
3332 struct constraint_expr rhsc;
3335 for (i = 0; i < gimple_call_num_args (stmt); ++i)
3337 tree arg = gimple_call_arg (stmt, i);
3339 /* Find those pointers being passed, and make sure they end up
3340 pointing to anything. */
3341 if (could_have_pointers (arg))
3342 make_escape_constraint (arg);
3345 /* The static chain escapes as well. */
3346 if (gimple_call_chain (stmt))
3347 make_escape_constraint (gimple_call_chain (stmt));
3349 /* Regular functions return nonlocal memory. */
3350 rhsc.var = nonlocal_id;
3353 VEC_safe_push (ce_s, heap, *results, &rhsc);
3356 /* For non-IPA mode, generate constraints necessary for a call
3357 that returns a pointer and assigns it to LHS. This simply makes
3358 the LHS point to global and escaped variables. */
3361 handle_lhs_call (tree lhs, int flags, VEC(ce_s, heap) *rhsc)
3363 VEC(ce_s, heap) *lhsc = NULL;
3365 struct constraint_expr *lhsp;
3367 get_constraint_for (lhs, &lhsc);
3369 if (flags & ECF_MALLOC)
3371 struct constraint_expr rhsc;
3372 tree heapvar = heapvar_lookup (lhs);
3375 if (heapvar == NULL)
3377 heapvar = create_tmp_var_raw (ptr_type_node, "HEAP");
3378 DECL_EXTERNAL (heapvar) = 1;
3379 get_var_ann (heapvar)->is_heapvar = 1;
3380 if (gimple_referenced_vars (cfun))
3381 add_referenced_var (heapvar);
3382 heapvar_insert (lhs, heapvar);
3385 rhsc.var = create_variable_info_for (heapvar,
3386 alias_get_name (heapvar));
3387 vi = get_varinfo (rhsc.var);
3388 vi->is_artificial_var = 1;
3389 vi->is_heap_var = 1;
3390 vi->is_unknown_size_var = true;
3393 rhsc.type = ADDRESSOF;
3395 for (j = 0; VEC_iterate (ce_s, lhsc, j, lhsp); j++)
3396 process_constraint (new_constraint (*lhsp, rhsc));
3398 else if (VEC_length (ce_s, rhsc) > 0)
3400 struct constraint_expr *lhsp, *rhsp;
3402 /* If the store is to a global decl make sure to
3403 add proper escape constraints. */
3404 lhs = get_base_address (lhs);
3407 && is_global_var (lhs))
3409 struct constraint_expr tmpc;
3410 tmpc.var = escaped_id;
3413 VEC_safe_push (ce_s, heap, lhsc, &tmpc);
3415 for (i = 0; VEC_iterate (ce_s, lhsc, i, lhsp); ++i)
3416 for (j = 0; VEC_iterate (ce_s, rhsc, j, rhsp); ++j)
3417 process_constraint (new_constraint (*lhsp, *rhsp));
3419 VEC_free (ce_s, heap, lhsc);
3422 /* For non-IPA mode, generate constraints necessary for a call of a
3423 const function that returns a pointer in the statement STMT. */
3426 handle_const_call (gimple stmt, VEC(ce_s, heap) **results)
3428 struct constraint_expr rhsc, tmpc;
3429 tree tmpvar = NULL_TREE;
3432 /* Treat nested const functions the same as pure functions as far
3433 as the static chain is concerned. */
3434 if (gimple_call_chain (stmt))
3436 make_constraint_to (callused_id, gimple_call_chain (stmt));
3437 rhsc.var = callused_id;
3440 VEC_safe_push (ce_s, heap, *results, &rhsc);
3443 /* May return arguments. */
3444 for (k = 0; k < gimple_call_num_args (stmt); ++k)
3446 tree arg = gimple_call_arg (stmt, k);
3448 if (could_have_pointers (arg))
3450 VEC(ce_s, heap) *argc = NULL;
3451 struct constraint_expr *argp;
3454 /* We always use a temporary here, otherwise we end up with
3455 a quadratic amount of constraints for
3456 large_struct = const_call (large_struct);
3457 with field-sensitive PTA. */
3458 if (tmpvar == NULL_TREE)
3460 tmpvar = create_tmp_var_raw (ptr_type_node, "consttmp");
3461 tmpc = get_constraint_exp_for_temp (tmpvar);
3464 get_constraint_for (arg, &argc);
3465 for (i = 0; VEC_iterate (ce_s, argc, i, argp); i++)
3466 process_constraint (new_constraint (tmpc, *argp));
3467 VEC_free (ce_s, heap, argc);
3470 if (tmpvar != NULL_TREE)
3471 VEC_safe_push (ce_s, heap, *results, &tmpc);
3473 /* May return addresses of globals. */
3474 rhsc.var = nonlocal_id;
3476 rhsc.type = ADDRESSOF;
3477 VEC_safe_push (ce_s, heap, *results, &rhsc);
3480 /* For non-IPA mode, generate constraints necessary for a call to a
3481 pure function in statement STMT. */
3484 handle_pure_call (gimple stmt, VEC(ce_s, heap) **results)
3486 struct constraint_expr rhsc;
3488 bool need_callused = false;
3490 /* Memory reached from pointer arguments is call-used. */
3491 for (i = 0; i < gimple_call_num_args (stmt); ++i)
3493 tree arg = gimple_call_arg (stmt, i);
3495 if (could_have_pointers (arg))
3497 make_constraint_to (callused_id, arg);
3498 need_callused = true;
3502 /* The static chain is used as well. */
3503 if (gimple_call_chain (stmt))
3505 make_constraint_to (callused_id, gimple_call_chain (stmt));
3506 need_callused = true;
3509 /* Pure functions may return callused and nonlocal memory. */
3512 rhsc.var = callused_id;
3515 VEC_safe_push (ce_s, heap, *results, &rhsc);
3517 rhsc.var = nonlocal_id;
3520 VEC_safe_push (ce_s, heap, *results, &rhsc);
3523 /* Walk statement T setting up aliasing constraints according to the
3524 references found in T. This function is the main part of the
3525 constraint builder. AI points to auxiliary alias information used
3526 when building alias sets and computing alias grouping heuristics. */
3529 find_func_aliases (gimple origt)
3532 VEC(ce_s, heap) *lhsc = NULL;
3533 VEC(ce_s, heap) *rhsc = NULL;
3534 struct constraint_expr *c;
3535 enum escape_type stmt_escape_type;
3537 /* Now build constraints expressions. */
3538 if (gimple_code (t) == GIMPLE_PHI)
3540 gcc_assert (!AGGREGATE_TYPE_P (TREE_TYPE (gimple_phi_result (t))));
3542 /* Only care about pointers and structures containing
3544 if (could_have_pointers (gimple_phi_result (t)))
3549 /* For a phi node, assign all the arguments to
3551 get_constraint_for (gimple_phi_result (t), &lhsc);
3552 for (i = 0; i < gimple_phi_num_args (t); i++)
3555 tree strippedrhs = PHI_ARG_DEF (t, i);
3557 STRIP_NOPS (strippedrhs);
3558 rhstype = TREE_TYPE (strippedrhs);
3559 get_constraint_for (gimple_phi_arg_def (t, i), &rhsc);
3561 for (j = 0; VEC_iterate (ce_s, lhsc, j, c); j++)
3563 struct constraint_expr *c2;
3564 while (VEC_length (ce_s, rhsc) > 0)
3566 c2 = VEC_last (ce_s, rhsc);
3567 process_constraint (new_constraint (*c, *c2));
3568 VEC_pop (ce_s, rhsc);
3574 /* In IPA mode, we need to generate constraints to pass call
3575 arguments through their calls. There are two cases,
3576 either a GIMPLE_CALL returning a value, or just a plain
3577 GIMPLE_CALL when we are not.
3579 In non-ipa mode, we need to generate constraints for each
3580 pointer passed by address. */
3581 else if (is_gimple_call (t))
3585 VEC(ce_s, heap) *rhsc = NULL;
3586 int flags = gimple_call_flags (t);
3588 /* Const functions can return their arguments and addresses
3589 of global memory but not of escaped memory. */
3590 if (flags & (ECF_CONST|ECF_NOVOPS))
3592 if (gimple_call_lhs (t)
3593 && could_have_pointers (gimple_call_lhs (t)))
3594 handle_const_call (t, &rhsc);
3596 /* Pure functions can return addresses in and of memory
3597 reachable from their arguments, but they are not an escape
3598 point for reachable memory of their arguments. */
3599 else if (flags & (ECF_PURE|ECF_LOOPING_CONST_OR_PURE))
3600 handle_pure_call (t, &rhsc);
3602 handle_rhs_call (t, &rhsc);
3603 if (gimple_call_lhs (t)
3604 && could_have_pointers (gimple_call_lhs (t)))
3605 handle_lhs_call (gimple_call_lhs (t), flags, rhsc);
3606 VEC_free (ce_s, heap, rhsc);
3616 lhsop = gimple_call_lhs (t);
3617 decl = gimple_call_fndecl (t);
3619 /* If we can directly resolve the function being called, do so.
3620 Otherwise, it must be some sort of indirect expression that
3621 we should still be able to handle. */
3623 fi = get_vi_for_tree (decl);
3626 decl = gimple_call_fn (t);
3627 fi = get_vi_for_tree (decl);
3630 /* Assign all the passed arguments to the appropriate incoming
3631 parameters of the function. */
3632 for (j = 0; j < gimple_call_num_args (t); j++)
3634 struct constraint_expr lhs ;
3635 struct constraint_expr *rhsp;
3636 tree arg = gimple_call_arg (t, j);
3638 get_constraint_for (arg, &rhsc);
3639 if (TREE_CODE (decl) != FUNCTION_DECL)
3648 lhs.var = first_vi_for_offset (fi, i)->id;
3651 while (VEC_length (ce_s, rhsc) != 0)
3653 rhsp = VEC_last (ce_s, rhsc);
3654 process_constraint (new_constraint (lhs, *rhsp));
3655 VEC_pop (ce_s, rhsc);
3660 /* If we are returning a value, assign it to the result. */
3663 struct constraint_expr rhs;
3664 struct constraint_expr *lhsp;
3667 get_constraint_for (lhsop, &lhsc);
3668 if (TREE_CODE (decl) != FUNCTION_DECL)
3677 rhs.var = first_vi_for_offset (fi, i)->id;
3680 for (j = 0; VEC_iterate (ce_s, lhsc, j, lhsp); j++)
3681 process_constraint (new_constraint (*lhsp, rhs));
3685 /* Otherwise, just a regular assignment statement. Only care about
3686 operations with pointer result, others are dealt with as escape
3687 points if they have pointer operands. */
3688 else if (is_gimple_assign (t)
3689 && could_have_pointers (gimple_assign_lhs (t)))
3691 /* Otherwise, just a regular assignment statement. */
3692 tree lhsop = gimple_assign_lhs (t);
3693 tree rhsop = (gimple_num_ops (t) == 2) ? gimple_assign_rhs1 (t) : NULL;
3695 if (rhsop && AGGREGATE_TYPE_P (TREE_TYPE (lhsop)))
3696 do_structure_copy (lhsop, rhsop);
3700 struct constraint_expr temp;
3701 get_constraint_for (lhsop, &lhsc);
3703 if (gimple_assign_rhs_code (t) == POINTER_PLUS_EXPR)
3704 get_constraint_for_ptr_offset (gimple_assign_rhs1 (t),
3705 gimple_assign_rhs2 (t), &rhsc);
3706 else if ((CONVERT_EXPR_CODE_P (gimple_assign_rhs_code (t))
3707 && !(POINTER_TYPE_P (gimple_expr_type (t))
3708 && !POINTER_TYPE_P (TREE_TYPE (rhsop))))
3709 || gimple_assign_single_p (t))
3710 get_constraint_for (rhsop, &rhsc);
3713 temp.type = ADDRESSOF;
3714 temp.var = anything_id;
3716 VEC_safe_push (ce_s, heap, rhsc, &temp);
3718 for (j = 0; VEC_iterate (ce_s, lhsc, j, c); j++)
3720 struct constraint_expr *c2;
3723 for (k = 0; VEC_iterate (ce_s, rhsc, k, c2); k++)
3724 process_constraint (new_constraint (*c, *c2));
3728 else if (gimple_code (t) == GIMPLE_CHANGE_DYNAMIC_TYPE)
3732 get_constraint_for (gimple_cdt_location (t), &lhsc);
3733 for (j = 0; VEC_iterate (ce_s, lhsc, j, c); ++j)
3734 get_varinfo (c->var)->no_tbaa_pruning = true;
3737 stmt_escape_type = is_escape_site (t);
3738 if (stmt_escape_type == ESCAPE_STORED_IN_GLOBAL)
3740 gcc_assert (is_gimple_assign (t));
3741 if (gimple_assign_rhs_code (t) == ADDR_EXPR)
3743 tree rhs = gimple_assign_rhs1 (t);
3744 tree base = get_base_address (TREE_OPERAND (rhs, 0));
3747 || !is_global_var (base)))
3748 make_escape_constraint (rhs);
3750 else if (get_gimple_rhs_class (gimple_assign_rhs_code (t))
3751 == GIMPLE_SINGLE_RHS)
3753 if (could_have_pointers (gimple_assign_rhs1 (t)))
3754 make_escape_constraint (gimple_assign_rhs1 (t));
3759 else if (stmt_escape_type == ESCAPE_BAD_CAST)
3761 gcc_assert (is_gimple_assign (t));
3762 gcc_assert (CONVERT_EXPR_CODE_P (gimple_assign_rhs_code (t))
3763 || gimple_assign_rhs_code (t) == VIEW_CONVERT_EXPR);
3764 make_escape_constraint (gimple_assign_rhs1 (t));
3766 else if (stmt_escape_type == ESCAPE_TO_ASM)
3768 unsigned i, noutputs;
3769 const char **oconstraints;
3770 const char *constraint;
3771 bool allows_mem, allows_reg, is_inout;
3773 noutputs = gimple_asm_noutputs (t);
3774 oconstraints = XALLOCAVEC (const char *, noutputs);
3776 for (i = 0; i < noutputs; ++i)
3778 tree link = gimple_asm_output_op (t, i);
3779 tree op = TREE_VALUE (link);
3781 constraint = TREE_STRING_POINTER (TREE_VALUE (TREE_PURPOSE (link)));
3782 oconstraints[i] = constraint;
3783 parse_output_constraint (&constraint, i, 0, 0, &allows_mem,
3784 &allows_reg, &is_inout);
3786 /* A memory constraint makes the address of the operand escape. */
3787 if (!allows_reg && allows_mem)
3788 make_escape_constraint (build_fold_addr_expr (op));
3790 /* The asm may read global memory, so outputs may point to
3791 any global memory. */
3792 if (op && could_have_pointers (op))
3794 VEC(ce_s, heap) *lhsc = NULL;
3795 struct constraint_expr rhsc, *lhsp;
3797 get_constraint_for (op, &lhsc);
3798 rhsc.var = nonlocal_id;
3801 for (j = 0; VEC_iterate (ce_s, lhsc, j, lhsp); j++)
3802 process_constraint (new_constraint (*lhsp, rhsc));
3803 VEC_free (ce_s, heap, lhsc);
3806 for (i = 0; i < gimple_asm_ninputs (t); ++i)
3808 tree link = gimple_asm_input_op (t, i);
3809 tree op = TREE_VALUE (link);
3811 constraint = TREE_STRING_POINTER (TREE_VALUE (TREE_PURPOSE (link)));
3813 parse_input_constraint (&constraint, 0, 0, noutputs, 0, oconstraints,
3814 &allows_mem, &allows_reg);
3816 /* A memory constraint makes the address of the operand escape. */
3817 if (!allows_reg && allows_mem)
3818 make_escape_constraint (build_fold_addr_expr (op));
3819 /* Strictly we'd only need the constraint to ESCAPED if
3820 the asm clobbers memory, otherwise using CALLUSED
3822 else if (op && could_have_pointers (op))
3823 make_escape_constraint (op);
3827 VEC_free (ce_s, heap, rhsc);
3828 VEC_free (ce_s, heap, lhsc);
3832 /* Find the first varinfo in the same variable as START that overlaps with
3833 OFFSET. Return NULL if we can't find one. */
3836 first_vi_for_offset (varinfo_t start, unsigned HOST_WIDE_INT offset)
3838 /* If the offset is outside of the variable, bail out. */
3839 if (offset >= start->fullsize)
3842 /* If we cannot reach offset from start, lookup the first field
3843 and start from there. */
3844 if (start->offset > offset)
3845 start = lookup_vi_for_tree (start->decl);
3849 /* We may not find a variable in the field list with the actual
3850 offset when when we have glommed a structure to a variable.
3851 In that case, however, offset should still be within the size
3853 if (offset >= start->offset
3854 && offset < (start->offset + start->size))
3863 /* Find the first varinfo in the same variable as START that overlaps with
3864 OFFSET. If there is no such varinfo the varinfo directly preceding
3865 OFFSET is returned. */
3868 first_or_preceding_vi_for_offset (varinfo_t start,
3869 unsigned HOST_WIDE_INT offset)
3871 /* If we cannot reach offset from start, lookup the first field
3872 and start from there. */
3873 if (start->offset > offset)
3874 start = lookup_vi_for_tree (start->decl);
3876 /* We may not find a variable in the field list with the actual
3877 offset when when we have glommed a structure to a variable.
3878 In that case, however, offset should still be within the size
3880 If we got beyond the offset we look for return the field
3881 directly preceding offset which may be the last field. */
3883 && offset >= start->offset
3884 && !(offset < (start->offset + start->size)))
3885 start = start->next;
3891 /* Insert the varinfo FIELD into the field list for BASE, at the front
3895 insert_into_field_list (varinfo_t base, varinfo_t field)
3897 varinfo_t prev = base;
3898 varinfo_t curr = base->next;
3904 /* Insert the varinfo FIELD into the field list for BASE, ordered by
3908 insert_into_field_list_sorted (varinfo_t base, varinfo_t field)
3910 varinfo_t prev = base;
3911 varinfo_t curr = base->next;
3922 if (field->offset <= curr->offset)
3927 field->next = prev->next;
3932 /* This structure is used during pushing fields onto the fieldstack
3933 to track the offset of the field, since bitpos_of_field gives it
3934 relative to its immediate containing type, and we want it relative
3935 to the ultimate containing object. */
3939 /* Offset from the base of the base containing object to this field. */
3940 HOST_WIDE_INT offset;
3942 /* Size, in bits, of the field. */
3943 unsigned HOST_WIDE_INT size;
3945 unsigned has_unknown_size : 1;
3947 unsigned may_have_pointers : 1;
3949 typedef struct fieldoff fieldoff_s;
3951 DEF_VEC_O(fieldoff_s);
3952 DEF_VEC_ALLOC_O(fieldoff_s,heap);
3954 /* qsort comparison function for two fieldoff's PA and PB */
3957 fieldoff_compare (const void *pa, const void *pb)
3959 const fieldoff_s *foa = (const fieldoff_s *)pa;
3960 const fieldoff_s *fob = (const fieldoff_s *)pb;
3961 unsigned HOST_WIDE_INT foasize, fobsize;
3963 if (foa->offset < fob->offset)
3965 else if (foa->offset > fob->offset)
3968 foasize = foa->size;
3969 fobsize = fob->size;
3970 if (foasize < fobsize)
3972 else if (foasize > fobsize)
3977 /* Sort a fieldstack according to the field offset and sizes. */
3979 sort_fieldstack (VEC(fieldoff_s,heap) *fieldstack)
3981 qsort (VEC_address (fieldoff_s, fieldstack),
3982 VEC_length (fieldoff_s, fieldstack),
3983 sizeof (fieldoff_s),
3987 /* Return true if V is a tree that we can have subvars for.
3988 Normally, this is any aggregate type. Also complex
3989 types which are not gimple registers can have subvars. */
3992 var_can_have_subvars (const_tree v)
3994 /* Volatile variables should never have subvars. */
3995 if (TREE_THIS_VOLATILE (v))
3998 /* Non decls or memory tags can never have subvars. */
4002 /* Aggregates without overlapping fields can have subvars. */
4003 if (TREE_CODE (TREE_TYPE (v)) == RECORD_TYPE)
4009 /* Given a TYPE, and a vector of field offsets FIELDSTACK, push all
4010 the fields of TYPE onto fieldstack, recording their offsets along
4013 OFFSET is used to keep track of the offset in this entire
4014 structure, rather than just the immediately containing structure.
4015 Returns the number of fields pushed. */
4018 push_fields_onto_fieldstack (tree type, VEC(fieldoff_s,heap) **fieldstack,
4019 HOST_WIDE_INT offset)
4024 if (TREE_CODE (type) != RECORD_TYPE)
4027 /* If the vector of fields is growing too big, bail out early.
4028 Callers check for VEC_length <= MAX_FIELDS_FOR_FIELD_SENSITIVE, make
4030 if (VEC_length (fieldoff_s, *fieldstack) > MAX_FIELDS_FOR_FIELD_SENSITIVE)
4033 for (field = TYPE_FIELDS (type); field; field = TREE_CHAIN (field))
4034 if (TREE_CODE (field) == FIELD_DECL)
4038 HOST_WIDE_INT foff = bitpos_of_field (field);
4040 if (!var_can_have_subvars (field)
4041 || TREE_CODE (TREE_TYPE (field)) == QUAL_UNION_TYPE
4042 || TREE_CODE (TREE_TYPE (field)) == UNION_TYPE)
4044 else if (!(pushed = push_fields_onto_fieldstack
4045 (TREE_TYPE (field), fieldstack, offset + foff))
4046 && (DECL_SIZE (field)
4047 && !integer_zerop (DECL_SIZE (field))))
4048 /* Empty structures may have actual size, like in C++. So
4049 see if we didn't push any subfields and the size is
4050 nonzero, push the field onto the stack. */
4055 fieldoff_s *pair = NULL;
4056 bool has_unknown_size = false;
4058 if (!VEC_empty (fieldoff_s, *fieldstack))
4059 pair = VEC_last (fieldoff_s, *fieldstack);
4061 if (!DECL_SIZE (field)
4062 || !host_integerp (DECL_SIZE (field), 1))
4063 has_unknown_size = true;
4065 /* If adjacent fields do not contain pointers merge them. */
4067 && !pair->may_have_pointers
4068 && !could_have_pointers (field)
4069 && !pair->has_unknown_size
4070 && !has_unknown_size
4071 && pair->offset + (HOST_WIDE_INT)pair->size == offset + foff)
4073 pair = VEC_last (fieldoff_s, *fieldstack);
4074 pair->size += TREE_INT_CST_LOW (DECL_SIZE (field));
4078 pair = VEC_safe_push (fieldoff_s, heap, *fieldstack, NULL);
4079 pair->offset = offset + foff;
4080 pair->has_unknown_size = has_unknown_size;
4081 if (!has_unknown_size)
4082 pair->size = TREE_INT_CST_LOW (DECL_SIZE (field));
4085 pair->may_have_pointers = could_have_pointers (field);
4096 /* Create a constraint ID = &FROM. */
4099 make_constraint_from (varinfo_t vi, int from)
4101 struct constraint_expr lhs, rhs;
4109 rhs.type = ADDRESSOF;
4110 process_constraint (new_constraint (lhs, rhs));
4113 /* Create a constraint ID = FROM. */
4116 make_copy_constraint (varinfo_t vi, int from)
4118 struct constraint_expr lhs, rhs;
4127 process_constraint (new_constraint (lhs, rhs));
4130 /* Count the number of arguments DECL has, and set IS_VARARGS to true
4131 if it is a varargs function. */
4134 count_num_arguments (tree decl, bool *is_varargs)
4139 for (t = TYPE_ARG_TYPES (TREE_TYPE (decl));
4143 if (TREE_VALUE (t) == void_type_node)
4153 /* Creation function node for DECL, using NAME, and return the index
4154 of the variable we've created for the function. */
4157 create_function_info_for (tree decl, const char *name)
4159 unsigned int index = VEC_length (varinfo_t, varmap);
4163 bool is_varargs = false;
4165 /* Create the variable info. */
4167 vi = new_var_info (decl, index, name);
4171 vi->fullsize = count_num_arguments (decl, &is_varargs) + 1;
4172 insert_vi_for_tree (vi->decl, vi);
4173 VEC_safe_push (varinfo_t, heap, varmap, vi);
4177 /* If it's varargs, we don't know how many arguments it has, so we
4183 vi->is_unknown_size_var = true;
4188 arg = DECL_ARGUMENTS (decl);
4190 /* Set up variables for each argument. */
4191 for (i = 1; i < vi->fullsize; i++)
4194 const char *newname;
4196 unsigned int newindex;
4197 tree argdecl = decl;
4202 newindex = VEC_length (varinfo_t, varmap);
4203 asprintf (&tempname, "%s.arg%d", name, i-1);
4204 newname = ggc_strdup (tempname);
4207 argvi = new_var_info (argdecl, newindex, newname);
4208 argvi->decl = argdecl;
4209 VEC_safe_push (varinfo_t, heap, varmap, argvi);
4212 argvi->is_full_var = true;
4213 argvi->fullsize = vi->fullsize;
4214 insert_into_field_list_sorted (vi, argvi);
4215 stats.total_vars ++;
4218 insert_vi_for_tree (arg, argvi);
4219 arg = TREE_CHAIN (arg);
4223 /* Create a variable for the return var. */
4224 if (DECL_RESULT (decl) != NULL
4225 || !VOID_TYPE_P (TREE_TYPE (TREE_TYPE (decl))))
4228 const char *newname;
4230 unsigned int newindex;
4231 tree resultdecl = decl;
4235 if (DECL_RESULT (decl))
4236 resultdecl = DECL_RESULT (decl);
4238 newindex = VEC_length (varinfo_t, varmap);
4239 asprintf (&tempname, "%s.result", name);
4240 newname = ggc_strdup (tempname);
4243 resultvi = new_var_info (resultdecl, newindex, newname);
4244 resultvi->decl = resultdecl;
4245 VEC_safe_push (varinfo_t, heap, varmap, resultvi);
4246 resultvi->offset = i;
4248 resultvi->fullsize = vi->fullsize;
4249 resultvi->is_full_var = true;
4250 insert_into_field_list_sorted (vi, resultvi);
4251 stats.total_vars ++;
4252 if (DECL_RESULT (decl))
4253 insert_vi_for_tree (DECL_RESULT (decl), resultvi);
4259 /* Return true if FIELDSTACK contains fields that overlap.
4260 FIELDSTACK is assumed to be sorted by offset. */
4263 check_for_overlaps (VEC (fieldoff_s,heap) *fieldstack)
4265 fieldoff_s *fo = NULL;
4267 HOST_WIDE_INT lastoffset = -1;
4269 for (i = 0; VEC_iterate (fieldoff_s, fieldstack, i, fo); i++)
4271 if (fo->offset == lastoffset)
4273 lastoffset = fo->offset;
4278 /* Create a varinfo structure for NAME and DECL, and add it to VARMAP.
4279 This will also create any varinfo structures necessary for fields
4283 create_variable_info_for (tree decl, const char *name)
4285 unsigned int index = VEC_length (varinfo_t, varmap);
4287 tree decl_type = TREE_TYPE (decl);
4288 tree declsize = DECL_P (decl) ? DECL_SIZE (decl) : TYPE_SIZE (decl_type);
4289 bool is_global = DECL_P (decl) ? is_global_var (decl) : false;
4290 VEC (fieldoff_s,heap) *fieldstack = NULL;
4292 if (TREE_CODE (decl) == FUNCTION_DECL && in_ipa_mode)
4293 return create_function_info_for (decl, name);
4295 if (var_can_have_subvars (decl) && use_field_sensitive
4297 || var_ann (decl)->noalias_state == 0)
4299 || !var_ann (decl)->is_heapvar))
4300 push_fields_onto_fieldstack (decl_type, &fieldstack, 0);
4302 /* If the variable doesn't have subvars, we may end up needing to
4303 sort the field list and create fake variables for all the
4305 vi = new_var_info (decl, index, name);
4308 vi->may_have_pointers = could_have_pointers (decl);
4310 || !host_integerp (declsize, 1))
4312 vi->is_unknown_size_var = true;
4318 vi->fullsize = TREE_INT_CST_LOW (declsize);
4319 vi->size = vi->fullsize;
4322 insert_vi_for_tree (vi->decl, vi);
4323 VEC_safe_push (varinfo_t, heap, varmap, vi);
4324 if (is_global && (!flag_whole_program || !in_ipa_mode)
4325 && vi->may_have_pointers)
4328 && var_ann (decl)->noalias_state == NO_ALIAS_ANYTHING)
4329 make_constraint_from (vi, vi->id);
4331 make_copy_constraint (vi, nonlocal_id);
4335 if (use_field_sensitive
4336 && !vi->is_unknown_size_var
4337 && var_can_have_subvars (decl)
4338 && VEC_length (fieldoff_s, fieldstack) > 1
4339 && VEC_length (fieldoff_s, fieldstack) <= MAX_FIELDS_FOR_FIELD_SENSITIVE)
4341 unsigned int newindex = VEC_length (varinfo_t, varmap);
4342 fieldoff_s *fo = NULL;
4343 bool notokay = false;
4346 for (i = 0; !notokay && VEC_iterate (fieldoff_s, fieldstack, i, fo); i++)
4348 if (fo->has_unknown_size
4356 /* We can't sort them if we have a field with a variable sized type,
4357 which will make notokay = true. In that case, we are going to return
4358 without creating varinfos for the fields anyway, so sorting them is a
4362 sort_fieldstack (fieldstack);
4363 /* Due to some C++ FE issues, like PR 22488, we might end up
4364 what appear to be overlapping fields even though they,
4365 in reality, do not overlap. Until the C++ FE is fixed,
4366 we will simply disable field-sensitivity for these cases. */
4367 notokay = check_for_overlaps (fieldstack);
4371 if (VEC_length (fieldoff_s, fieldstack) != 0)
4372 fo = VEC_index (fieldoff_s, fieldstack, 0);
4374 if (fo == NULL || notokay)
4376 vi->is_unknown_size_var = 1;
4379 vi->is_full_var = true;
4380 VEC_free (fieldoff_s, heap, fieldstack);
4384 vi->size = fo->size;
4385 vi->offset = fo->offset;
4386 vi->may_have_pointers = fo->may_have_pointers;
4387 for (i = VEC_length (fieldoff_s, fieldstack) - 1;
4388 i >= 1 && VEC_iterate (fieldoff_s, fieldstack, i, fo);
4392 const char *newname = "NULL";
4395 newindex = VEC_length (varinfo_t, varmap);
4398 asprintf (&tempname, "%s." HOST_WIDE_INT_PRINT_DEC
4399 "+" HOST_WIDE_INT_PRINT_DEC,
4400 vi->name, fo->offset, fo->size);
4401 newname = ggc_strdup (tempname);
4404 newvi = new_var_info (decl, newindex, newname);
4405 newvi->offset = fo->offset;
4406 newvi->size = fo->size;
4407 newvi->fullsize = vi->fullsize;
4408 newvi->may_have_pointers = fo->may_have_pointers;
4409 insert_into_field_list (vi, newvi);
4410 VEC_safe_push (varinfo_t, heap, varmap, newvi);
4411 if (is_global && (!flag_whole_program || !in_ipa_mode)
4412 && newvi->may_have_pointers)
4413 make_copy_constraint (newvi, nonlocal_id);
4419 vi->is_full_var = true;
4421 VEC_free (fieldoff_s, heap, fieldstack);
4426 /* Print out the points-to solution for VAR to FILE. */
4429 dump_solution_for_var (FILE *file, unsigned int var)
4431 varinfo_t vi = get_varinfo (var);
4435 if (find (var) != var)
4437 varinfo_t vipt = get_varinfo (find (var));
4438 fprintf (file, "%s = same as %s\n", vi->name, vipt->name);
4442 fprintf (file, "%s = { ", vi->name);
4443 EXECUTE_IF_SET_IN_BITMAP (vi->solution, 0, i, bi)
4445 fprintf (file, "%s ", get_varinfo (i)->name);
4447 fprintf (file, "}");
4448 if (vi->no_tbaa_pruning)
4449 fprintf (file, " no-tbaa-pruning");
4450 fprintf (file, "\n");
4454 /* Print the points-to solution for VAR to stdout. */
4457 debug_solution_for_var (unsigned int var)
4459 dump_solution_for_var (stdout, var);
4462 /* Create varinfo structures for all of the variables in the
4463 function for intraprocedural mode. */
4466 intra_create_variable_infos (void)
4469 struct constraint_expr lhs, rhs;
4471 /* For each incoming pointer argument arg, create the constraint ARG
4472 = NONLOCAL or a dummy variable if flag_argument_noalias is set. */
4473 for (t = DECL_ARGUMENTS (current_function_decl); t; t = TREE_CHAIN (t))
4477 if (!could_have_pointers (t))
4480 /* If flag_argument_noalias is set, then function pointer
4481 arguments are guaranteed not to point to each other. In that
4482 case, create an artificial variable PARM_NOALIAS and the
4483 constraint ARG = &PARM_NOALIAS. */
4484 if (POINTER_TYPE_P (TREE_TYPE (t)) && flag_argument_noalias > 0)
4487 tree heapvar = heapvar_lookup (t);
4491 lhs.var = get_vi_for_tree (t)->id;
4493 if (heapvar == NULL_TREE)
4496 heapvar = create_tmp_var_raw (ptr_type_node,
4498 DECL_EXTERNAL (heapvar) = 1;
4499 if (gimple_referenced_vars (cfun))
4500 add_referenced_var (heapvar);
4502 heapvar_insert (t, heapvar);
4504 ann = get_var_ann (heapvar);
4505 ann->is_heapvar = 1;
4506 if (flag_argument_noalias == 1)
4507 ann->noalias_state = NO_ALIAS;
4508 else if (flag_argument_noalias == 2)
4509 ann->noalias_state = NO_ALIAS_GLOBAL;
4510 else if (flag_argument_noalias == 3)
4511 ann->noalias_state = NO_ALIAS_ANYTHING;
4516 vi = get_vi_for_tree (heapvar);
4517 vi->is_artificial_var = 1;
4518 vi->is_heap_var = 1;
4519 vi->is_unknown_size_var = true;
4523 rhs.type = ADDRESSOF;
4525 for (p = get_varinfo (lhs.var); p; p = p->next)
4527 struct constraint_expr temp = lhs;
4529 process_constraint (new_constraint (temp, rhs));
4534 varinfo_t arg_vi = get_vi_for_tree (t);
4536 for (p = arg_vi; p; p = p->next)
4537 make_constraint_from (p, nonlocal_id);
4541 /* Add a constraint for a result decl that is passed by reference. */
4542 if (DECL_RESULT (cfun->decl)
4543 && DECL_BY_REFERENCE (DECL_RESULT (cfun->decl)))
4545 varinfo_t p, result_vi = get_vi_for_tree (DECL_RESULT (cfun->decl));
4547 for (p = result_vi; p; p = p->next)
4548 make_constraint_from (p, nonlocal_id);
4551 /* Add a constraint for the incoming static chain parameter. */
4552 if (cfun->static_chain_decl != NULL_TREE)
4554 varinfo_t p, chain_vi = get_vi_for_tree (cfun->static_chain_decl);
4556 for (p = chain_vi; p; p = p->next)
4557 make_constraint_from (p, nonlocal_id);
4561 /* Structure used to put solution bitmaps in a hashtable so they can
4562 be shared among variables with the same points-to set. */
4564 typedef struct shared_bitmap_info
4568 } *shared_bitmap_info_t;
4569 typedef const struct shared_bitmap_info *const_shared_bitmap_info_t;
4571 static htab_t shared_bitmap_table;
4573 /* Hash function for a shared_bitmap_info_t */
4576 shared_bitmap_hash (const void *p)
4578 const_shared_bitmap_info_t const bi = (const_shared_bitmap_info_t) p;
4579 return bi->hashcode;
4582 /* Equality function for two shared_bitmap_info_t's. */
4585 shared_bitmap_eq (const void *p1, const void *p2)
4587 const_shared_bitmap_info_t const sbi1 = (const_shared_bitmap_info_t) p1;
4588 const_shared_bitmap_info_t const sbi2 = (const_shared_bitmap_info_t) p2;
4589 return bitmap_equal_p (sbi1->pt_vars, sbi2->pt_vars);
4592 /* Lookup a bitmap in the shared bitmap hashtable, and return an already
4593 existing instance if there is one, NULL otherwise. */
4596 shared_bitmap_lookup (bitmap pt_vars)
4599 struct shared_bitmap_info sbi;
4601 sbi.pt_vars = pt_vars;
4602 sbi.hashcode = bitmap_hash (pt_vars);
4604 slot = htab_find_slot_with_hash (shared_bitmap_table, &sbi,
4605 sbi.hashcode, NO_INSERT);
4609 return ((shared_bitmap_info_t) *slot)->pt_vars;
4613 /* Add a bitmap to the shared bitmap hashtable. */
4616 shared_bitmap_add (bitmap pt_vars)
4619 shared_bitmap_info_t sbi = XNEW (struct shared_bitmap_info);
4621 sbi->pt_vars = pt_vars;
4622 sbi->hashcode = bitmap_hash (pt_vars);
4624 slot = htab_find_slot_with_hash (shared_bitmap_table, sbi,
4625 sbi->hashcode, INSERT);
4626 gcc_assert (!*slot);
4627 *slot = (void *) sbi;
4631 /* Set bits in INTO corresponding to the variable uids in solution set FROM.
4632 If MEM_ALIAS_SET is not zero, we also use type based alias analysis to
4633 prune the points-to sets with this alias-set.
4634 Returns the number of pruned variables and updates the vars_contains_global
4638 set_uids_in_ptset (bitmap into, bitmap from,
4639 alias_set_type mem_alias_set, struct pt_solution *pt)
4643 unsigned pruned = 0;
4645 EXECUTE_IF_SET_IN_BITMAP (from, 0, i, bi)
4647 varinfo_t vi = get_varinfo (i);
4649 /* The only artificial variables that are allowed in a may-alias
4650 set are heap variables. */
4651 if (vi->is_artificial_var && !vi->is_heap_var)
4654 if (TREE_CODE (vi->decl) == VAR_DECL
4655 || TREE_CODE (vi->decl) == PARM_DECL
4656 || TREE_CODE (vi->decl) == RESULT_DECL)
4658 /* Don't type prune artificial vars or points-to sets
4659 for pointers that have not been dereferenced or with
4660 type-based pruning disabled. */
4661 if (!vi->is_artificial_var
4662 && !vi->no_tbaa_pruning
4663 && mem_alias_set != 0)
4665 alias_set_type var_alias_set = get_alias_set (vi->decl);
4666 if (mem_alias_set != var_alias_set
4667 && !alias_set_subset_of (mem_alias_set, var_alias_set))
4674 /* Add the decl to the points-to set. Note that the points-to
4675 set contains global variables. */
4676 bitmap_set_bit (into, DECL_UID (vi->decl));
4677 if (is_global_var (vi->decl))
4678 pt->vars_contains_global = true;
4686 static bool have_alias_info = false;
4688 /* Emit a note for the pointer initialization point DEF. */
4691 emit_pointer_definition (tree ptr, bitmap visited)
4693 gimple def = SSA_NAME_DEF_STMT (ptr);
4694 if (gimple_code (def) == GIMPLE_PHI)
4699 FOR_EACH_PHI_ARG (argp, def, oi, SSA_OP_USE)
4701 tree arg = USE_FROM_PTR (argp);
4702 if (TREE_CODE (arg) == SSA_NAME)
4704 if (bitmap_set_bit (visited, SSA_NAME_VERSION (arg)))
4705 emit_pointer_definition (arg, visited);
4708 inform (0, "initialized from %qE", arg);
4711 else if (!gimple_nop_p (def))
4712 inform (gimple_location (def), "initialized from here");
4715 /* Emit a strict aliasing warning for dereferencing the pointer PTR. */
4718 emit_alias_warning (tree ptr)
4721 imm_use_iterator ui;
4722 bool warned = false;
4724 FOR_EACH_IMM_USE_STMT (use, ui, ptr)
4726 tree deref = NULL_TREE;
4728 if (gimple_has_lhs (use))
4730 tree lhs = get_base_address (gimple_get_lhs (use));
4732 && INDIRECT_REF_P (lhs)
4733 && TREE_OPERAND (lhs, 0) == ptr)
4736 if (gimple_assign_single_p (use))
4738 tree rhs = get_base_address (gimple_assign_rhs1 (use));
4740 && INDIRECT_REF_P (rhs)
4741 && TREE_OPERAND (rhs, 0) == ptr)
4744 else if (is_gimple_call (use))
4747 for (i = 0; i < gimple_call_num_args (use); ++i)
4749 tree op = get_base_address (gimple_call_arg (use, i));
4751 && INDIRECT_REF_P (op)
4752 && TREE_OPERAND (op, 0) == ptr)
4757 && !TREE_NO_WARNING (deref))
4759 TREE_NO_WARNING (deref) = 1;
4760 warned |= warning_at (gimple_location (use), OPT_Wstrict_aliasing,
4761 "dereferencing pointer %qD does break "
4762 "strict-aliasing rules", SSA_NAME_VAR (ptr));
4767 bitmap visited = BITMAP_ALLOC (NULL);
4768 emit_pointer_definition (ptr, visited);
4769 BITMAP_FREE (visited);
4773 /* Compute the points-to solution *PT for the variable VI.
4774 Prunes the points-to set based on TBAA rules if DO_TBAA_PRUNING
4775 is true. Returns the number of TBAA pruned variables from the
4779 find_what_var_points_to (varinfo_t vi, struct pt_solution *pt,
4780 bool do_tbaa_pruning)
4782 unsigned int i, pruned;
4784 bitmap finished_solution;
4786 tree ptr = vi->decl;
4787 alias_set_type mem_alias_set;
4789 memset (pt, 0, sizeof (struct pt_solution));
4791 /* This variable may have been collapsed, let's get the real
4793 vi = get_varinfo (find (vi->id));
4795 /* Translate artificial variables into SSA_NAME_PTR_INFO
4797 EXECUTE_IF_SET_IN_BITMAP (vi->solution, 0, i, bi)
4799 varinfo_t vi = get_varinfo (i);
4801 if (vi->is_artificial_var)
4803 if (vi->id == nothing_id)
4805 else if (vi->id == escaped_id)
4807 else if (vi->id == callused_id)
4809 else if (vi->id == nonlocal_id)
4811 else if (vi->is_heap_var)
4812 /* We represent heapvars in the points-to set properly. */
4814 else if (vi->id == anything_id
4815 || vi->id == readonly_id
4816 || vi->id == integer_id)
4821 /* Instead of doing extra work, simply do not create
4822 elaborate points-to information for pt_anything pointers. */
4826 /* Share the final set of variables when possible. */
4827 finished_solution = BITMAP_GGC_ALLOC ();
4828 stats.points_to_sets_created++;
4830 if (TREE_CODE (ptr) == SSA_NAME)
4831 ptr = SSA_NAME_VAR (ptr);
4833 /* If the pointer decl is marked that no TBAA is to be applied,
4834 do not do tbaa pruning. */
4835 if (!do_tbaa_pruning
4836 || DECL_NO_TBAA_P (ptr))
4839 mem_alias_set = get_deref_alias_set (ptr);
4840 pruned = set_uids_in_ptset (finished_solution, vi->solution,
4842 result = shared_bitmap_lookup (finished_solution);
4845 shared_bitmap_add (finished_solution);
4846 pt->vars = finished_solution;
4851 bitmap_clear (finished_solution);
4857 /* Given a pointer variable P, fill in its points-to set. Apply
4858 type-based pruning if IS_DEREFERENCED is true. */
4861 find_what_p_points_to (tree p, bool is_dereferenced)
4863 struct ptr_info_def *pi;
4864 unsigned int pruned;
4868 /* For parameters, get at the points-to set for the actual parm
4870 if (TREE_CODE (p) == SSA_NAME
4871 && TREE_CODE (SSA_NAME_VAR (p)) == PARM_DECL
4872 && SSA_NAME_IS_DEFAULT_DEF (p))
4873 lookup_p = SSA_NAME_VAR (p);
4875 vi = lookup_vi_for_tree (lookup_p);
4879 pi = get_ptr_info (p);
4880 pruned = find_what_var_points_to (vi, &pi->pt, is_dereferenced);
4882 if (!(pi->pt.anything || pi->pt.nonlocal || pi->pt.escaped)
4883 && bitmap_empty_p (pi->pt.vars)
4886 && warn_strict_aliasing > 0
4887 && !SSA_NAME_IS_DEFAULT_DEF (p))
4889 if (dump_file && dump_flags & TDF_DETAILS)
4891 fprintf (dump_file, "alias warning for ");
4892 print_generic_expr (dump_file, p, 0);
4893 fprintf (dump_file, "\n");
4895 emit_alias_warning (p);
4900 /* Query statistics for points-to solutions. */
4903 unsigned HOST_WIDE_INT pt_solution_includes_may_alias;
4904 unsigned HOST_WIDE_INT pt_solution_includes_no_alias;
4905 unsigned HOST_WIDE_INT pt_solutions_intersect_may_alias;
4906 unsigned HOST_WIDE_INT pt_solutions_intersect_no_alias;
4910 dump_pta_stats (FILE *s)
4912 fprintf (s, "\nPTA query stats:\n");
4913 fprintf (s, " pt_solution_includes: "
4914 HOST_WIDE_INT_PRINT_DEC" disambiguations, "
4915 HOST_WIDE_INT_PRINT_DEC" queries\n",
4916 pta_stats.pt_solution_includes_no_alias,
4917 pta_stats.pt_solution_includes_no_alias
4918 + pta_stats.pt_solution_includes_may_alias);
4919 fprintf (s, " pt_solutions_intersect: "
4920 HOST_WIDE_INT_PRINT_DEC" disambiguations, "
4921 HOST_WIDE_INT_PRINT_DEC" queries\n",
4922 pta_stats.pt_solutions_intersect_no_alias,
4923 pta_stats.pt_solutions_intersect_no_alias
4924 + pta_stats.pt_solutions_intersect_may_alias);
4928 /* Reset the points-to solution *PT to a conservative default
4929 (point to anything). */
4932 pt_solution_reset (struct pt_solution *pt)
4934 memset (pt, 0, sizeof (struct pt_solution));
4935 pt->anything = true;
4938 /* Return true if the points-to solution *PT is empty. */
4941 pt_solution_empty_p (struct pt_solution *pt)
4948 && !bitmap_empty_p (pt->vars))
4951 /* If the solution includes ESCAPED, check if that is empty. */
4953 && !pt_solution_empty_p (&cfun->gimple_df->escaped))
4959 /* Return true if the points-to solution *PT includes global memory. */
4962 pt_solution_includes_global (struct pt_solution *pt)
4966 || pt->vars_contains_global)
4970 return pt_solution_includes_global (&cfun->gimple_df->escaped);
4975 /* Return true if the points-to solution *PT includes the variable
4976 declaration DECL. */
4979 pt_solution_includes_1 (struct pt_solution *pt, const_tree decl)
4985 && is_global_var (decl))
4989 && bitmap_bit_p (pt->vars, DECL_UID (decl)))
4992 /* If the solution includes ESCAPED, check it. */
4994 && pt_solution_includes_1 (&cfun->gimple_df->escaped, decl))
5001 pt_solution_includes (struct pt_solution *pt, const_tree decl)
5003 bool res = pt_solution_includes_1 (pt, decl);
5005 ++pta_stats.pt_solution_includes_may_alias;
5007 ++pta_stats.pt_solution_includes_no_alias;
5011 /* Return true if both points-to solutions PT1 and PT2 have a non-empty
5015 pt_solutions_intersect_1 (struct pt_solution *pt1, struct pt_solution *pt2)
5017 if (pt1->anything || pt2->anything)
5020 /* If either points to unknown global memory and the other points to
5021 any global memory they alias. */
5024 || pt2->vars_contains_global))
5026 && pt1->vars_contains_global))
5029 /* Check the escaped solution if required. */
5030 if ((pt1->escaped || pt2->escaped)
5031 && !pt_solution_empty_p (&cfun->gimple_df->escaped))
5033 /* If both point to escaped memory and that solution
5034 is not empty they alias. */
5035 if (pt1->escaped && pt2->escaped)
5038 /* If either points to escaped memory see if the escaped solution
5039 intersects with the other. */
5041 && pt_solutions_intersect_1 (&cfun->gimple_df->escaped, pt2))
5043 && pt_solutions_intersect_1 (&cfun->gimple_df->escaped, pt1)))
5047 /* Now both pointers alias if their points-to solution intersects. */
5050 && bitmap_intersect_p (pt1->vars, pt2->vars));
5054 pt_solutions_intersect (struct pt_solution *pt1, struct pt_solution *pt2)
5056 bool res = pt_solutions_intersect_1 (pt1, pt2);
5058 ++pta_stats.pt_solutions_intersect_may_alias;
5060 ++pta_stats.pt_solutions_intersect_no_alias;
5065 /* Dump points-to information to OUTFILE. */
5068 dump_sa_points_to_info (FILE *outfile)
5072 fprintf (outfile, "\nPoints-to sets\n\n");
5074 if (dump_flags & TDF_STATS)
5076 fprintf (outfile, "Stats:\n");
5077 fprintf (outfile, "Total vars: %d\n", stats.total_vars);
5078 fprintf (outfile, "Non-pointer vars: %d\n",
5079 stats.nonpointer_vars);
5080 fprintf (outfile, "Statically unified vars: %d\n",
5081 stats.unified_vars_static);
5082 fprintf (outfile, "Dynamically unified vars: %d\n",
5083 stats.unified_vars_dynamic);
5084 fprintf (outfile, "Iterations: %d\n", stats.iterations);
5085 fprintf (outfile, "Number of edges: %d\n", stats.num_edges);
5086 fprintf (outfile, "Number of implicit edges: %d\n",
5087 stats.num_implicit_edges);
5090 for (i = 0; i < VEC_length (varinfo_t, varmap); i++)
5091 dump_solution_for_var (outfile, i);
5095 /* Debug points-to information to stderr. */
5098 debug_sa_points_to_info (void)
5100 dump_sa_points_to_info (stderr);
5104 /* Initialize the always-existing constraint variables for NULL
5105 ANYTHING, READONLY, and INTEGER */
5108 init_base_vars (void)
5110 struct constraint_expr lhs, rhs;
5112 /* Create the NULL variable, used to represent that a variable points
5114 nothing_tree = create_tmp_var_raw (void_type_node, "NULL");
5115 var_nothing = new_var_info (nothing_tree, nothing_id, "NULL");
5116 insert_vi_for_tree (nothing_tree, var_nothing);
5117 var_nothing->is_artificial_var = 1;
5118 var_nothing->offset = 0;
5119 var_nothing->size = ~0;
5120 var_nothing->fullsize = ~0;
5121 var_nothing->is_special_var = 1;
5122 VEC_safe_push (varinfo_t, heap, varmap, var_nothing);
5124 /* Create the ANYTHING variable, used to represent that a variable
5125 points to some unknown piece of memory. */
5126 anything_tree = create_tmp_var_raw (ptr_type_node, "ANYTHING");
5127 var_anything = new_var_info (anything_tree, anything_id, "ANYTHING");
5128 insert_vi_for_tree (anything_tree, var_anything);
5129 var_anything->is_artificial_var = 1;
5130 var_anything->size = ~0;
5131 var_anything->offset = 0;
5132 var_anything->next = NULL;
5133 var_anything->fullsize = ~0;
5134 var_anything->is_special_var = 1;
5136 /* Anything points to anything. This makes deref constraints just
5137 work in the presence of linked list and other p = *p type loops,
5138 by saying that *ANYTHING = ANYTHING. */
5139 VEC_safe_push (varinfo_t, heap, varmap, var_anything);
5141 lhs.var = anything_id;
5143 rhs.type = ADDRESSOF;
5144 rhs.var = anything_id;
5147 /* This specifically does not use process_constraint because
5148 process_constraint ignores all anything = anything constraints, since all
5149 but this one are redundant. */
5150 VEC_safe_push (constraint_t, heap, constraints, new_constraint (lhs, rhs));
5152 /* Create the READONLY variable, used to represent that a variable
5153 points to readonly memory. */
5154 readonly_tree = create_tmp_var_raw (ptr_type_node, "READONLY");
5155 var_readonly = new_var_info (readonly_tree, readonly_id, "READONLY");
5156 var_readonly->is_artificial_var = 1;
5157 var_readonly->offset = 0;
5158 var_readonly->size = ~0;
5159 var_readonly->fullsize = ~0;
5160 var_readonly->next = NULL;
5161 var_readonly->is_special_var = 1;
5162 insert_vi_for_tree (readonly_tree, var_readonly);
5163 VEC_safe_push (varinfo_t, heap, varmap, var_readonly);
5165 /* readonly memory points to anything, in order to make deref
5166 easier. In reality, it points to anything the particular
5167 readonly variable can point to, but we don't track this
5170 lhs.var = readonly_id;
5172 rhs.type = ADDRESSOF;
5173 rhs.var = readonly_id; /* FIXME */
5175 process_constraint (new_constraint (lhs, rhs));
5177 /* Create the ESCAPED variable, used to represent the set of escaped
5179 escaped_tree = create_tmp_var_raw (ptr_type_node, "ESCAPED");
5180 var_escaped = new_var_info (escaped_tree, escaped_id, "ESCAPED");
5181 insert_vi_for_tree (escaped_tree, var_escaped);
5182 var_escaped->is_artificial_var = 1;
5183 var_escaped->offset = 0;
5184 var_escaped->size = ~0;
5185 var_escaped->fullsize = ~0;
5186 var_escaped->is_special_var = 0;
5187 VEC_safe_push (varinfo_t, heap, varmap, var_escaped);
5188 gcc_assert (VEC_index (varinfo_t, varmap, 3) == var_escaped);
5190 /* Create the NONLOCAL variable, used to represent the set of nonlocal
5192 nonlocal_tree = create_tmp_var_raw (ptr_type_node, "NONLOCAL");
5193 var_nonlocal = new_var_info (nonlocal_tree, nonlocal_id, "NONLOCAL");
5194 insert_vi_for_tree (nonlocal_tree, var_nonlocal);
5195 var_nonlocal->is_artificial_var = 1;
5196 var_nonlocal->offset = 0;
5197 var_nonlocal->size = ~0;
5198 var_nonlocal->fullsize = ~0;
5199 var_nonlocal->is_special_var = 1;
5200 VEC_safe_push (varinfo_t, heap, varmap, var_nonlocal);
5202 /* ESCAPED = *ESCAPED, because escaped is may-deref'd at calls, etc. */
5204 lhs.var = escaped_id;
5207 rhs.var = escaped_id;
5209 process_constraint (new_constraint (lhs, rhs));
5211 /* ESCAPED = ESCAPED + UNKNOWN_OFFSET, because if a sub-field escapes the
5212 whole variable escapes. */
5214 lhs.var = escaped_id;
5217 rhs.var = escaped_id;
5218 rhs.offset = UNKNOWN_OFFSET;
5219 process_constraint (new_constraint (lhs, rhs));
5221 /* *ESCAPED = NONLOCAL. This is true because we have to assume
5222 everything pointed to by escaped points to what global memory can
5225 lhs.var = escaped_id;
5228 rhs.var = nonlocal_id;
5230 process_constraint (new_constraint (lhs, rhs));
5232 /* NONLOCAL = &NONLOCAL, NONLOCAL = &ESCAPED. This is true because
5233 global memory may point to global memory and escaped memory. */
5235 lhs.var = nonlocal_id;
5237 rhs.type = ADDRESSOF;
5238 rhs.var = nonlocal_id;
5240 process_constraint (new_constraint (lhs, rhs));
5241 rhs.type = ADDRESSOF;
5242 rhs.var = escaped_id;
5244 process_constraint (new_constraint (lhs, rhs));
5246 /* Create the CALLUSED variable, used to represent the set of call-used
5248 callused_tree = create_tmp_var_raw (ptr_type_node, "CALLUSED");
5249 var_callused = new_var_info (callused_tree, callused_id, "CALLUSED");
5250 insert_vi_for_tree (callused_tree, var_callused);
5251 var_callused->is_artificial_var = 1;
5252 var_callused->offset = 0;
5253 var_callused->size = ~0;
5254 var_callused->fullsize = ~0;
5255 var_callused->is_special_var = 0;
5256 VEC_safe_push (varinfo_t, heap, varmap, var_callused);
5258 /* CALLUSED = *CALLUSED, because call-used is may-deref'd at calls, etc. */
5260 lhs.var = callused_id;
5263 rhs.var = callused_id;
5265 process_constraint (new_constraint (lhs, rhs));
5267 /* CALLUSED = CALLUSED + UNKNOWN, because if a sub-field is call-used the
5268 whole variable is call-used. */
5270 lhs.var = callused_id;
5273 rhs.var = callused_id;
5274 rhs.offset = UNKNOWN_OFFSET;
5275 process_constraint (new_constraint (lhs, rhs));
5277 /* Create the STOREDANYTHING variable, used to represent the set of
5278 variables stored to *ANYTHING. */
5279 storedanything_tree = create_tmp_var_raw (ptr_type_node, "STOREDANYTHING");
5280 var_storedanything = new_var_info (storedanything_tree, storedanything_id,
5282 insert_vi_for_tree (storedanything_tree, var_storedanything);
5283 var_storedanything->is_artificial_var = 1;
5284 var_storedanything->offset = 0;
5285 var_storedanything->size = ~0;
5286 var_storedanything->fullsize = ~0;
5287 var_storedanything->is_special_var = 0;
5288 VEC_safe_push (varinfo_t, heap, varmap, var_storedanything);
5290 /* Create the INTEGER variable, used to represent that a variable points
5291 to what an INTEGER "points to". */
5292 integer_tree = create_tmp_var_raw (ptr_type_node, "INTEGER");
5293 var_integer = new_var_info (integer_tree, integer_id, "INTEGER");
5294 insert_vi_for_tree (integer_tree, var_integer);
5295 var_integer->is_artificial_var = 1;
5296 var_integer->size = ~0;
5297 var_integer->fullsize = ~0;
5298 var_integer->offset = 0;
5299 var_integer->next = NULL;
5300 var_integer->is_special_var = 1;
5301 VEC_safe_push (varinfo_t, heap, varmap, var_integer);
5303 /* INTEGER = ANYTHING, because we don't know where a dereference of
5304 a random integer will point to. */
5306 lhs.var = integer_id;
5308 rhs.type = ADDRESSOF;
5309 rhs.var = anything_id;
5311 process_constraint (new_constraint (lhs, rhs));
5314 /* Initialize things necessary to perform PTA */
5317 init_alias_vars (void)
5319 use_field_sensitive = (MAX_FIELDS_FOR_FIELD_SENSITIVE > 1);
5321 bitmap_obstack_initialize (&pta_obstack);
5322 bitmap_obstack_initialize (&oldpta_obstack);
5323 bitmap_obstack_initialize (&predbitmap_obstack);
5325 constraint_pool = create_alloc_pool ("Constraint pool",
5326 sizeof (struct constraint), 30);
5327 variable_info_pool = create_alloc_pool ("Variable info pool",
5328 sizeof (struct variable_info), 30);
5329 constraints = VEC_alloc (constraint_t, heap, 8);
5330 varmap = VEC_alloc (varinfo_t, heap, 8);
5331 vi_for_tree = pointer_map_create ();
5333 memset (&stats, 0, sizeof (stats));
5334 shared_bitmap_table = htab_create (511, shared_bitmap_hash,
5335 shared_bitmap_eq, free);
5339 /* Remove the REF and ADDRESS edges from GRAPH, as well as all the
5340 predecessor edges. */
5343 remove_preds_and_fake_succs (constraint_graph_t graph)
5347 /* Clear the implicit ref and address nodes from the successor
5349 for (i = 0; i < FIRST_REF_NODE; i++)
5351 if (graph->succs[i])
5352 bitmap_clear_range (graph->succs[i], FIRST_REF_NODE,
5353 FIRST_REF_NODE * 2);
5356 /* Free the successor list for the non-ref nodes. */
5357 for (i = FIRST_REF_NODE; i < graph->size; i++)
5359 if (graph->succs[i])
5360 BITMAP_FREE (graph->succs[i]);
5363 /* Now reallocate the size of the successor list as, and blow away
5364 the predecessor bitmaps. */
5365 graph->size = VEC_length (varinfo_t, varmap);
5366 graph->succs = XRESIZEVEC (bitmap, graph->succs, graph->size);
5368 free (graph->implicit_preds);
5369 graph->implicit_preds = NULL;
5370 free (graph->preds);
5371 graph->preds = NULL;
5372 bitmap_obstack_release (&predbitmap_obstack);
5375 /* Compute the set of variables we can't TBAA prune. */
5378 compute_tbaa_pruning (void)
5380 unsigned int size = VEC_length (varinfo_t, varmap);
5385 changed = sbitmap_alloc (size);
5386 sbitmap_zero (changed);
5388 /* Mark all initial no_tbaa_pruning nodes as changed. */
5390 for (i = 0; i < size; ++i)
5392 varinfo_t ivi = get_varinfo (i);
5394 if (find (i) == i && ivi->no_tbaa_pruning)
5397 if ((graph->succs[i] && !bitmap_empty_p (graph->succs[i]))
5398 || VEC_length (constraint_t, graph->complex[i]) > 0)
5400 SET_BIT (changed, i);
5406 while (changed_count > 0)
5408 struct topo_info *ti = init_topo_info ();
5411 compute_topo_order (graph, ti);
5413 while (VEC_length (unsigned, ti->topo_order) != 0)
5417 i = VEC_pop (unsigned, ti->topo_order);
5419 /* If this variable is not a representative, skip it. */
5423 /* If the node has changed, we need to process the complex
5424 constraints and outgoing edges again. */
5425 if (TEST_BIT (changed, i))
5429 VEC(constraint_t,heap) *complex = graph->complex[i];
5431 RESET_BIT (changed, i);
5434 /* Process the complex copy constraints. */
5435 for (j = 0; VEC_iterate (constraint_t, complex, j, c); ++j)
5437 if (c->lhs.type == SCALAR && c->rhs.type == SCALAR)
5439 varinfo_t lhsvi = get_varinfo (find (c->lhs.var));
5441 if (!lhsvi->no_tbaa_pruning)
5443 lhsvi->no_tbaa_pruning = true;
5444 if (!TEST_BIT (changed, lhsvi->id))
5446 SET_BIT (changed, lhsvi->id);
5453 /* Propagate to all successors. */
5454 EXECUTE_IF_IN_NONNULL_BITMAP (graph->succs[i], 0, j, bi)
5456 unsigned int to = find (j);
5457 varinfo_t tovi = get_varinfo (to);
5459 /* Don't propagate to ourselves. */
5463 if (!tovi->no_tbaa_pruning)
5465 tovi->no_tbaa_pruning = true;
5466 if (!TEST_BIT (changed, to))
5468 SET_BIT (changed, to);
5476 free_topo_info (ti);
5479 sbitmap_free (changed);
5483 for (i = 0; i < size; ++i)
5485 varinfo_t ivi = get_varinfo (i);
5486 varinfo_t ivip = get_varinfo (find (i));
5488 if (ivip->no_tbaa_pruning)
5490 tree var = ivi->decl;
5492 if (TREE_CODE (var) == SSA_NAME)
5493 var = SSA_NAME_VAR (var);
5495 if (POINTER_TYPE_P (TREE_TYPE (var)))
5497 DECL_NO_TBAA_P (var) = 1;
5499 /* Tell the RTL layer that this pointer can alias
5501 DECL_POINTER_ALIAS_SET (var) = 0;
5508 /* Initialize the heapvar for statement mapping. */
5511 init_alias_heapvars (void)
5513 if (!heapvar_for_stmt)
5514 heapvar_for_stmt = htab_create_ggc (11, tree_map_hash, tree_map_eq,
5518 /* Delete the heapvar for statement mapping. */
5521 delete_alias_heapvars (void)
5523 if (heapvar_for_stmt)
5524 htab_delete (heapvar_for_stmt);
5525 heapvar_for_stmt = NULL;
5528 /* Create points-to sets for the current function. See the comments
5529 at the start of the file for an algorithmic overview. */
5532 compute_points_to_sets (void)
5534 struct scc_info *si;
5537 sbitmap dereferenced_ptrs;
5539 timevar_push (TV_TREE_PTA);
5542 init_alias_heapvars ();
5544 intra_create_variable_infos ();
5546 /* A bitmap of SSA_NAME pointers that are dereferenced. This is
5547 used to track which points-to sets may be TBAA pruned. */
5548 dereferenced_ptrs = sbitmap_alloc (num_ssa_names);
5549 sbitmap_zero (dereferenced_ptrs);
5551 /* Now walk all statements and derive aliases. */
5554 gimple_stmt_iterator gsi;
5556 for (gsi = gsi_start_phis (bb); !gsi_end_p (gsi); gsi_next (&gsi))
5558 gimple phi = gsi_stmt (gsi);
5560 if (is_gimple_reg (gimple_phi_result (phi)))
5561 find_func_aliases (phi);
5564 for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi); gsi_next (&gsi))
5566 gimple stmt = gsi_stmt (gsi);
5567 use_operand_p use_p;
5570 /* Mark dereferenced pointers. This is used by TBAA pruning
5571 of the points-to sets and the alias warning machinery. */
5572 FOR_EACH_SSA_USE_OPERAND (use_p, stmt, iter, SSA_OP_USE)
5574 unsigned num_uses, num_loads, num_stores;
5575 tree op = USE_FROM_PTR (use_p);
5577 if (!POINTER_TYPE_P (TREE_TYPE (op)))
5580 /* Determine whether OP is a dereferenced pointer. */
5581 count_uses_and_derefs (op, stmt,
5582 &num_uses, &num_loads, &num_stores);
5583 if (num_loads + num_stores > 0)
5584 SET_BIT (dereferenced_ptrs, SSA_NAME_VERSION (op));
5587 find_func_aliases (stmt);
5594 fprintf (dump_file, "Points-to analysis\n\nConstraints:\n\n");
5595 dump_constraints (dump_file);
5600 "\nCollapsing static cycles and doing variable "
5603 init_graph (VEC_length (varinfo_t, varmap) * 2);
5606 fprintf (dump_file, "Building predecessor graph\n");
5607 build_pred_graph ();
5610 fprintf (dump_file, "Detecting pointer and location "
5612 si = perform_var_substitution (graph);
5615 fprintf (dump_file, "Rewriting constraints and unifying "
5617 rewrite_constraints (graph, si);
5619 build_succ_graph ();
5620 free_var_substitution_info (si);
5622 if (dump_file && (dump_flags & TDF_GRAPH))
5623 dump_constraint_graph (dump_file);
5625 move_complex_constraints (graph);
5628 fprintf (dump_file, "Uniting pointer but not location equivalent "
5630 unite_pointer_equivalences (graph);
5633 fprintf (dump_file, "Finding indirect cycles\n");
5634 find_indirect_cycles (graph);
5636 /* Implicit nodes and predecessors are no longer necessary at this
5638 remove_preds_and_fake_succs (graph);
5641 fprintf (dump_file, "Solving graph\n");
5643 solve_graph (graph);
5645 compute_tbaa_pruning ();
5648 dump_sa_points_to_info (dump_file);
5650 /* Compute the points-to sets for ESCAPED and CALLUSED used for
5651 call-clobber analysis. */
5652 find_what_var_points_to (var_escaped, &cfun->gimple_df->escaped, false);
5653 find_what_var_points_to (var_callused, &cfun->gimple_df->callused, false);
5655 /* Make sure the ESCAPED solution (which is used as placeholder in
5656 other solutions) does not reference itself. This simplifies
5657 points-to solution queries. */
5658 cfun->gimple_df->escaped.escaped = 0;
5660 /* Compute the points-to sets for pointer SSA_NAMEs. */
5661 for (i = 0; i < num_ssa_names; ++i)
5663 tree ptr = ssa_name (i);
5665 && POINTER_TYPE_P (TREE_TYPE (ptr)))
5666 find_what_p_points_to (ptr, TEST_BIT (dereferenced_ptrs, i));
5668 sbitmap_free (dereferenced_ptrs);
5670 timevar_pop (TV_TREE_PTA);
5672 have_alias_info = true;
5676 /* Delete created points-to sets. */
5679 delete_points_to_sets (void)
5683 htab_delete (shared_bitmap_table);
5684 if (dump_file && (dump_flags & TDF_STATS))
5685 fprintf (dump_file, "Points to sets created:%d\n",
5686 stats.points_to_sets_created);
5688 pointer_map_destroy (vi_for_tree);
5689 bitmap_obstack_release (&pta_obstack);
5690 VEC_free (constraint_t, heap, constraints);
5692 for (i = 0; i < graph->size; i++)
5693 VEC_free (constraint_t, heap, graph->complex[i]);
5694 free (graph->complex);
5697 free (graph->succs);
5699 free (graph->pe_rep);
5700 free (graph->indirect_cycles);
5703 VEC_free (varinfo_t, heap, varmap);
5704 free_alloc_pool (variable_info_pool);
5705 free_alloc_pool (constraint_pool);
5706 have_alias_info = false;
5710 /* Compute points-to information for every SSA_NAME pointer in the
5711 current function and compute the transitive closure of escaped
5712 variables to re-initialize the call-clobber states of local variables. */
5715 compute_may_aliases (void)
5717 /* For each pointer P_i, determine the sets of variables that P_i may
5718 point-to. Compute the reachability set of escaped and call-used
5720 compute_points_to_sets ();
5722 /* Debugging dumps. */
5725 dump_alias_info (dump_file);
5727 if (dump_flags & TDF_DETAILS)
5728 dump_referenced_vars (dump_file);
5731 /* Deallocate memory used by aliasing data structures and the internal
5732 points-to solution. */
5733 delete_points_to_sets ();
5735 gcc_assert (!need_ssa_update_p (cfun));
5741 /* A dummy pass to cause points-to information to be computed via
5742 TODO_rebuild_alias. */
5744 struct gimple_opt_pass pass_build_alias =
5753 0, /* static_pass_number */
5754 TV_NONE, /* tv_id */
5755 PROP_cfg | PROP_ssa, /* properties_required */
5756 PROP_alias, /* properties_provided */
5757 0, /* properties_destroyed */
5758 0, /* todo_flags_start */
5759 TODO_rebuild_alias | TODO_dump_func /* todo_flags_finish */
5764 /* Return true if we should execute IPA PTA. */
5768 return (flag_ipa_pta
5769 /* Don't bother doing anything if the program has errors. */
5770 && !(errorcount || sorrycount));
5773 /* Execute the driver for IPA PTA. */
5775 ipa_pta_execute (void)
5777 struct cgraph_node *node;
5778 struct scc_info *si;
5781 init_alias_heapvars ();
5784 for (node = cgraph_nodes; node; node = node->next)
5788 varid = create_function_info_for (node->decl,
5789 cgraph_node_name (node));
5790 if (node->local.externally_visible)
5792 varinfo_t fi = get_varinfo (varid);
5793 for (; fi; fi = fi->next)
5794 make_constraint_from (fi, anything_id);
5797 for (node = cgraph_nodes; node; node = node->next)
5801 struct function *func = DECL_STRUCT_FUNCTION (node->decl);
5803 tree old_func_decl = current_function_decl;
5806 "Generating constraints for %s\n",
5807 cgraph_node_name (node));
5809 current_function_decl = node->decl;
5811 FOR_EACH_BB_FN (bb, func)
5813 gimple_stmt_iterator gsi;
5815 for (gsi = gsi_start_phis (bb); !gsi_end_p (gsi);
5818 gimple phi = gsi_stmt (gsi);
5820 if (is_gimple_reg (gimple_phi_result (phi)))
5821 find_func_aliases (phi);
5824 for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi); gsi_next (&gsi))
5825 find_func_aliases (gsi_stmt (gsi));
5827 current_function_decl = old_func_decl;
5832 /* Make point to anything. */
5838 fprintf (dump_file, "Points-to analysis\n\nConstraints:\n\n");
5839 dump_constraints (dump_file);
5844 "\nCollapsing static cycles and doing variable "
5847 init_graph (VEC_length (varinfo_t, varmap) * 2);
5848 build_pred_graph ();
5849 si = perform_var_substitution (graph);
5850 rewrite_constraints (graph, si);
5852 build_succ_graph ();
5853 free_var_substitution_info (si);
5854 move_complex_constraints (graph);
5855 unite_pointer_equivalences (graph);
5856 find_indirect_cycles (graph);
5858 /* Implicit nodes and predecessors are no longer necessary at this
5860 remove_preds_and_fake_succs (graph);
5863 fprintf (dump_file, "\nSolving graph\n");
5865 solve_graph (graph);
5868 dump_sa_points_to_info (dump_file);
5871 delete_alias_heapvars ();
5872 delete_points_to_sets ();
5876 struct simple_ipa_opt_pass pass_ipa_pta =
5881 gate_ipa_pta, /* gate */
5882 ipa_pta_execute, /* execute */
5885 0, /* static_pass_number */
5886 TV_IPA_PTA, /* tv_id */
5887 0, /* properties_required */
5888 0, /* properties_provided */
5889 0, /* properties_destroyed */
5890 0, /* todo_flags_start */
5891 TODO_update_ssa /* todo_flags_finish */
5896 #include "gt-tree-ssa-structalias.h"
OSDN Git Service
