diff --git a/SMPBasicBlock.cpp b/SMPBasicBlock.cpp
index e931d906aa9fe6a331790e79fb70f77b8880a911..2bf1cf7c061cc997797c838285f403023d0d86a8 100644
--- a/SMPBasicBlock.cpp
+++ b/SMPBasicBlock.cpp
@@ -2183,6 +2183,12 @@ bool SMPBasicBlock::PropagateGlobalDefType(op_t DefOp, SMPOperandType DefType, i
 	else
 		this->SetProcessed(true);
 
+	bool UseFP = this->GetFunc()->UsesFramePointer();
+	if ((STACKPTR == DefType) && (o_reg == DefOp.type) && (MDIsStackPtrReg(DefOp.reg, UseFP))) {
+		// We should not need to propagate STACKPTR type for the stack and frame pointer registers. Save time.
+		return false;
+	}
+
 	if (DebugFlag) {
 		SMP_msg("PropagateGlobalDefType: DefType %d SSANum %d ", DefType, SSANum);
 		PrintOperand(DefOp);
@@ -2190,7 +2196,6 @@ bool SMPBasicBlock::PropagateGlobalDefType(op_t DefOp, SMPOperandType DefType, i
 	}
 
 #if STARS_PROPAGATE_STACKMEMTYPE_UNTIL_INDIRECT
-	bool UseFP = this->GetFunc()->UsesFramePointer();
 	bool StackMemOp = IsMemOp && MDIsDirectStackAccessOpnd(DefOp, UseFP);
 	if (IsMemOp && (!StackMemOp))
 		return false;
diff --git a/SMPDataFlowAnalysis.cpp b/SMPDataFlowAnalysis.cpp
index db842c2ec49197b83b35b5628b4bc83b6af91ee3..ecabdf1203605c116949f9fd9ec1be04c612cfc5 100644
--- a/SMPDataFlowAnalysis.cpp
+++ b/SMPDataFlowAnalysis.cpp
@@ -3780,6 +3780,10 @@ void InitLibFuncFGInfoMaps(void) {
 	InsertResult = ReturnRegisterTypeMap.insert(MapEntry);
 	assert(InsertResult.second);
 
+	MapEntry.first = "strcoll";
+	InsertResult = ReturnRegisterTypeMap.insert(MapEntry);
+	assert(InsertResult.second);
+
 	MapEntry.first = "strncmp";
 	InsertResult = ReturnRegisterTypeMap.insert(MapEntry);
 	assert(InsertResult.second);
@@ -3924,10 +3928,6 @@ void InitLibFuncFGInfoMaps(void) {
 	InsertResult = ReturnRegisterTypeMap.insert(MapEntry);
 	assert(InsertResult.second);
 
-	MapEntry.first = "strcoll";
-	InsertResult = ReturnRegisterTypeMap.insert(MapEntry);
-	assert(InsertResult.second);
-
 	MapEntry.first = "strchr";
 	InsertResult = ReturnRegisterTypeMap.insert(MapEntry);
 	assert(InsertResult.second);
@@ -3953,10 +3953,9 @@ void InitLibFuncFGInfoMaps(void) {
 	assert(InsertResult.second);
 
 	// Functions that return (void *).
-	if (sizeof(void *) != sizeof(char *)) {
-		FGEntry.SizeInfo = (FG_MASK_DATAPOINTER | ComputeOperandBitWidthMask(DummyOp, sizeof(void *)));
-		MapEntry.second = FGEntry;
-	}
+	FGEntry.SizeInfo = (FG_MASK_DATAPOINTER | ComputeOperandBitWidthMask(DummyOp, sizeof(void *)));
+	FGEntry.SignMiscInfo = FG_MASK_UNSIGNED;
+	MapEntry.second = FGEntry;
 
 	MapEntry.first = "malloc";
 	InsertResult = ReturnRegisterTypeMap.insert(MapEntry);
diff --git a/SMPInstr.cpp b/SMPInstr.cpp
index c40805207df797edabcee74c6146644bcd925fcb..afb370cc6673d51f16f97b84b4d210455cfaeeac 100644
--- a/SMPInstr.cpp
+++ b/SMPInstr.cpp
@@ -6673,10 +6673,10 @@ void SMPInstr::MDSetWidthSignInfo(bool UseFP) {
 			DefHashValue = HashGlobalNameAndSSA(DefOp, DefSSANum);
 			SMPOperandType DefType = DefIter->GetType();
 			SMPOperandType NewDefType = UNINIT;
-			if (FGEntry.SignMiscInfo & FG_MASK_INTEGER) {
+			if (FGEntry.SizeInfo & FG_MASK_INTEGER) {
 				NewDefType = NUMERIC;
 			}
-			else if (FGEntry.SignMiscInfo & FG_MASK_DATAPOINTER) {
+			else if (FGEntry.SizeInfo & FG_MASK_DATAPOINTER) {
 				NewDefType = POINTER;
 			}
 			NewDefType = SMPTypeMeet(DefType, NewDefType);
@@ -10580,6 +10580,7 @@ void SMPInstr::EmitIntegerErrorAnnotations(FILE *InfoAnnotFile, list<size_t> &Lo
 			SSANum = DefIter->GetSSANum();
 			SMPOperandType DefType = DefIter->GetType();
 			SMPOperandType MemType;
+			SMPOperandType DefUseType = UNINIT; // type of USE that is also the DEF of the instruction
 			SMPMetadataType DefMetaStatus = DefIter->GetMetadataStatus();
 			bool DefUnusedMetadata = (DEF_METADATA_UNUSED == DefMetaStatus);
 			bool IgnoreOverflow = this->IsBenignOverflow(IdiomCode);
@@ -10635,7 +10636,7 @@ void SMPInstr::EmitIntegerErrorAnnotations(FILE *InfoAnnotFile, list<size_t> &Lo
 					DefSignMask = this->SignMaskUnionFromUseRegs();
 				}
 				if ((0 == IdiomCode) && (DefSignMask == FG_MASK_UNSIGNED)) {
-					// UNSIGNED is often reliable because compilers zero-extend values
+					// UNSIGNED is often unreliable because compilers zero-extend values
 					//  just so they can avoid having undefined register bits. Later, only
 					//  the lower bits get stored. We already detect this pattern as a benign
 					//  truncation, but we need to back off on the certainty of our UNSIGNED
@@ -10644,6 +10645,7 @@ void SMPInstr::EmitIntegerErrorAnnotations(FILE *InfoAnnotFile, list<size_t> &Lo
 					if (UseIter != this->GetLastUse()) {
 						UseOp = UseIter->GetOp();
 						UseSSANum = UseIter->GetSSANum();
+						DefUseType = UseIter->GetType();
 						if ((o_reg == UseOp.type) || MDIsDirectStackAccessOpnd(UseOp, UseFP)) {
 							if (this->IsOpSourceZeroExtendedMove(UseOp, UseSSANum, false)) {
 								if (this->GetBlock()->IsOpDestTruncatedWrite(DefOp, SSANum, this->GetAddr())) {
@@ -10720,7 +10722,7 @@ void SMPInstr::EmitIntegerErrorAnnotations(FILE *InfoAnnotFile, list<size_t> &Lo
 						IgnoreOverflow = true;
 						IdiomCode = 15;
 					}
-					else if (IsDataPtr(DefType)) {
+					else if (IsDataPtr(DefType) || IsDataPtr(DefUseType)) {
 						// IDIOM 18 says to let C7 (buffer overflow/underflow) defenses handle the issues if it is a pointer.
 						IgnoreOverflow = true;
 						IdiomCode = 18;