From: Richard Biener <rguenther@suse.de>
To: Martin Sebor via Gcc-patches <gcc-patches@gcc.gnu.org>
Cc: Jakub Jelinek <jakub@redhat.com>, Jeff Law <jeffreyalaw@gmail.com>
Subject: Re: [PATCH] warn-access: Fix up check_pointer_uses [PR104715]
Date: Tue, 1 Mar 2022 21:03:38 +0100 [thread overview]
Message-ID: <F9B595C8-7B14-4E8A-9634-92B14EC07E46@suse.de> (raw)
In-Reply-To: <2f312e75-772b-e8b6-ecbe-01daff873526@gmail.com>
> Am 01.03.2022 um 20:08 schrieb Martin Sebor via Gcc-patches <gcc-patches@gcc.gnu.org>:
>
> On 3/1/22 11:41, Jakub Jelinek wrote:
>> Hi!
>> The following testcase emits bogus -Wdangling-pointer warnings.
>> The bug is that when it sees that ptr immediate use is a call that
>> returns one of its arguments, it will assume that the return value
>> is based on ptr, but that is the case only if ptr is passed to the
>> argument that is actually returned (so e.g. for memcpy the first argument,
>> etc.). When the builtins guarantee e.g. that the result is based on the
>> first argument (either ERF_RETURNS_ARG 0 in which case it will always
>> just returns the first argument as is, or when it is something like
>> strstr or strpbrk or mempcpy that it returns some pointer based on the
>> first argument), it means the result is not based on second or following
>> argument if any. The second hunk fixes this.
>> The first hunk just removes an unnecessary TREE_CODE check, the code only
>> pushes SSA_NAMEs into the pointers vector and if it didn't, it uses
>> FOR_EACH_IMM_USE_FAST (use_p, iter, ptr)
>> a few lines below this, which of course requires that ptr is a SSA_NAME.
>> Tree checking on SSA_NAME_VERSION will already ensure that if it wasn't
>> a SSA_NAME, we'd ICE.
>> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
Ok
Richard
> Thanks for the fix. It makes sense to me. Besides the test for
> the false positives I would suggest to add one to verify that using
> the first argument to a strstr() call is diagnosed if it's dangling
> (both as is, as well as with an offset from the first element).
> There are tests for memchr and strchr in the -Wdangling-pointer
> test suite but none for strstr.
>
> Martin
>
>> 2022-03-01 Jakub Jelinek <jakub@redhat.com>
>> PR tree-optimization/104715
>> * gimple-ssa-warn-access.cc (pass_waccess::check_pointer_uses): Don't
>> unnecessarily test if ptr is a SSA_NAME, it has to be. Only push lhs
>> of a call if gimple_call_return_arg is equal to ptr, not just when it
>> is non-NULL.
>> * c-c++-common/Wdangling-pointer-7.c: New test.
>> --- gcc/gimple-ssa-warn-access.cc.jj 2022-02-28 16:22:40.860520930 +0100
>> +++ gcc/gimple-ssa-warn-access.cc 2022-02-28 16:55:01.242272499 +0100
>> @@ -4169,8 +4169,7 @@ pass_waccess::check_pointer_uses (gimple
>> for (unsigned i = 0; i != pointers.length (); ++i)
>> {
>> tree ptr = pointers[i];
>> - if (TREE_CODE (ptr) == SSA_NAME
>> - && !bitmap_set_bit (visited, SSA_NAME_VERSION (ptr)))
>> + if (!bitmap_set_bit (visited, SSA_NAME_VERSION (ptr)))
>> /* Avoid revisiting the same pointer. */
>> continue;
>> @@ -4267,7 +4266,7 @@ pass_waccess::check_pointer_uses (gimple
>> if (gcall *call = dyn_cast <gcall *>(use_stmt))
>> {
>> - if (gimple_call_return_arg (call))
>> + if (gimple_call_return_arg (call) == ptr)
>> if (tree lhs = gimple_call_lhs (call))
>> if (TREE_CODE (lhs) == SSA_NAME)
>> pointers.safe_push (lhs);
>> --- gcc/testsuite/c-c++-common/Wdangling-pointer-7.c.jj 2022-02-28 17:09:09.906355082 +0100
>> +++ gcc/testsuite/c-c++-common/Wdangling-pointer-7.c 2022-02-28 17:03:50.533839892 +0100
>> @@ -0,0 +1,36 @@
>> +/* PR tree-optimization/104715 */
>> +/* { dg-do compile } */
>> +/* { dg-options "-Wdangling-pointer" } */
>> +
>> +char *
>> +foo (char *p)
>> +{
>> + {
>> + char q[61] = "012345678901234567890123456789012345678901234567890123456789";
>> + char *r = q;
>> + p = __builtin_strcat (p, r);
>> + }
>> + return p; /* { dg-bogus "using dangling pointer" } */
>> +}
>> +
>> +char *
>> +bar (char *p)
>> +{
>> + {
>> + char q[] = "0123456789";
>> + char *r = q;
>> + p = __builtin_strstr (p, r);
>> + }
>> + return p; /* { dg-bogus "using dangling pointer" } */
>> +}
>> +
>> +char *
>> +baz (char *p)
>> +{
>> + {
>> + char q[] = "0123456789";
>> + char *r = q;
>> + p = __builtin_strpbrk (p, r);
>> + }
>> + return p; /* { dg-bogus "using dangling pointer" } */
>> +}
>> Jakub
>
next prev parent reply other threads:[~2022-03-01 20:03 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-01 18:41 Jakub Jelinek
2022-03-01 19:07 ` Martin Sebor
2022-03-01 20:03 ` Richard Biener [this message]
2022-03-02 10:12 ` Jakub Jelinek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=F9B595C8-7B14-4E8A-9634-92B14EC07E46@suse.de \
--to=rguenther@suse.de \
--cc=gcc-patches@gcc.gnu.org \
--cc=jakub@redhat.com \
--cc=jeffreyalaw@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).