https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109783
Bug ID: 109783
Summary: missing warning (due to a wrong suppression) when
va_end is not in the same function
Product: gcc
Version: 14.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: arsen at gcc dot gnu.org
Target Milestone: ---
in the following code (with -fanalyzer -O3 -Wall -Wextra):
#include <stdarg.h>
[[gnu::noinline]]
void
f (va_list x)
{
va_end (x);
}
void
F (int x, ...)
{
va_list ap;
va_start (ap, x);
f (ap);
}
the usage of va_end inside f () is not sufficient to make the va_list usage
correct, because "Each invocation of the va_start and va_copy macros shall be
matched by a corresponding invocation of the va_end macro in the same
function." (C17 7.16.1.p1), but it successfully suppresses -fanalyzer.
removing the va_end correctly warns.
IMO, this should produce two distinct diagnostics:
1) unterminated (in the same function) va_list, for F, and
2) terminating a va_list in the wrong function, for f
presumably, the non-analyzer diagnostics have the same problem, but I spotted
this when someone proposed adding va_end in the wrong function to suppress a
-fanalyzer warning, so I'm filing that
