https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88058
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |diagnostic
Status|UNCONFIRMED |NEW
Last reconfirmed| |2018-11-16
Ever confirmed|0 |1
Severity|normal |enhancement
--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed. There's nothing that can easily help - points-to analysis is
closest. With it's help and the clobber present one could warn, but I fear
the false positive rate would be quite high. Note that g() may not actually
touch *p2. Note the path n>=0 may never be taken at runtime.
This may be something to sanitize instead?
f (int n, char * p1)
{
int n_5(D) = n;
# PT = nonlocal null
char * p1_3(D) = p1;
char buf[10];
char * p2;
<bb 2> :
if (n_5(D) >= 0)
goto <bb 3>; [INV]
else
goto <bb 4>; [INV]
<bb 3> :
buf ={v} {CLOBBER};
<bb 4> :
# PT = nonlocal null { D.1967 } (escaped)
# p2_1 = PHI <p1_3(D)(2), &buf(3)>
# USE = nonlocal { D.1967 } (escaped)
# CLB = nonlocal { D.1967 } (escaped)
g (p2_1);
