From patchwork Mon Dec 5 13:55:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Biener X-Patchwork-Id: 61474 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 67FA238A815C for ; Mon, 5 Dec 2022 13:56:01 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 67FA238A815C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1670248561; bh=ChpHlCROqi3JxwGc1TxnRYL/V6YMhs0jfX3U2UvA4sA=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=XDGYYuX+Qs8RutWls1rfRmIgKACZ4S+ZEUjj3BA8ys5o3/1oCdFt+kpI7lRJkNc7Y CX/gzstbHeDmj3bq4692//g3jR8h4acKCsci2p7spO0p3plzjsJU/QYAGQ+uWTyG0n aP4qPiWtgW0WB+vfblLA6mD/oAY1b9TK2kTpD4Ck= X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from smtp-out2.suse.de (smtp-out2.suse.de [IPv6:2001:67c:2178:6::1d]) by sourceware.org (Postfix) with ESMTPS id F14AD38A8152 for ; Mon, 5 Dec 2022 13:55:32 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org F14AD38A8152 Received: from imap1.suse-dmz.suse.de (imap1.suse-dmz.suse.de [192.168.254.73]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id CCDCD206F4 for ; Mon, 5 Dec 2022 13:55:31 +0000 (UTC) Received: from imap1.suse-dmz.suse.de (imap1.suse-dmz.suse.de [192.168.254.73]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap1.suse-dmz.suse.de (Postfix) with ESMTPS id BBAC513326 for ; Mon, 5 Dec 2022 13:55:31 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap1.suse-dmz.suse.de with ESMTPSA id SOPFLFP4jWPAfgAAGKfGzw (envelope-from ) for ; Mon, 05 Dec 2022 13:55:31 +0000 Date: Mon, 5 Dec 2022 14:55:31 +0100 (CET) To: gcc-patches@gcc.gnu.org Subject: [PATCH] tree-optimization/106868 - bogus -Wdangling-pointer diagnostic MIME-Version: 1.0 Message-Id: <20221205135531.BBAC513326@imap1.suse-dmz.suse.de> X-Spam-Status: No, score=-11.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Richard Biener via Gcc-patches From: Richard Biener Reply-To: Richard Biener Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org Sender: "Gcc-patches" The testcase shows we mishandle the case where there's a pass-through of a pointer through a function like memcpy. The following adjusts handling of this copy case to require a taken address and adjust the PHI case similarly. Bootstrapped and tested on x86_64-unknown-linux-gnu, pushed. PR tree-optimization/106868 * gimple-ssa-warn-access.cc (pass_waccess::gimple_call_return_arg_ref): Inline into single user ... (pass_waccess::check_dangling_uses): ... here and adjust the call and the PHI case to require that ref.aref is the address of the decl. * gcc.dg/Wdangling-pointer-pr106868.c: New testcase. --- gcc/gimple-ssa-warn-access.cc | 52 ++++++------------- .../gcc.dg/Wdangling-pointer-pr106868.c | 14 +++++ 2 files changed, 30 insertions(+), 36 deletions(-) create mode 100644 gcc/testsuite/gcc.dg/Wdangling-pointer-pr106868.c diff --git a/gcc/gimple-ssa-warn-access.cc b/gcc/gimple-ssa-warn-access.cc index 59a70530600..854e47cf389 100644 --- a/gcc/gimple-ssa-warn-access.cc +++ b/gcc/gimple-ssa-warn-access.cc @@ -2127,7 +2127,6 @@ private: /* Return the argument that a call returns. */ tree gimple_call_return_arg (gcall *); - tree gimple_call_return_arg_ref (gcall *); /* Check a call for uses of a dangling pointer arguments. */ void check_call_dangling (gcall *); @@ -4460,24 +4459,6 @@ pass_waccess::gimple_call_return_arg (gcall *call) return gimple_call_arg (call, argno); } -/* Return the decl referenced by the argument that the call STMT to - a built-in function returns (including with an offset) or null if - it doesn't. */ - -tree -pass_waccess::gimple_call_return_arg_ref (gcall *call) -{ - if (tree arg = gimple_call_return_arg (call)) - { - access_ref aref; - if (m_ptr_qry.get_ref (arg, call, &aref, 0) - && DECL_P (aref.ref)) - return aref.ref; - } - - return NULL_TREE; -} - /* Check for and diagnose all uses of the dangling pointer VAR to the auto object DECL whose lifetime has ended. OBJREF is true when VAR denotes an access to a DECL that may have been clobbered. */ @@ -4646,11 +4627,10 @@ pass_waccess::check_dangling_uses () unsigned i; FOR_EACH_SSA_NAME (i, var, m_func) { - /* For each SSA_NAME pointer VAR find the DECL it points to. - If the DECL is a clobbered local variable, check to see + /* For each SSA_NAME pointer VAR find the object it points to. + If the object is a clobbered local variable, check to see if any of VAR's uses (or those of other pointers derived from VAR) happens after the clobber. If so, warn. */ - tree decl = NULL_TREE; gimple *def_stmt = SSA_NAME_DEF_STMT (var); if (is_gimple_assign (def_stmt)) @@ -4660,23 +4640,30 @@ pass_waccess::check_dangling_uses () { if (!POINTER_TYPE_P (TREE_TYPE (var))) continue; - decl = TREE_OPERAND (rhs, 0); + check_dangling_uses (var, TREE_OPERAND (rhs, 0)); } else { /* For other expressions, check the base DECL to see if it's been clobbered, most likely as a result of inlining a reference to it. */ - decl = get_base_address (rhs); + tree decl = get_base_address (rhs); if (DECL_P (decl)) check_dangling_uses (var, decl, false, true); - continue; } } else if (POINTER_TYPE_P (TREE_TYPE (var))) { if (gcall *call = dyn_cast(def_stmt)) - decl = gimple_call_return_arg_ref (call); + { + if (tree arg = gimple_call_return_arg (call)) + { + access_ref aref; + if (m_ptr_qry.get_ref (arg, call, &aref, 0) + && aref.deref < 0) + check_dangling_uses (var, aref.ref); + } + } else if (gphi *phi = dyn_cast (def_stmt)) { unsigned nargs = gimple_phi_num_args (phi); @@ -4684,19 +4671,12 @@ pass_waccess::check_dangling_uses () { access_ref aref; tree arg = gimple_phi_arg_def (phi, i); - if (!m_ptr_qry.get_ref (arg, phi, &aref, 0) - || (aref.deref == 0 - && POINTER_TYPE_P (TREE_TYPE (aref.ref)))) - continue; - check_dangling_uses (var, aref.ref, true); + if (m_ptr_qry.get_ref (arg, phi, &aref, 0) + && aref.deref < 0) + check_dangling_uses (var, aref.ref, true); } - continue; } - else - continue; } - - check_dangling_uses (var, decl); } } diff --git a/gcc/testsuite/gcc.dg/Wdangling-pointer-pr106868.c b/gcc/testsuite/gcc.dg/Wdangling-pointer-pr106868.c new file mode 100644 index 00000000000..f782a5e07a1 --- /dev/null +++ b/gcc/testsuite/gcc.dg/Wdangling-pointer-pr106868.c @@ -0,0 +1,14 @@ +/* { dg-do compile } */ +/* { dg-options "-O -Wdangling-pointer" } */ + +void alloc(void **p); +void false_dangling(char **p) +{ + { + void *q; + alloc(&q); + *p = q; + } + char *a = __builtin_memcpy(*p, "", 1); + *a = 0; /* { dg-bogus "dangling" } */ +}