public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug tree-optimization/80532] warning on pointer access after free
[not found] <bug-80532-4@http.gcc.gnu.org/bugzilla/>
@ 2020-11-03 4:11 ` egallager at gcc dot gnu.org
2020-12-01 17:35 ` msebor at gcc dot gnu.org
` (7 subsequent siblings)
8 siblings, 0 replies; 9+ messages in thread
From: egallager at gcc dot gnu.org @ 2020-11-03 4:11 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80532
Eric Gallager <egallager at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |egallager at gcc dot gnu.org
--- Comment #4 from Eric Gallager <egallager at gcc dot gnu.org> ---
(In reply to David Malcolm from comment #3)
> My analyzer finds these:
>
> ./xgcc -B. -fanalyzer -c ../../src/gcc/testsuite/gcc.dg/analyzer/pr80532.c
> -ftime-report
> ../../src/gcc/testsuite/gcc.dg/analyzer/pr80532.c: In function ‘free_list’:
> ../../src/gcc/testsuite/gcc.dg/analyzer/pr80532.c:14:28: warning: use after
> ‘free’ of ‘p’ [CWE-416] [-Wanalyzer-use-after-free]
> 14 | for (p = head; p != 0; p = p->next) /* { dg-warning "use after
> 'free' of 'p'" } */
> | ~~^~~~~~~~~
> ‘free_list’: events 1-4
> |
> | 14 | for (p = head; p != 0; p = p->next) /* { dg-warning "use
> after 'free' of 'p'" } */
> | | ^~~ ~~~~~~~~~~~
> | | | |
> | | | (4) use after ‘free’ of ‘p’; freed
> at (3)
> | | (1) following ‘true’ branch (when ‘p’ is non-NULL)...
> | 15 | free (p); /* { dg-message "freed here" } */
> | | ~~~~~~~~
> | | |
> | | (2) ...to here
> | | (3) freed here
> |
> ../../src/gcc/testsuite/gcc.dg/analyzer/pr80532.c:14:28: note: 8 duplicates
> 14 | for (p = head; p != 0; p = p->next) /* { dg-warning "use after
> 'free' of 'p'" } */
> | ~~^~~~~~~~~
> ../../src/gcc/testsuite/gcc.dg/analyzer/pr80532.c: In function ‘foobar’:
> ../../src/gcc/testsuite/gcc.dg/analyzer/pr80532.c:24:3: warning:
> double-‘free’ of ‘p’ [CWE-415] [-Wanalyzer-double-free]
> 24 | free (p); /* { dg-warning "double-'free' of 'p'" } */
> | ^~~~~~~~
> ‘foobar’: events 1-2
> |
> | 22 | memset (p, 0, n);
> | | ^~~~~~~~~~~~~~~~
> | | |
> | | (1) first ‘free’ here
> | 23 | free (p); /* { dg-message "first 'free' here" } */
> | 24 | free (p); /* { dg-warning "double-'free' of 'p'" } */
> | | ~~~~~~~~
> | | |
> | | (2) second ‘free’ here; first ‘free’ was at (1)
> |
So... since the analyzer has been merged now... ok to close as FIXED?
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug tree-optimization/80532] warning on pointer access after free
[not found] <bug-80532-4@http.gcc.gnu.org/bugzilla/>
2020-11-03 4:11 ` [Bug tree-optimization/80532] warning on pointer access after free egallager at gcc dot gnu.org
@ 2020-12-01 17:35 ` msebor at gcc dot gnu.org
2021-05-04 12:31 ` rguenth at gcc dot gnu.org
` (6 subsequent siblings)
8 siblings, 0 replies; 9+ messages in thread
From: msebor at gcc dot gnu.org @ 2020-12-01 17:35 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80532
--- Comment #5 from Martin Sebor <msebor at gcc dot gnu.org> ---
My hope is to implement the warning in the middle end (I actually have a
prototype but it's not ready for GCC 11).
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug tree-optimization/80532] warning on pointer access after free
[not found] <bug-80532-4@http.gcc.gnu.org/bugzilla/>
2020-11-03 4:11 ` [Bug tree-optimization/80532] warning on pointer access after free egallager at gcc dot gnu.org
2020-12-01 17:35 ` msebor at gcc dot gnu.org
@ 2021-05-04 12:31 ` rguenth at gcc dot gnu.org
2021-05-04 16:44 ` egallager at gcc dot gnu.org
` (5 subsequent siblings)
8 siblings, 0 replies; 9+ messages in thread
From: rguenth at gcc dot gnu.org @ 2021-05-04 12:31 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80532
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug tree-optimization/80532] warning on pointer access after free
[not found] <bug-80532-4@http.gcc.gnu.org/bugzilla/>
` (2 preceding siblings ...)
2021-05-04 12:31 ` rguenth at gcc dot gnu.org
@ 2021-05-04 16:44 ` egallager at gcc dot gnu.org
2021-05-04 19:40 ` msebor at gcc dot gnu.org
` (4 subsequent siblings)
8 siblings, 0 replies; 9+ messages in thread
From: egallager at gcc dot gnu.org @ 2021-05-04 16:44 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80532
--- Comment #6 from Eric Gallager <egallager at gcc dot gnu.org> ---
(In reply to Martin Sebor from comment #5)
> My hope is to implement the warning in the middle end (I actually have a
> prototype but it's not ready for GCC 11).
So... do you want to take over the "assignee" role from David, then?
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug tree-optimization/80532] warning on pointer access after free
[not found] <bug-80532-4@http.gcc.gnu.org/bugzilla/>
` (3 preceding siblings ...)
2021-05-04 16:44 ` egallager at gcc dot gnu.org
@ 2021-05-04 19:40 ` msebor at gcc dot gnu.org
2021-12-15 17:41 ` msebor at gcc dot gnu.org
` (3 subsequent siblings)
8 siblings, 0 replies; 9+ messages in thread
From: msebor at gcc dot gnu.org @ 2021-05-04 19:40 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80532
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|dmalcolm at gcc dot gnu.org |msebor at gcc dot gnu.org
--- Comment #7 from Martin Sebor <msebor at gcc dot gnu.org> ---
Since David's already implemented this in the analyzer and I have work in
progress to add this to the middle end core let me assign this to myself.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug tree-optimization/80532] warning on pointer access after free
[not found] <bug-80532-4@http.gcc.gnu.org/bugzilla/>
` (4 preceding siblings ...)
2021-05-04 19:40 ` msebor at gcc dot gnu.org
@ 2021-12-15 17:41 ` msebor at gcc dot gnu.org
2022-01-15 23:46 ` cvs-commit at gcc dot gnu.org
` (2 subsequent siblings)
8 siblings, 0 replies; 9+ messages in thread
From: msebor at gcc dot gnu.org @ 2021-12-15 17:41 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80532
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |patch
--- Comment #8 from Martin Sebor <msebor at gcc dot gnu.org> ---
Patch submitted for GCC 12:
https://gcc.gnu.org/pipermail/gcc-patches/2021-November/583044.html
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug tree-optimization/80532] warning on pointer access after free
[not found] <bug-80532-4@http.gcc.gnu.org/bugzilla/>
` (5 preceding siblings ...)
2021-12-15 17:41 ` msebor at gcc dot gnu.org
@ 2022-01-15 23:46 ` cvs-commit at gcc dot gnu.org
2022-01-16 0:04 ` msebor at gcc dot gnu.org
2023-10-21 10:46 ` egallager at gcc dot gnu.org
8 siblings, 0 replies; 9+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2022-01-15 23:46 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80532
--- Comment #9 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Martin Sebor <msebor@gcc.gnu.org>:
https://gcc.gnu.org/g:671a283636de75f7ed638ee6b01ed2d44361b8b6
commit r12-6605-g671a283636de75f7ed638ee6b01ed2d44361b8b6
Author: Martin Sebor <msebor@redhat.com>
Date: Sat Jan 15 16:37:54 2022 -0700
Add -Wuse-after-free [PR80532].
gcc/c-family/ChangeLog
PR tree-optimization/80532
* c.opt (-Wuse-after-free): New options.
gcc/ChangeLog:
PR tree-optimization/80532
* common.opt (-Wuse-after-free): New options.
* diagnostic-spec.c (nowarn_spec_t::nowarn_spec_t): Handle
OPT_Wreturn_local_addr and OPT_Wuse_after_free_.
* diagnostic-spec.h (NW_DANGLING): New enumerator.
* doc/invoke.texi (-Wuse-after-free): Document new option.
* gimple-ssa-warn-access.cc (pass_waccess::check_call): Rename...
(pass_waccess::check_call_access): ...to this.
(pass_waccess::check): Rename...
(pass_waccess::check_block): ...to this.
(pass_waccess::check_pointer_uses): New function.
(pass_waccess::gimple_call_return_arg): New function.
(pass_waccess::warn_invalid_pointer): New function.
(pass_waccess::check_builtin): Handle free and realloc.
(gimple_use_after_inval_p): New function.
(get_realloc_lhs): New function.
(maybe_warn_mismatched_realloc): New function.
(pointers_related_p): New function.
(pass_waccess::check_call): Call check_pointer_uses.
(pass_waccess::execute): Compute and free dominance info.
libcpp/ChangeLog:
* files.c (_cpp_find_file): Substitute a valid pointer for
an invalid one to avoid -Wuse-after-free.
libiberty/ChangeLog:
* regex.c: Suppress -Wuse-after-free.
gcc/testsuite/ChangeLog:
PR tree-optimization/80532
* gcc.dg/Wmismatched-dealloc-2.c: Avoid -Wuse-after-free.
* gcc.dg/Wmismatched-dealloc-3.c: Same.
* gcc.dg/analyzer/file-1.c: Prune expected warning.
* gcc.dg/analyzer/file-2.c: Same.
* gcc.dg/attr-alloc_size-6.c: Disable -Wuse-after-free.
* gcc.dg/attr-alloc_size-7.c: Same.
* c-c++-common/Wuse-after-free-2.c: New test.
* c-c++-common/Wuse-after-free-3.c: New test.
* c-c++-common/Wuse-after-free-4.c: New test.
* c-c++-common/Wuse-after-free-5.c: New test.
* c-c++-common/Wuse-after-free-6.c: New test.
* c-c++-common/Wuse-after-free-7.c: New test.
* c-c++-common/Wuse-after-free.c: New test.
* g++.dg/warn/Wmismatched-dealloc-3.C: New test.
* g++.dg/warn/Wuse-after-free.C: New test.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug tree-optimization/80532] warning on pointer access after free
[not found] <bug-80532-4@http.gcc.gnu.org/bugzilla/>
` (6 preceding siblings ...)
2022-01-15 23:46 ` cvs-commit at gcc dot gnu.org
@ 2022-01-16 0:04 ` msebor at gcc dot gnu.org
2023-10-21 10:46 ` egallager at gcc dot gnu.org
8 siblings, 0 replies; 9+ messages in thread
From: msebor at gcc dot gnu.org @ 2022-01-16 0:04 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80532
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Target Milestone|--- |12.0
Resolution|--- |FIXED
--- Comment #10 from Martin Sebor <msebor at gcc dot gnu.org> ---
Implemented in GCC 12 as -Wuse-after-free.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug tree-optimization/80532] warning on pointer access after free
[not found] <bug-80532-4@http.gcc.gnu.org/bugzilla/>
` (7 preceding siblings ...)
2022-01-16 0:04 ` msebor at gcc dot gnu.org
@ 2023-10-21 10:46 ` egallager at gcc dot gnu.org
8 siblings, 0 replies; 9+ messages in thread
From: egallager at gcc dot gnu.org @ 2023-10-21 10:46 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=80532
--- Comment #11 from Eric Gallager <egallager at gcc dot gnu.org> ---
(In reply to CVS Commits from comment #9)
> The master branch has been updated by Martin Sebor <msebor@gcc.gnu.org>:
>
> https://gcc.gnu.org/g:671a283636de75f7ed638ee6b01ed2d44361b8b6
>
> commit r12-6605-g671a283636de75f7ed638ee6b01ed2d44361b8b6
> Author: Martin Sebor <msebor@redhat.com>
> Date: Sat Jan 15 16:37:54 2022 -0700
>
[...snip...]
> libiberty/ChangeLog:
>
> * regex.c: Suppress -Wuse-after-free.
Was this part necessary? I'm wondering if it might be covering up an actual
error that I'm seeing on CheriBSD on cfarm240...
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2023-10-21 10:46 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <bug-80532-4@http.gcc.gnu.org/bugzilla/>
2020-11-03 4:11 ` [Bug tree-optimization/80532] warning on pointer access after free egallager at gcc dot gnu.org
2020-12-01 17:35 ` msebor at gcc dot gnu.org
2021-05-04 12:31 ` rguenth at gcc dot gnu.org
2021-05-04 16:44 ` egallager at gcc dot gnu.org
2021-05-04 19:40 ` msebor at gcc dot gnu.org
2021-12-15 17:41 ` msebor at gcc dot gnu.org
2022-01-15 23:46 ` cvs-commit at gcc dot gnu.org
2022-01-16 0:04 ` msebor at gcc dot gnu.org
2023-10-21 10:46 ` egallager at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).