From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id E4A73398E458; Fri, 19 Feb 2021 23:38:57 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org E4A73398E458 From: "msebor at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug middle-end/87489] [8/9/10/11 Regression] Spurious -Wnonnull warning Date: Fri, 19 Feb 2021 23:38:56 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: middle-end X-Bugzilla-Version: 8.2.0 X-Bugzilla-Keywords: diagnostic, patch X-Bugzilla-Severity: normal X-Bugzilla-Who: msebor at gcc dot gnu.org X-Bugzilla-Status: ASSIGNED X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: law at gcc dot gnu.org X-Bugzilla-Target-Milestone: 12.0 X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: gcc-bugs@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-bugs mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Feb 2021 23:38:58 -0000 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D87489 --- Comment #16 from Martin Sebor --- The test case in https://gcc.gnu.org/pipermail/gcc-patches/2021-February/565564.html shows t= hat running the -Wnonnull pass later, after FRE, allows the warning to detect t= he bug in the following test case: class b { public: long c(); }; class B { public: B() : f() {} b *f; }; long d, e; class g : B { public: void h() { long a =3D f->c(); <<< -Wnonnull d =3D e =3D a; } }; class j { j(); g i; }; j::j() { i.h(); } My response (https://gcc.gnu.org/pipermail/gcc-patches/2021-February/565590.html) is co= pied below: > Thanks. Yes, the warning would be useful here since the f pointer > in the call to f->c() is null when i.h() is called from j's ctor. > The FRE3 pass clearly exposes this : >=20 > void j::j (struct j * const this) > { > long int _9; >=20 > [local count: 1073741824]: > MEM[(struct B *)this_3(D)] =3D{v} {CLOBBER}; > MEM[(struct B *)this_3(D)].f =3D 0B; > _9 =3D b::c (0B); > ... >=20 > Because the warning runs early (after CCP2), the null pointer is > not detected. To see it the warning code would have to work quite > hard to figure out that the two assignments below refer to the same > location (it would essentially have to do what FRE does): >=20 > MEM[(struct B *)this_3(D)].f =3D 0B; > _7 =3D MEM[(struct b * *)_1]; > _9 =3D b::c (_7); >=20 > It's probably too late to make this change for GCC 11 as Jeff has > already decided that it should be deferred until GCC 12, and even > then there's a concern that doing so might cause false positives. > I think it's worth revisiting the idea in GCC 12 to see if > the concern is founded. Let me make a note of it in the bug.=