From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ot1-x32c.google.com (mail-ot1-x32c.google.com [IPv6:2607:f8b0:4864:20::32c]) by sourceware.org (Postfix) with ESMTPS id 5087339AE028 for ; Thu, 22 Jul 2021 21:59:01 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 5087339AE028 Received: by mail-ot1-x32c.google.com with SMTP id x15-20020a05683000cfb02904d1f8b9db81so160547oto.12 for ; Thu, 22 Jul 2021 14:59:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-language; bh=qDiPtomJKxsSlO188PSwOmkpIwI6orXa9AjfzxVywkE=; b=PszkvsJ5ohtsm79wMcSsW3YiBjntVLOBGyJzjgNWpyN3wrk+FHY0RKZR3mC8tHEaEW BtGGt2dCUbVnHMXxTbnudxiK4HmuyaKJcZtRWLAmvSHcW1Sby89MBjsRkEXiw0KM28vs SThdaLUTn0++Oc4e++9xntHXQDGK5e5mrgTJlS1EJtjdpIV6nsFQoY4b1Eu7RHNYwnBN Rjad558Kxd5pRj+QB/2JhS3itJ7302NSh8jsFwIlT4BntYVquu7G80UBPLwnxXGveG9W kaOhEc1VUxfPy0n/j5Mu/SJRJSFI7SPIWL4fs2gkMW/CacEzzxNq8hjTQJZ1Q1VpTNEV VVFA== X-Gm-Message-State: AOAM5303MQp5G/DD78bIVCjwYIAdhN4T9NclRenlwJF2CFw8Bxp6/O3u xTvNGov/+rmos+EiPZCJA9TjAiwzQ1A= X-Google-Smtp-Source: ABdhPJxFZ6UkIxYJGoJuF6LCkURppIw9DXKOXFQLAOp7AZze7U/5RxtUYkp1gKE4bFP8PaBLUAto1g== X-Received: by 2002:a05:6830:2317:: with SMTP id u23mr1193597ote.88.1626991140586; Thu, 22 Jul 2021 14:59:00 -0700 (PDT) Received: from [192.168.0.41] (75-166-102-22.hlrn.qwest.net. [75.166.102.22]) by smtp.gmail.com with ESMTPSA id r26sm3172150ooh.32.2021.07.22.14.58.59 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 22 Jul 2021 14:59:00 -0700 (PDT) To: gcc-patches From: Martin Sebor Subject: [PATCH] correct uninitialized object offset and size computation [PR101494] Message-ID: <596aa986-8619-ae8e-8fe8-7c3bfc6e08ec@gmail.com> Date: Thu, 22 Jul 2021 15:58:59 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------10C5B6212BFC8E8E7E5DE226" Content-Language: en-US X-Spam-Status: No, score=-10.2 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jul 2021 21:59:04 -0000 This is a multi-part message in MIME format. --------------10C5B6212BFC8E8E7E5DE226 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit The code that computes the size of an access to an object in -Wuninitialized is limited to declared objects and so doesn't apply to allocated objects, and doesn't correctly account for an offset into the object and the access size. This causes false positives. The attached fix tested on x86_64-linux corrects this. Martin --------------10C5B6212BFC8E8E7E5DE226 Content-Type: text/x-patch; charset=UTF-8; name="gcc-101494.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="gcc-101494.diff" Correct uninitialized object offset and size computation [PR101494]. Resolves: PR middle-end/101494 - -uninitialized false alarm with memrchr of size 0 gcc/ChangeLog: PR middle-end/101494 * tree-ssa-uninit.c (builtin_call_nomodifying_p): (check_defs): (maybe_warn_operand): gcc/testsuite/ChangeLog: PR middle-end/101494 * gcc.dg/uninit-38.c: * gcc.dg/uninit-41.c: New test. * gcc.dg/uninit-pr101494.c: New test. @@ -304,16 +344,20 @@ maybe_warn_operand (ao_ref &ref, gimple *stmt, tree lhs, tree rhs, || get_no_uninit_warning (base)) return NULL_TREE; - /* Do not warn if the access is fully outside of the variable. */ + /* Do not warn if the access is zero size or if it's fully outside + the object. */ poly_int64 decl_size; + if (known_size_p (ref.size) + && known_eq (ref.max_size, ref.size) + && (known_eq (ref.size, 0) + || known_le (ref.offset + ref.size, 0))) + return NULL_TREE; + if (DECL_P (base) - && ((known_size_p (ref.size) - && known_eq (ref.max_size, ref.size) - && known_le (ref.offset + ref.size, 0)) - || (known_ge (ref.offset, 0) - && DECL_SIZE (base) - && poly_int_tree_p (DECL_SIZE (base), &decl_size) - && known_le (decl_size, ref.offset)))) + && known_ge (ref.offset, 0) + && DECL_SIZE (base) + && poly_int_tree_p (DECL_SIZE (base), &decl_size) + && known_le (decl_size, ref.offset)) return NULL_TREE; /* Do not warn if the result of the access is then used for diff --git a/gcc/testsuite/gcc.dg/uninit-pr101494.c b/gcc/testsuite/gcc.dg/uninit-pr101494.c new file mode 100644 index 00000000000..4fcb5f2dc79 --- /dev/null +++ b/gcc/testsuite/gcc.dg/uninit-pr101494.c @@ -0,0 +1,60 @@ +/* PR middle-end/101494 - bogus -Wmaybe-uninitialized on memrchr of size 0 + { dg-do compile } + { dg-options "-O2 -Wall" } */ + +typedef __SIZE_TYPE__ size_t; + +void* alloca (size_t); + +__attribute__ ((malloc, alloc_size (1))) void* alloc (size_t); + +__attribute__ ((access (read_only, 1, 2))) void* sink (void*, size_t); + +void test_alloca_zero (size_t i) +{ + char *p = alloca (0); + sink (p, 0); // { dg-bogus "\\\[-Wuninitialized" } +} + +void test_alloca_zero_p1 (size_t i) +{ + char *p = alloca (0); + sink (p + i, 0); +} + +void test_alloca_cst (void) +{ + char *p = alloca (7); + sink (p, 0); // { dg-bogus "\\\[-Wuninitialized" } +} + +void test_alloca_cst_p1 (void) +{ + char *p = alloca (7); + sink (p, 0); // { dg-bogus "\\\[-Wuninitialized" } +} + +void test_alloca_cst_p7 (void) +{ + char *p = alloca (7); + sink (p + 7, 0); // { dg-bogus "\\\[-Wuninitialized" } +} + +void test_alloca_var (size_t n) +{ + char *p = alloca (n); + sink (p, 0); // { dg-bogus "\\\[-Wuninitialized" } +} + +void test_alloca_var_p1 (size_t n) +{ + char *p = alloca (n); + sink (p + 1, 0); // { dg-bogus "\\\[-Wuninitialized" } +} + +void test_alloca_var_pn (size_t n) +{ + char *p = alloca (n); + sink (p + n, 0); // { dg-bogus "\\\[-Wuninitialized" } +} + --------------10C5B6212BFC8E8E7E5DE226--