From: Jason Merrill <jason@redhat.com>
To: Nathaniel Shead <nathanieloshead@gmail.com>, gcc-patches@gcc.gnu.org
Cc: Patrick Palka <ppalka@redhat.com>
Subject: Re: [PATCH v4 2/3] c++: Improve constexpr error for dangling local variables [PR110619]
Date: Thu, 20 Jul 2023 11:46:47 -0400 [thread overview]
Message-ID: <033dbf6e-6585-f5fc-75de-5ac7a47c8250@redhat.com> (raw)
In-Reply-To: <ZLkAGBfPXgFGt1ox@Thaum.localdomain>
On 7/20/23 05:36, Nathaniel Shead wrote:
> Currently, when typeck discovers that a return statement will refer to a
> local variable it rewrites to return a null pointer. This causes the
> error messages for using the return value in a constant expression to be
> unhelpful, especially for reference return values.
>
> This patch removes this "optimisation".
This isn't an optimization, it's for safety, removing a way for an
attacker to get a handle on other data on the stack (CWE-562).
But I agree that we need to preserve some element of UB for constexpr
evaluation to see.
Perhaps we want to move this transformation to
cp_maybe_instrument_return, so it happens after maybe_save_constexpr_fundef?
> Relying on this raises a warning
> by default and causes UB anyway, so there should be no issue in doing
> so. We also suppress additional warnings from later passes that detect
> this as a dangling pointer, since we've already indicated this anyway.
>
> PR c++/110619
>
> gcc/cp/ChangeLog:
>
> * semantics.cc (finish_return_stmt): Suppress dangling pointer
> reporting on return statement if already reported.
> * typeck.cc (check_return_expr): Don't set return expression to
> zero for dangling addresses.
>
> gcc/testsuite/ChangeLog:
>
> * g++.dg/cpp1y/constexpr-lifetime5.C: Test reported message is
> correct.
> * g++.dg/cpp1y/constexpr-lifetime6.C: Likewise.
> * g++.dg/cpp1y/constexpr-110619.C: New test.
> * g++.dg/warn/Wreturn-local-addr-6.C: Remove check for return
> value optimisation.
>
> Signed-off-by: Nathaniel Shead <nathanieloshead@gmail.com>
> ---
> gcc/cp/semantics.cc | 5 ++++-
> gcc/cp/typeck.cc | 5 +++--
> gcc/testsuite/g++.dg/cpp1y/constexpr-110619.C | 10 ++++++++++
> gcc/testsuite/g++.dg/cpp1y/constexpr-lifetime5.C | 4 ++--
> gcc/testsuite/g++.dg/cpp1y/constexpr-lifetime6.C | 8 ++++----
> gcc/testsuite/g++.dg/warn/Wreturn-local-addr-6.C | 3 ---
> 6 files changed, 23 insertions(+), 12 deletions(-)
> create mode 100644 gcc/testsuite/g++.dg/cpp1y/constexpr-110619.C
>
> diff --git a/gcc/cp/semantics.cc b/gcc/cp/semantics.cc
> index 8fb47fd179e..107407de513 100644
> --- a/gcc/cp/semantics.cc
> +++ b/gcc/cp/semantics.cc
> @@ -1260,7 +1260,10 @@ finish_return_stmt (tree expr)
>
> r = build_stmt (input_location, RETURN_EXPR, expr);
> if (no_warning)
> - suppress_warning (r, OPT_Wreturn_type);
> + {
> + suppress_warning (r, OPT_Wreturn_type);
> + suppress_warning (r, OPT_Wdangling_pointer_);
> + }
> r = maybe_cleanup_point_expr_void (r);
> r = add_stmt (r);
>
> diff --git a/gcc/cp/typeck.cc b/gcc/cp/typeck.cc
> index 859b133a18d..47233b3b717 100644
> --- a/gcc/cp/typeck.cc
> +++ b/gcc/cp/typeck.cc
> @@ -11273,8 +11273,9 @@ check_return_expr (tree retval, bool *no_warning)
> else if (!processing_template_decl
> && maybe_warn_about_returning_address_of_local (retval, loc)
> && INDIRECT_TYPE_P (valtype))
> - retval = build2 (COMPOUND_EXPR, TREE_TYPE (retval), retval,
> - build_zero_cst (TREE_TYPE (retval)));
> + /* Suppress the Wdangling-pointer warning in the return statement
> + that would otherwise occur. */
> + *no_warning = true;
> }
>
> /* A naive attempt to reduce the number of -Wdangling-reference false
> diff --git a/gcc/testsuite/g++.dg/cpp1y/constexpr-110619.C b/gcc/testsuite/g++.dg/cpp1y/constexpr-110619.C
> new file mode 100644
> index 00000000000..cca13302238
> --- /dev/null
> +++ b/gcc/testsuite/g++.dg/cpp1y/constexpr-110619.C
> @@ -0,0 +1,10 @@
> +// { dg-do compile { target c++14 } }
> +// { dg-options "-Wno-return-local-addr" }
> +// PR c++/110619
> +
> +constexpr auto f() {
> + int i = 0;
> + return &i;
> +};
> +
> +static_assert( f() != nullptr );
> diff --git a/gcc/testsuite/g++.dg/cpp1y/constexpr-lifetime5.C b/gcc/testsuite/g++.dg/cpp1y/constexpr-lifetime5.C
> index a4bc71d890a..ad3ef579f63 100644
> --- a/gcc/testsuite/g++.dg/cpp1y/constexpr-lifetime5.C
> +++ b/gcc/testsuite/g++.dg/cpp1y/constexpr-lifetime5.C
> @@ -1,11 +1,11 @@
> // { dg-do compile { target c++14 } }
> // { dg-options "-Wno-return-local-addr" }
>
> -constexpr const int& id(int x) { return x; }
> +constexpr const int& id(int x) { return x; } // { dg-message "note: declared here" }
>
> constexpr bool test() {
> const int& y = id(3);
> return y == 3;
> }
>
> -constexpr bool x = test(); // { dg-error "" }
> +constexpr bool x = test(); // { dg-error "accessing object outside its lifetime" }
> diff --git a/gcc/testsuite/g++.dg/cpp1y/constexpr-lifetime6.C b/gcc/testsuite/g++.dg/cpp1y/constexpr-lifetime6.C
> index f358aff4490..b81e89af79c 100644
> --- a/gcc/testsuite/g++.dg/cpp1y/constexpr-lifetime6.C
> +++ b/gcc/testsuite/g++.dg/cpp1y/constexpr-lifetime6.C
> @@ -4,12 +4,12 @@
> struct Empty {};
>
> constexpr const Empty& empty() {
> - return Empty{};
> + return Empty{}; // { dg-message "note: declared here" }
> }
>
> -constexpr const Empty& empty_parm(Empty e) {
> +constexpr const Empty& empty_parm(Empty e) { // { dg-message "note: declared here" }
> return e;
> }
>
> -constexpr Empty a = empty(); // { dg-error "" }
> -constexpr Empty b = empty_parm({}); // { dg-error "" }
> +constexpr Empty a = empty(); // { dg-error "accessing object outside its lifetime" }
> +constexpr Empty b = empty_parm({}); // { dg-error "accessing object outside its lifetime" }
> diff --git a/gcc/testsuite/g++.dg/warn/Wreturn-local-addr-6.C b/gcc/testsuite/g++.dg/warn/Wreturn-local-addr-6.C
> index fae8b7e766f..ec8e241d83e 100644
> --- a/gcc/testsuite/g++.dg/warn/Wreturn-local-addr-6.C
> +++ b/gcc/testsuite/g++.dg/warn/Wreturn-local-addr-6.C
> @@ -24,6 +24,3 @@ return_addr_local_as_intref (void)
>
> return (const intptr_t&)a; // { dg-warning "\\\[-Wreturn-local-addr]" } */
> }
> -
> -/* Verify that the return value has been replaced with zero:
> - { dg-final { scan-tree-dump-times "return 0;" 2 "optimized" } } */
next prev parent reply other threads:[~2023-07-20 15:47 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-20 9:33 [PATCH v4 0/3] c++: Track lifetimes in constant evaluation [PR70331, ...] Nathaniel Shead
2023-07-20 9:35 ` [PATCH v4 1/3] c++: Track lifetimes in constant evaluation [PR70331,PR96630,PR98675] Nathaniel Shead
2023-07-20 14:42 ` Jason Merrill
2023-07-22 5:28 ` Nathaniel Shead
2023-07-20 9:36 ` [PATCH v4 2/3] c++: Improve constexpr error for dangling local variables [PR110619] Nathaniel Shead
2023-07-20 15:46 ` Jason Merrill [this message]
2023-07-21 5:39 ` Nathaniel Shead
2023-07-21 21:44 ` Jason Merrill
2023-07-22 5:20 ` Nathaniel Shead
2023-07-20 9:37 ` [PATCH v4 3/3] c++: Improve location information in constant evaluation Nathaniel Shead
2023-07-20 17:00 ` Jason Merrill
2023-07-22 5:26 ` Nathaniel Shead
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=033dbf6e-6585-f5fc-75de-5ac7a47c8250@redhat.com \
--to=jason@redhat.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=nathanieloshead@gmail.com \
--cc=ppalka@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).