diff options
| author | Martin Sebor <msebor@redhat.com> | 2022-01-15 16:37:54 -0700 |
|---|---|---|
| committer | Martin Sebor <msebor@redhat.com> | 2022-01-15 16:45:24 -0700 |
| commit | 671a283636de75f7ed638ee6b01ed2d44361b8b6 (patch) | |
| tree | fc2477d20340a1f678cb650cd8485127dddb1615 /gcc/doc | |
| parent | 29401b7b4581e9131e7057e263dcea8b40a6b5ab (diff) | |
| download | gcc-671a283636de75f7ed638ee6b01ed2d44361b8b6.zip gcc-671a283636de75f7ed638ee6b01ed2d44361b8b6.tar.gz gcc-671a283636de75f7ed638ee6b01ed2d44361b8b6.tar.bz2 | |
Add -Wuse-after-free [PR80532].
gcc/c-family/ChangeLog
PR tree-optimization/80532
* c.opt (-Wuse-after-free): New options.
gcc/ChangeLog:
PR tree-optimization/80532
* common.opt (-Wuse-after-free): New options.
* diagnostic-spec.c (nowarn_spec_t::nowarn_spec_t): Handle
OPT_Wreturn_local_addr and OPT_Wuse_after_free_.
* diagnostic-spec.h (NW_DANGLING): New enumerator.
* doc/invoke.texi (-Wuse-after-free): Document new option.
* gimple-ssa-warn-access.cc (pass_waccess::check_call): Rename...
(pass_waccess::check_call_access): ...to this.
(pass_waccess::check): Rename...
(pass_waccess::check_block): ...to this.
(pass_waccess::check_pointer_uses): New function.
(pass_waccess::gimple_call_return_arg): New function.
(pass_waccess::warn_invalid_pointer): New function.
(pass_waccess::check_builtin): Handle free and realloc.
(gimple_use_after_inval_p): New function.
(get_realloc_lhs): New function.
(maybe_warn_mismatched_realloc): New function.
(pointers_related_p): New function.
(pass_waccess::check_call): Call check_pointer_uses.
(pass_waccess::execute): Compute and free dominance info.
libcpp/ChangeLog:
* files.c (_cpp_find_file): Substitute a valid pointer for
an invalid one to avoid -Wuse-after-free.
libiberty/ChangeLog:
* regex.c: Suppress -Wuse-after-free.
gcc/testsuite/ChangeLog:
PR tree-optimization/80532
* gcc.dg/Wmismatched-dealloc-2.c: Avoid -Wuse-after-free.
* gcc.dg/Wmismatched-dealloc-3.c: Same.
* gcc.dg/analyzer/file-1.c: Prune expected warning.
* gcc.dg/analyzer/file-2.c: Same.
* gcc.dg/attr-alloc_size-6.c: Disable -Wuse-after-free.
* gcc.dg/attr-alloc_size-7.c: Same.
* c-c++-common/Wuse-after-free-2.c: New test.
* c-c++-common/Wuse-after-free-3.c: New test.
* c-c++-common/Wuse-after-free-4.c: New test.
* c-c++-common/Wuse-after-free-5.c: New test.
* c-c++-common/Wuse-after-free-6.c: New test.
* c-c++-common/Wuse-after-free-7.c: New test.
* c-c++-common/Wuse-after-free.c: New test.
* g++.dg/warn/Wmismatched-dealloc-3.C: New test.
* g++.dg/warn/Wuse-after-free.C: New test.
Diffstat (limited to 'gcc/doc')
| -rw-r--r-- | gcc/doc/invoke.texi | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index 5504971..121c8ea 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -4383,6 +4383,65 @@ annotations. Warn about overriding virtual functions that are not marked with the @code{override} keyword. +@item -Wuse-after-free +@itemx -Wuse-after-free=@var{n} +@opindex Wuse-after-free +@opindex Wno-use-after-free +Warn about uses of pointers to dynamically allocated objects that have +been rendered indeterminate by a call to a deallocation function. + +@table @gcctabopt +@item -Wuse-after-free=1 +At level 1 the warning attempts to diagnose only unconditional uses +of pointers made indeterminate by a deallocation call or a successful +call to @code{realloc}, regardless of whether or not the call resulted +in an actual reallocatio of memory. This includes double-@code{free} +calls as well as uses in arithmetic and relational expressions. Although +undefined, uses of indeterminate pointers in equality (or inequality) +expressions are not diagnosed at this level. +@item -Wuse-after-free=2 +At level 2, in addition to unconditional uses, the warning also diagnoses +conditional uses of pointers made indeterminate by a deallocation call. +As at level 2, uses in equality (or inequality) expressions are not +diagnosed. For example, the second call to @code{free} in the following +function is diagnosed at this level: +@smallexample +struct A @{ int refcount; void *data; @}; + +void release (struct A *p) +@{ + int refcount = --p->refcount; + free (p); + if (refcount == 0) + free (p->data); // warning: p may be used after free +@} +@end smallexample +@item -Wuse-after-free=3 +At level 3, the warning also diagnoses uses of indeterminate pointers in +equality expressions. All uses of indeterminate pointers are undefined +but equality tests sometimes appear after calls to @code{realloc} as +an attempt to determine whether the call resulted in relocating the object +to a different address. They are diagnosed at a separate level to aid +legacy code gradually transition to safe alternatives. For example, +the equality test in the function below is diagnosed at this level: +@smallexample +void adjust_pointers (int**, int); + +void grow (int **p, int n) +@{ + int **q = (int**)realloc (p, n *= 2); + if (q == p) + return; + adjust_pointers ((int**)q, n); +@} +@end smallexample +To avoid the warning at this level, store offsets into allocated memory +instead of pointers. This approach obviates needing to adjust the stored +pointers after reallocation. +@end table + +@option{-Wuse-after-free=2} is included in @option{-Wall}. + @item -Wuseless-cast @r{(C++ and Objective-C++ only)} @opindex Wuseless-cast @opindex Wno-useless-cast @@ -5703,6 +5762,7 @@ Options} and @ref{Objective-C and Objective-C++ Dialect Options}. -Wunused-label @gol -Wunused-value @gol -Wunused-variable @gol +-Wuse-after-free=3 @gol -Wvla-parameter @r{(C and Objective-C only)} @gol -Wvolatile-register-var @gol -Wzero-length-bounds} |