Hi,
The attached patch tries to fix PR82665 by adding value-range for 'n'
to [0, PTRDIFF_MAX - 1] in the following case:
def = memchr(arg, 0, sz);
n = def - arg
where def and arg are char *. I suppose it's safe to assume that if
arg is char *, then
memchr(arg, 0, sz) would return a non NULL pointer ?
The patch could also be extended to handle more functions like
memrchr, but I was wondering
if it is in right direction ?
Bootstrapped+tested on x86_64-unknown-linux-gnu
and cross-tested on arm*-*-*, aarch64*-*-*.
Thanks,
Prathamesh
diff --git a/gcc/testsuite/gcc.dg/tree-ssa/pr82665.c
b/gcc/testsuite/gcc.dg/tree-ssa/pr82665.c
new file mode 100644
index 00000000000..17be6ec4e4b
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/tree-ssa/pr82665.c
@@ -0,0 +1,22 @@
+/* { dg-do compile } */
+/* { dg-options "-O2 -fdump-tree-optimized" } */
+
+void f1 (char *p, __SIZE_TYPE__ sz)
+{
+ char *q = __builtin_memchr (p, 0, sz);
+ long n = q - p;
+
+ if (n >= __PTRDIFF_MAX__)
+ __builtin_abort ();
+}
+
+void f2 (unsigned char *p, __SIZE_TYPE__ sz)
+{
+ unsigned char *q = __builtin_memchr (p, 0, sz);
+ long n = q - p;
+
+ if (n >= __PTRDIFF_MAX__)
+ __builtin_abort ();
+}
+
+/* { dg-final { scan-tree-dump-times "memchr" 1 "optimized" } } */
diff --git a/gcc/vr-values.c b/gcc/vr-values.c
index 3e760a378fc..ca9dca84ebc 100644
--- a/gcc/vr-values.c
+++ b/gcc/vr-values.c
@@ -773,6 +773,54 @@ vr_values::extract_range_from_binary_expr (value_range *vr,
extract_range_from_binary_expr_1 (vr, code, expr_type, &vr0, &vr1);
+ /* Set value_range for n in following sequence:
+ def = __builtin_memchr (arg, 0, sz)
+ op0 = convert_expr def
+ op1 = convert_expr arg
+ n = op0 - op1
+ Here the range for n can be set to [0, PTRDIFF_MAX - 1]. */
+
+ if (vr->type == VR_VARYING
+ && (code == MINUS_EXPR)
+ && (TREE_CODE (op0) == SSA_NAME)
+ && (TREE_CODE (op1) == SSA_NAME)
+ && INTEGRAL_TYPE_P (TREE_TYPE (op0))
+ && INTEGRAL_TYPE_P (TREE_TYPE (op1)))
+ {
+ tree def = NULL_TREE;
+ tree arg = NULL_TREE;
+
+ gassign *s = dyn_cast<gassign *> (SSA_NAME_DEF_STMT (op0));
+ if (s && CONVERT_EXPR_CODE_P (gimple_assign_rhs_code (s)))
+ def = gimple_assign_rhs1 (s);
+
+ s = dyn_cast<gassign *> (SSA_NAME_DEF_STMT (op1));
+ if (s && CONVERT_EXPR_CODE_P (gimple_assign_rhs_code (s)))
+ arg = gimple_assign_rhs1 (s);
+
+ gcall *call_stmt = NULL;
+ if (def && arg
+ && (TREE_CODE (def) == SSA_NAME)
+ && ((TREE_CODE (TREE_TYPE (def)) == POINTER_TYPE)
+ && (TREE_TYPE (TREE_TYPE (def)) == char_type_node))
+ && (TREE_CODE (arg) == SSA_NAME)
+ && ((TREE_CODE (TREE_TYPE (arg)) == POINTER_TYPE)
+ && (TREE_TYPE (TREE_TYPE (arg)) == char_type_node))
+ && (call_stmt = dyn_cast<gcall *>(SSA_NAME_DEF_STMT (def)))
+ && (gimple_call_combined_fn (call_stmt) == CFN_BUILT_IN_MEMCHR)
+ && operand_equal_p (def, gimple_call_lhs (call_stmt), 0)
+ && operand_equal_p (arg, gimple_call_arg (call_stmt, 0), 0)
+ && integer_zerop (gimple_call_arg (call_stmt, 1)))
+ {
+ tree max = vrp_val_max (ptrdiff_type_node);
+ wide_int wmax = wi::to_wide (max, TYPE_PRECISION (TREE_TYPE
(max)));
+ tree range_min = build_zero_cst (expr_type);
+ tree range_max = wide_int_to_tree (expr_type, wmax - 1);
+ set_value_range (vr, VR_RANGE, range_min, range_max, NULL);
+ return;
+ }
+ }
+
/* Try harder for PLUS and MINUS if the range of one operand is symbolic
and based on the other operand, for example if it was deduced from a
symbolic comparison. When a bound of the range of the first operand
