From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1666) id B3C9439A791B; Mon, 12 Dec 2022 11:20:31 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org B3C9439A791B DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1670844031; bh=/262iufYsYAKc7lb2ug3dp/5QZU2z74yXpxdqlr4rOM=; h=From:To:Subject:Date:From; b=LU14Tlyd04mzLcYmI1BmLCazA9yvfuWuMVP5M/MJ7+E9IjIGnuOOmWS1En1VEkE6j 3DkB1qJJAQsgjxves9DNSRLd8gXfljCeaDDl00lUSKJjdeVD8f/HZGj4MoF22qkOYX MwBpTPERdp8xC8xmKEFMh9WgzjbhQb/3wNPGSjBA= MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="utf-8" From: Richard Biener To: gcc-cvs@gcc.gnu.org Subject: [gcc r12-8972] tree-optimization/106868 - bogus -Wdangling-pointer diagnostic X-Act-Checkin: gcc X-Git-Author: Richard Biener X-Git-Refname: refs/heads/releases/gcc-12 X-Git-Oldrev: 86def97756915ecd417110b9d88fbca41484222f X-Git-Newrev: ad6ace70ba38d2052eeb5adb9672d33f59867be0 Message-Id: <20221212112031.B3C9439A791B@sourceware.org> Date: Mon, 12 Dec 2022 11:20:31 +0000 (GMT) List-Id: https://gcc.gnu.org/g:ad6ace70ba38d2052eeb5adb9672d33f59867be0 commit r12-8972-gad6ace70ba38d2052eeb5adb9672d33f59867be0 Author: Richard Biener Date: Mon Dec 5 10:13:13 2022 +0100 tree-optimization/106868 - bogus -Wdangling-pointer diagnostic The testcase shows we mishandle the case where there's a pass-through of a pointer through a function like memcpy. The following adjusts handling of this copy case to require a taken address and adjust the PHI case similarly. PR tree-optimization/106868 * gimple-ssa-warn-access.cc (pass_waccess::gimple_call_return_arg_ref): Inline into single user ... (pass_waccess::check_dangling_uses): ... here and adjust the call and the PHI case to require that ref.aref is the address of the decl. * gcc.dg/Wdangling-pointer-pr106868.c: New testcase. (cherry picked from commit d492d50f644811327c5976e2c918ab6d906ed40c) Diff: --- gcc/gimple-ssa-warn-access.cc | 52 +++++++---------------- gcc/testsuite/gcc.dg/Wdangling-pointer-pr106868.c | 14 ++++++ 2 files changed, 30 insertions(+), 36 deletions(-) diff --git a/gcc/gimple-ssa-warn-access.cc b/gcc/gimple-ssa-warn-access.cc index 39aa8186de6..efe55dab917 100644 --- a/gcc/gimple-ssa-warn-access.cc +++ b/gcc/gimple-ssa-warn-access.cc @@ -2121,7 +2121,6 @@ private: /* Return the argument that a call returns. */ tree gimple_call_return_arg (gcall *); - tree gimple_call_return_arg_ref (gcall *); /* Check a call for uses of a dangling pointer arguments. */ void check_call_dangling (gcall *); @@ -4442,24 +4441,6 @@ pass_waccess::gimple_call_return_arg (gcall *call) return gimple_call_arg (call, argno); } -/* Return the decl referenced by the argument that the call STMT to - a built-in function returns (including with an offset) or null if - it doesn't. */ - -tree -pass_waccess::gimple_call_return_arg_ref (gcall *call) -{ - if (tree arg = gimple_call_return_arg (call)) - { - access_ref aref; - if (m_ptr_qry.get_ref (arg, call, &aref, 0) - && DECL_P (aref.ref)) - return aref.ref; - } - - return NULL_TREE; -} - /* Check for and diagnose all uses of the dangling pointer VAR to the auto object DECL whose lifetime has ended. OBJREF is true when VAR denotes an access to a DECL that may have been clobbered. */ @@ -4627,11 +4608,10 @@ pass_waccess::check_dangling_uses () unsigned i; FOR_EACH_SSA_NAME (i, var, m_func) { - /* For each SSA_NAME pointer VAR find the DECL it points to. - If the DECL is a clobbered local variable, check to see + /* For each SSA_NAME pointer VAR find the object it points to. + If the object is a clobbered local variable, check to see if any of VAR's uses (or those of other pointers derived from VAR) happens after the clobber. If so, warn. */ - tree decl = NULL_TREE; gimple *def_stmt = SSA_NAME_DEF_STMT (var); if (is_gimple_assign (def_stmt)) @@ -4641,23 +4621,30 @@ pass_waccess::check_dangling_uses () { if (!POINTER_TYPE_P (TREE_TYPE (var))) continue; - decl = TREE_OPERAND (rhs, 0); + check_dangling_uses (var, TREE_OPERAND (rhs, 0)); } else { /* For other expressions, check the base DECL to see if it's been clobbered, most likely as a result of inlining a reference to it. */ - decl = get_base_address (rhs); + tree decl = get_base_address (rhs); if (DECL_P (decl)) check_dangling_uses (var, decl, false, true); - continue; } } else if (POINTER_TYPE_P (TREE_TYPE (var))) { if (gcall *call = dyn_cast(def_stmt)) - decl = gimple_call_return_arg_ref (call); + { + if (tree arg = gimple_call_return_arg (call)) + { + access_ref aref; + if (m_ptr_qry.get_ref (arg, call, &aref, 0) + && aref.deref < 0) + check_dangling_uses (var, aref.ref); + } + } else if (gphi *phi = dyn_cast (def_stmt)) { unsigned nargs = gimple_phi_num_args (phi); @@ -4665,19 +4652,12 @@ pass_waccess::check_dangling_uses () { access_ref aref; tree arg = gimple_phi_arg_def (phi, i); - if (!m_ptr_qry.get_ref (arg, phi, &aref, 0) - || (aref.deref == 0 - && POINTER_TYPE_P (TREE_TYPE (aref.ref)))) - continue; - check_dangling_uses (var, aref.ref, true); + if (m_ptr_qry.get_ref (arg, phi, &aref, 0) + && aref.deref < 0) + check_dangling_uses (var, aref.ref, true); } - continue; } - else - continue; } - - check_dangling_uses (var, decl); } } diff --git a/gcc/testsuite/gcc.dg/Wdangling-pointer-pr106868.c b/gcc/testsuite/gcc.dg/Wdangling-pointer-pr106868.c new file mode 100644 index 00000000000..f782a5e07a1 --- /dev/null +++ b/gcc/testsuite/gcc.dg/Wdangling-pointer-pr106868.c @@ -0,0 +1,14 @@ +/* { dg-do compile } */ +/* { dg-options "-O -Wdangling-pointer" } */ + +void alloc(void **p); +void false_dangling(char **p) +{ + { + void *q; + alloc(&q); + *p = q; + } + char *a = __builtin_memcpy(*p, "", 1); + *a = 0; /* { dg-bogus "dangling" } */ +}