From patchwork Wed Apr  6 14:25:27 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jason Merrill <jason@redhat.com>
X-Patchwork-Id: 1613979
Return-Path: <gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: bilbo.ozlabs.org;
	dkim=pass (1024-bit key;
 unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.a=rsa-sha256
 header.s=default header.b=fWiIbBoe;
	dkim-atps=neutral
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=gcc.gnu.org
 (client-ip=8.43.85.97; helo=sourceware.org;
 envelope-from=gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org;
 receiver=<UNKNOWN>)
Received: from sourceware.org (server2.sourceware.org [8.43.85.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by bilbo.ozlabs.org (Postfix) with ESMTPS id 4KYRdT1d50z9sFq
	for <incoming@patchwork.ozlabs.org>; Thu,  7 Apr 2022 00:26:02 +1000 (AEST)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id CDC59384387A
	for <incoming@patchwork.ozlabs.org>; Wed,  6 Apr 2022 14:26:00 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org CDC59384387A
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1649255160;
	bh=9txu7+S1Jcb4EQ+DO4Fezt3lfVP1fzLWFK2FKVzE3tc=;
	h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post:
	 List-Help:List-Subscribe:From:Reply-To:Cc:From;
	b=fWiIbBoen3PZ0yaQ63YaEqgJ92FP9eUJZokKxIFyg4DWk7JXK5wnBFinNpNkwPIFp
	 6pkX2ut4eydMkh+v90A+cP0pmM8gpcy32ZR8WxO/VwdInmmJQTCB8ikkGSzc6Wa0ac
	 3DlXVu3ak58DyxLml8n9eN4ILuxZS9EiXheRVThY=
X-Original-To: gcc-patches@gcc.gnu.org
Delivered-To: gcc-patches@gcc.gnu.org
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
 by sourceware.org (Postfix) with ESMTPS id 1E54C3857815
 for <gcc-patches@gcc.gnu.org>; Wed,  6 Apr 2022 14:25:36 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 1E54C3857815
Received: from mail-qt1-f200.google.com (mail-qt1-f200.google.com
 [209.85.160.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-277-X1dsIVC4P-yichEk611mGg-1; Wed, 06 Apr 2022 10:25:32 -0400
X-MC-Unique: X1dsIVC4P-yichEk611mGg-1
Received: by mail-qt1-f200.google.com with SMTP id
 l19-20020a05622a175300b002e1a85b5b52so2911387qtk.21
 for <gcc-patches@gcc.gnu.org>; Wed, 06 Apr 2022 07:25:32 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=9txu7+S1Jcb4EQ+DO4Fezt3lfVP1fzLWFK2FKVzE3tc=;
 b=JkEQr5wmM/Ssl4z+BpQrjxRU2vsMtWSANlesAwBi4qpEolWb1tWoUfYYbNQnV7WeV1
 dL6uCge1I54JxWeibj8ktnTI239g8uTAK3dWKWJo7oG5n8e9i5m7bPdmBOAptXU2Qucv
 huaLwHPG8qe5n+A1CXExhiNqDDgZ9jD2iHtS8bDiRaGgnX0NcHjJcrLFeew8xsne98yN
 Uc5SrR9TVWnRf6lrxtk0gooIUoQQZKz7BfPhvPJGaZ/eiBV+UFO2lohSWAXaRi7ZLMPd
 iaFUk5Gh9Nf2sSuvyF1f/8FswuewKkg/+8IsEIeEA/ZKzie4kvh6QoNaAWMIEkV9Th0t
 VGXQ==
X-Gm-Message-State: AOAM5338GF2xkuZqQ0T7MpeWzUzIc9l8V0taMwmTmkcy30l5mH8GtCRF
 P/UYDE7ByMndYn5uvxWtV2CTmIiQidaMaPA+poZplsijxGpk+NhKzwLJVvn9pYKcfTdhe4l5nLn
 KCBR2FGKFEXjYxNgC6lugZtULU0URCn+/ErzFWAWC20mfvYqfyQUCSkDF4YkUEXHbGg==
X-Received: by 2002:a0c:f583:0:b0:443:d114:e059 with SMTP id
 k3-20020a0cf583000000b00443d114e059mr7665705qvm.107.1649255131401;
 Wed, 06 Apr 2022 07:25:31 -0700 (PDT)
X-Google-Smtp-Source: 
 ABdhPJwIy12Lyb+A3fGLInNsglBX5mtrVJtnMKicEkg20Vu5RabKNuU2PTVoExe6ORs/hcb1q85hFg==
X-Received: by 2002:a0c:f583:0:b0:443:d114:e059 with SMTP id
 k3-20020a0cf583000000b00443d114e059mr7665670qvm.107.1649255130965;
 Wed, 06 Apr 2022 07:25:30 -0700 (PDT)
Received: from barrymore.redhat.com
 (130-44-159-43.s15913.c3-0.arl-cbr1.sbo-arl.ma.cable.rcncustomer.com.
 [130.44.159.43]) by smtp.gmail.com with ESMTPSA id
 e20-20020ac84e54000000b002e06753cf70sm15337048qtw.6.2022.04.06.07.25.29
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 06 Apr 2022 07:25:30 -0700 (PDT)
To: gcc-patches@gcc.gnu.org
Subject: [PATCH RFA(pointer-query)] c++: -Wplacement-new and anon union member
 [PR100370]
Date: Wed,  6 Apr 2022 10:25:27 -0400
Message-Id: <20220406142527.2257191-1-jason@redhat.com>
X-Mailer: git-send-email 2.27.0
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
X-Spam-Status: No, score=-13.0 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH,
 DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0,
 RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,
 SPF_NONE, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: gcc-patches@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe>
X-Patchwork-Original-From: Jason Merrill via Gcc-patches
 <gcc-patches@gcc.gnu.org>
From: Jason Merrill <jason@redhat.com>
Reply-To: Jason Merrill <jason@redhat.com>
Cc: Martin Sebor <msebor@redhat.com>
Errors-To: gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org
Sender: "Gcc-patches"
 <gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org>

This bug was an object/value confusion; we are interested in the size
of *b.ip, but instead the code was calculating the size of b.ip itself.

This seems to be because compute_objsize will compute the size of whatever
object it can find in the argument: if you pass it a VAR_DECL, it gives you
the size of that variable.  If you pass it an ADDR_EXPR of a VAR_DECL, it
again gives you the size of the variable.  The way you can tell the
difference is by looking at the deref member of access_ref: if it's -1, the
argument is a pointer to the object.  Since that's what we're interested in,
we should check for that, like check_dangling_stores does.

This regressed some tests because compute_objsize_r was wrongly zeroing
deref in the POINTER_PLUS_EXPR handling; adding an offset to a pointer
doesn't change whether the pointer is itself a variable or a pointer to
one.  In fact, handling POINTER_PLUS_EXPR only really makes sense for deref
== -1, where we're adjusting a pointer to the variable.

Tested x86_64-pc-linux-gnu, OK for trunk?

	PR c++/100370

gcc/cp/ChangeLog:

	* init.cc (warn_placement_new_too_small): Check deref.

gcc/ChangeLog:

	* pointer-query.cc (compute_objsize_r) [POINTER_PLUS_EXPR]: Require
	deref == -1.

gcc/testsuite/ChangeLog:

	* g++.dg/warn/Wplacement-new-size-11.C: New test.
---
 gcc/cp/init.cc                                    |  5 +++++
 gcc/pointer-query.cc                              |  7 ++++---
 .../g++.dg/warn/Wplacement-new-size-11.C          | 15 +++++++++++++++
 3 files changed, 24 insertions(+), 3 deletions(-)
 create mode 100644 gcc/testsuite/g++.dg/warn/Wplacement-new-size-11.C


base-commit: 44fe49401725055a740ce47e80561b6932b8cd01

diff --git a/gcc/cp/init.cc b/gcc/cp/init.cc
index 01e762320f3..43097121244 100644
--- a/gcc/cp/init.cc
+++ b/gcc/cp/init.cc
@@ -2811,6 +2811,11 @@ warn_placement_new_too_small (tree type, tree nelts, tree size, tree oper)
   if (!objsize)
     return;
 
+  /* We can only draw conclusions if ref.deref == -1,
+     i.e. oper is the address of the object.  */
+  if (ref.deref != -1)
+    return;
+
   offset_int bytes_avail = wi::to_offset (objsize);
   offset_int bytes_need;
 
diff --git a/gcc/pointer-query.cc b/gcc/pointer-query.cc
index 4390535ef56..d93657f3206 100644
--- a/gcc/pointer-query.cc
+++ b/gcc/pointer-query.cc
@@ -2299,9 +2299,10 @@ compute_objsize_r (tree ptr, gimple *stmt, bool addr, int ostype,
       if (!compute_objsize_r (ref, stmt, addr, ostype, pref, snlim, qry))
 	return false;
 
-      /* Clear DEREF since the offset is being applied to the target
-	 of the dereference.  */
-      pref->deref = 0;
+      /* The below only makes sense if the offset is being applied to the
+	 address of the object.  */
+      if (pref->deref != -1)
+	return false;
 
       offset_int orng[2];
       tree off = pref->eval (TREE_OPERAND (ptr, 1));
diff --git a/gcc/testsuite/g++.dg/warn/Wplacement-new-size-11.C b/gcc/testsuite/g++.dg/warn/Wplacement-new-size-11.C
new file mode 100644
index 00000000000..a6fe82e90ae
--- /dev/null
+++ b/gcc/testsuite/g++.dg/warn/Wplacement-new-size-11.C
@@ -0,0 +1,15 @@
+// PR c++/100370
+// { dg-do compile { target c++11 } }
+
+using size_t = decltype(sizeof(1));
+inline void *operator new (size_t s, void *p) { return p; }
+
+int main()
+{
+  struct s1 { int iv[4]; };
+  struct s2 { union { char* cp; int* ip; }; };
+
+  s2 b;
+  b.ip=new int[8];
+  new (b.ip+4) s1;		// { dg-bogus "-Wplacement-new" }
+}