[Bug analyzer/99860] New: RFE: analyzer does not respect "restrict"

[Bug analyzer/99860] New: RFE: analyzer does not respect "restrict"

[dmalcolm at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99860

            Bug ID: 99860
           Summary: RFE: analyzer does not respect "restrict"
           Product: gcc
           Version: 11.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: analyzer
          Assignee: dmalcolm at gcc dot gnu.org
          Reporter: dmalcolm at gcc dot gnu.org
  Target Milestone: ---

The analyzer currently is very conservative about aliasing, and assumes that
anything that could be aliased by a pointer gets clobbered when a write occurs
through that pointer.

Am filing this bug to remind me to better support pointers marked with
"restrict".

Probably should also warn about places where the analyzer detects that restrict
isn't being honored.

[Bug analyzer/99860] RFE: analyzer does not respect "restrict"

[dmalcolm at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99860

--- Comment #1 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
Notes on "restrict":
  https://en.cppreference.com/w/c/language/restrict

[Bug analyzer/99860] RFE: analyzer does not respect "restrict"

[dmalcolm at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99860

--- Comment #2 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
Quoting Paul Eggert here:
  https://lists.gnu.org/archive/html/bug-gnulib/2022-07/msg00066.html

> I looked into this a bit more, and it turns out that GCC was wrong
> about 
> what happens when some parameters have 'restrict' and others do not,
> and 
> this was partly because the C Standard itself is so opaque. (The GCC
> bug 
> has been fixed.)
> 
> In 2018 Troy Johnson and Bill Homer of Cray proposed[1] adding
> examples 
> to the C standard to try to make it clearer what happens when some 
> function parameters are 'restrict' and others are not. These examples
> have been added (with some changes) to section 6.7.3.1 of the current
> (June 2022) draft of the next C standard.[2] Perhaps they will help 
> explain things better.
> 
> The confusion in this obscure area for so many years suggests that 
> Gnulib would be better off following the lead of POSIX and the C 
> standard, by using 'restrict' on all relevant parameters rather than 
> trying to be clever and use 'restrict' with only some parameters. 
> Although omitting some 'restrict's shortens the code, it complicates 
> analysis (for both humans and compilers) so much that it's more
> trouble 
> than its worth.
> 
> [1] https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2260.pdf
> [2] https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2912.pdf
>

[Bug analyzer/99860] RFE: analyzer does not respect "restrict"

[cvs-commit at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99860

--- Comment #3 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by David Malcolm <dmalcolm@gcc.gnu.org>:

https://gcc.gnu.org/g:034d99e81484fbb83f15da91ee1a744b9301b04f

commit r14-3556-g034d99e81484fbb83f15da91ee1a744b9301b04f
Author: David Malcolm <dmalcolm@redhat.com>
Date:   Tue Aug 29 18:12:09 2023 -0400

    analyzer: new warning: -Wanalyzer-overlapping-buffers [PR99860]

    gcc/ChangeLog:
            PR analyzer/99860
            * Makefile.in (ANALYZER_OBJS): Add analyzer/ranges.o.

    gcc/analyzer/ChangeLog:
            PR analyzer/99860
            * analyzer-selftests.cc (selftest::run_analyzer_selftests): Call
            selftest::analyzer_ranges_cc_tests.
            * analyzer-selftests.h (selftest::run_analyzer_selftests): New
            decl.
            * analyzer.opt (Wanalyzer-overlapping-buffers): New option.
            * call-details.cc: Include "analyzer/ranges.h" and "make-unique.h".
            (class overlapping_buffers): New.
            (call_details::complain_about_overlap): New.
            * call-details.h (call_details::complain_about_overlap): New decl.
            * kf.cc (kf_memcpy_memmove::impl_call_pre): Call
            cd.complain_about_overlap for memcpy and memcpy_chk.
            (kf_strcat::impl_call_pre): Call cd.complain_about_overlap.
            (kf_strcpy::impl_call_pre): Likewise.
            * ranges.cc: New file.
            * ranges.h: New file.

    gcc/ChangeLog:
            PR analyzer/99860
            * doc/invoke.texi: Add -Wanalyzer-overlapping-buffers.

    gcc/testsuite/ChangeLog:
            PR analyzer/99860
            * c-c++-common/analyzer/overlapping-buffers.c: New test.

    Signed-off-by: David Malcolm <dmalcolm@redhat.com>