https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106427
Bug ID: 106427
Summary: -Wuse-after-free=3 false alarm about int (not pointer)
variable
Product: gcc
Version: 12.1.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: middle-end
Assignee: unassigned at gcc dot gnu.org
Reporter: eggert at cs dot ucla.edu
Target Milestone: ---
Created attachment 53341
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=53341&action=edit
Compile with '-O2 -S -Wuse-after-free=3' to demonstrate the bug
I ran into this problem when building GNU Tar. Compile the attached program u.i
with "gcc -O2 -S -Wuse-after-free=3 u.i", using GCC 12.1.1 20220507 (Red Hat
12.1.1-1) on x86-64. The output (shown below) is a false alarm, because the
variable 'stop' is of type 'int', and is not a pointer. Apparently GCC is
confused by the assignment statement 'stop = p == end;' and thinks that
accessing 'stop' later implies accessing a freed pointer.
u.i: In function ‘coalesce_segment’:
u.i:6486:18: warning: pointer ‘p’ used after ‘free’ [-Wuse-after-free]
6486 | for (stop = 0; !stop;)
| ^~~~~
In function ‘wsnode_free’,
inlined from ‘coalesce_segment’ at u.i:6499:4:
u.i:6316:3: note: call to ‘free’ here
6316 | free (p);
| ^~~~~~~~
