https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108988
Bug ID: 108988 Summary: gimple_fold_builtin_fputs doesn't preserve gimple_builtin_call_types_compatible_p Product: gcc Version: 13.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: middle-end Assignee: unassigned at gcc dot gnu.org Reporter: dmalcolm at gcc dot gnu.org Target Milestone: --- Whilst working on PR analyzer/107565, I noticed that in this function: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ typedef struct FILE FILE; FILE* fopen (const char*, const char*); int fprintf (FILE *, const char *, ...); #define NULL ((void *)0) void test_2 (void) { int i; for (i = 0; i < 2; ++i) { FILE *fp = fopen ("/tmp/test", "w"); fprintf (fp, "hello"); } } // should report a leak here ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ the fprintf (fp, "hello"); is optimized to: __builtin_fwrite ("hello", 1, 5, fp); but this call has: (gdb) p gimple_builtin_call_types_compatible_p (repl, gimple_call_fndecl (repl)) $23 = false Specifically, the fprintf is optimized to: __builtin_fputs ("hello", fp); Within gimple_fold_builtin_fprintf this has: (gdb) call debug(stmt) __builtin_fputs ("hello", fp); (gdb) p gimple_builtin_call_types_compatible_p (stmt, gimple_call_fndecl (stmt)) $19 = true which is optimized to: (gdb) call debug(repl) __builtin_fwrite ("hello", 1, 5, fp); (gdb) p gimple_builtin_call_types_compatible_p (repl, gimple_call_fndecl (repl)) $23 = false Note how the resulting call has "false" for gimple_builtin_call_types_compatible_p; this is due to argument idx 2 (the 5): (gdb) p i $13 = 2 (gdb) p arg $14 = <integer_cst 0x7fffea7f9ba0> (gdb) call debug_tree(arg) <integer_cst 0x7fffea7f9ba0 type <integer_type 0x7fffea663150 ssizetype> constant 5> In the analyzer I'm checking that gimple_builtin_call_types_compatible_p is true when handling a builtin that it "knows" how to handle, otherwise the analyzer falls back to assuming that the call could have arbitrary side-effects (e.g. fclose-ing the file, hence it stops reporting the leak). Is this a bug in gimple_fold_builtin_fprintf?