From 27ef3a0779e551ca116c56c431436c8d2191b253 Mon Sep 17 00:00:00 2001
From: Jan Hubicka <hubicka@ucw.cz>
Date: Mon, 22 Jul 2024 18:08:08 +0200
Subject: [PATCH] Fix modref_eaf_analysis::analyze_ssa_name handling of values
 dereferenced to function call parameters

modref_eaf_analysis::analyze_ssa_name misinterprets EAF flags.  If dereferenced
parameter is passed (to map_iterator in the testcase) it can be returned
indirectly which in turn makes it to escape into the next function call.

	PR ipa/115033

gcc/ChangeLog:

	* ipa-modref.cc (modref_eaf_analysis::analyze_ssa_name): Fix checking of
	EAF flags when analysing values dereferenced as function parameters.

gcc/testsuite/ChangeLog:

	* gcc.c-torture/execute/pr115033.c: New test.

(cherry picked from commit cf8ffc58aad3127031c229a75cc4b99c8ace25e0)
---
 gcc/ipa-modref.cc                             |  6 ++--
 .../gcc.c-torture/execute/pr115033.c          | 35 +++++++++++++++++++
 2 files changed, 39 insertions(+), 2 deletions(-)
 create mode 100644 gcc/testsuite/gcc.c-torture/execute/pr115033.c

diff --git a/gcc/ipa-modref.cc b/gcc/ipa-modref.cc
index a5adce8ea39..f994388a96a 100644
--- a/gcc/ipa-modref.cc
+++ b/gcc/ipa-modref.cc
@@ -2571,8 +2571,10 @@ modref_eaf_analysis::analyze_ssa_name (tree name, bool deferred)
 		    int call_flags = deref_flags
 			    (gimple_call_arg_flags (call, i), ignore_stores);
 		    if (!ignore_retval && !(call_flags & EAF_UNUSED)
-			&& !(call_flags & EAF_NOT_RETURNED_DIRECTLY)
-			&& !(call_flags & EAF_NOT_RETURNED_INDIRECTLY))
+			&& (call_flags & (EAF_NOT_RETURNED_DIRECTLY
+				       	  | EAF_NOT_RETURNED_INDIRECTLY))
+			    != (EAF_NOT_RETURNED_DIRECTLY
+				| EAF_NOT_RETURNED_INDIRECTLY))
 		      merge_call_lhs_flags (call, i, name, false, true);
 		    if (ecf_flags & (ECF_CONST | ECF_NOVOPS))
 		      m_lattice[index].merge_direct_load ();
diff --git a/gcc/testsuite/gcc.c-torture/execute/pr115033.c b/gcc/testsuite/gcc.c-torture/execute/pr115033.c
new file mode 100644
index 00000000000..3e79367d401
--- /dev/null
+++ b/gcc/testsuite/gcc.c-torture/execute/pr115033.c
@@ -0,0 +1,35 @@
+
+typedef struct func
+{
+  int *a;
+}func;
+__attribute__((noinline))
+void ff(struct func *t)
+{
+  *(t->a) = 0;
+}
+
+
+typedef struct mapped_iterator {
+  func F;
+}mapped_iterator;
+
+__attribute__((noinline))
+mapped_iterator map_iterator(func F) {
+  mapped_iterator t = {F};
+  return t;
+}
+
+void map_to_vector(func *F) {
+  mapped_iterator t = map_iterator(*F);
+  ff(&t.F);
+}
+int main() {
+  int resultIsStatic = 1;
+  func t ={&resultIsStatic};
+  map_to_vector(&t);
+
+  if (resultIsStatic)
+    __builtin_trap();
+  __builtin_exit(0);
+}