On 7/22/2021 4:27 PM, Martin Sebor via Gcc-patches wrote:
Passing a pointer to a built-in function escapes it, which in
turn causes objects pointed to by other potentially aliased
pointers to be assumed to be modified by other built-in calls.
This leads to a class of false negative -Wuninitialized
warnings that can be avoided by the warning code and without
making changes to the aliasing machinery.
In addition, GCC conservatively assumes that an object whose
address is passed as an argument to any directive in a printf
call is modified by the call. This is necessary if the directive
isn't known because it could be %n, but in such a case it's
reasonable to assume the pointed-to type wouldn't be const-
qualified. This assumption makes it easy to detect a class
of uninitialized reads that are not detected today.
The attached patch implements both assumptions: i.e., that a call
to a built-in function declared to take only const pointer
arguments, or to a variadic function with only const pointers
as arguments, doesn't modify any objects.
The change detects certain uninitialized accesses slightly earlier
which causes uninit-38.c failures. As the comment in the test
explains, that's expected. I've simply removed the failed tests
and left the rest. They exercise the same functionality (MEM_REF
formatting).
Tested on x86_64-linux.
Martin
gcc-101584.diff
PR tree-optimization/101584 - missing -Wuninitialized with an allocated object
after a built-in call
gcc/ChangeLog:
PR tree-optimization/101584
* tree-ssa-uninit.c (builtin_call_nomodifying_p): New function.
(check_defs): Call it.
gcc/testsuite/ChangeLog:
PR tree-optimization/101584
* gcc.dg/uninit-38.c: Remove assertions.
* gcc.dg/uninit-41.c: New test.
OK
jeff
