search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
compiler: only build thunk struct type when it is needed
[official-gcc.git] / gcc / tree-ssa-uninit.cc
blobbf2e50511af150b26ad6e09510868725b2a7e444
1 /* Predicate aware uninitialized variable warning.
2 Copyright (C) 2001-2022 Free Software Foundation, Inc.
3 Contributed by Xinliang David Li <davidxl@google.com>
4
5 This file is part of GCC.
6
7 GCC is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3, or (at your option)
10 any later version.
11
12 GCC is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with GCC; see the file COPYING3. If not see
19 <http://www.gnu.org/licenses/>. */
20
21 #define INCLUDE_STRING
22 #include "config.h"
23 #include "system.h"
24 #include "coretypes.h"
25 #include "backend.h"
26 #include "tree.h"
27 #include "gimple.h"
28 #include "tree-pass.h"
29 #include "ssa.h"
30 #include "gimple-pretty-print.h"
31 #include "diagnostic-core.h"
32 #include "fold-const.h"
33 #include "gimple-iterator.h"
34 #include "tree-ssa.h"
35 #include "tree-cfg.h"
36 #include "cfghooks.h"
37 #include "attribs.h"
38 #include "builtins.h"
39 #include "calls.h"
40 #include "gimple-range.h"
41 #include "gimple-predicate-analysis.h"
42 #include "domwalk.h"
43 #include "tree-ssa-sccvn.h"
44 #include "cfganal.h"
45
46 /* This implements the pass that does predicate aware warning on uses of
47 possibly uninitialized variables. The pass first collects the set of
48 possibly uninitialized SSA names. For each such name, it walks through
49 all its immediate uses. For each immediate use, it rebuilds the condition
50 expression (the predicate) that guards the use. The predicate is then
51 examined to see if the variable is always defined under that same condition.
52 This is done either by pruning the unrealizable paths that lead to the
53 default definitions or by checking if the predicate set that guards the
54 defining paths is a superset of the use predicate. */
55
56 /* Pointer set of potentially undefined ssa names, i.e.,
57 ssa names that are defined by phi with operands that
58 are not defined or potentially undefined. */
59 static hash_set<tree> *possibly_undefined_names;
60 static hash_map<gphi *, uninit_analysis::func_t::phi_arg_set_t> *defined_args;
61
62 /* Returns the first bit position (starting from LSB)
63 in mask that is non zero. Returns -1 if the mask is empty. */
64 static int
65 get_mask_first_set_bit (unsigned mask)
66 {
67 int pos = 0;
68 if (mask == 0)
69 return -1;
70
71 while ((mask & (1 << pos)) == 0)
72 pos++;
73
74 return pos;
75 }
76 #define MASK_FIRST_SET_BIT(mask) get_mask_first_set_bit (mask)
77
78 /* Return true if T, an SSA_NAME, has an undefined value. */
79 static bool
80 has_undefined_value_p (tree t)
81 {
82 return (ssa_undefined_value_p (t)
83 || (possibly_undefined_names
84 && possibly_undefined_names->contains (t)));
85 }
86
87 /* Return true if EXPR should suppress either uninitialized warning. */
88
89 static inline bool
90 get_no_uninit_warning (tree expr)
91 {
92 return warning_suppressed_p (expr, OPT_Wuninitialized);
93 }
94
95 /* Suppress both uninitialized warnings for EXPR. */
96
97 static inline void
98 set_no_uninit_warning (tree expr)
99 {
100 suppress_warning (expr, OPT_Wuninitialized);
101 }
102
103 /* Like has_undefined_value_p, but don't return true if the no-warning
104 bit is set on SSA_NAME_VAR for either uninit warning. */
105
106 static inline bool
107 uninit_undefined_value_p (tree t)
108 {
109 if (!has_undefined_value_p (t))
110 return false;
111 if (!SSA_NAME_VAR (t))
112 return true;
113 return !get_no_uninit_warning (SSA_NAME_VAR (t));
114 }
115
116 /* Emit warnings for uninitialized variables. This is done in two passes.
117
118 The first pass notices real uses of SSA names with undefined values.
119 Such uses are unconditionally uninitialized, and we can be certain that
120 such a use is a mistake. This pass is run before most optimizations,
121 so that we catch as many as we can.
122
123 The second pass follows PHI nodes to find uses that are potentially
124 uninitialized. In this case we can't necessarily prove that the use
125 is really uninitialized. This pass is run after most optimizations,
126 so that we thread as many jumps and possible, and delete as much dead
127 code as possible, in order to reduce false positives. We also look
128 again for plain uninitialized variables, since optimization may have
129 changed conditionally uninitialized to unconditionally uninitialized. */
130
131 /* Emit warning OPT for variable VAR at the point in the program where
132 the SSA_NAME T is being used uninitialized. The warning text is in
133 MSGID and STMT is the statement that does the uninitialized read.
134 PHI_ARG_LOC is the location of the PHI argument if T and VAR are one,
135 or UNKNOWN_LOCATION otherwise. */
136
137 static void
138 warn_uninit (opt_code opt, tree t, tree var, gimple *context,
139 location_t phi_arg_loc = UNKNOWN_LOCATION)
140 {
141 /* Bail if the value isn't provably uninitialized. */
142 if (!has_undefined_value_p (t))
143 return;
144
145 /* Ignore COMPLEX_EXPR as initializing only a part of a complex
146 turns in a COMPLEX_EXPR with the not initialized part being
147 set to its previous (undefined) value. */
148 if (is_gimple_assign (context)
149 && gimple_assign_rhs_code (context) == COMPLEX_EXPR)
150 return;
151
152 /* Ignore REALPART_EXPR or IMAGPART_EXPR if its operand is a call to
153 .DEFERRED_INIT. This is for handling the following case correctly:
154
155 1 typedef _Complex float C;
156 2 C foo (int cond)
157 3 {
158 4 C f;
159 5 __imag__ f = 0;
160 6 if (cond)
161 7 {
162 8 __real__ f = 1;
163 9 return f;
164 10 }
165 11 return f;
166 12 }
167
168 with -ftrivial-auto-var-init, compiler will insert the following
169 artificial initialization at line 4:
170 f = .DEFERRED_INIT (f, 2);
171 _1 = REALPART_EXPR <f>;
172
173 without the following special handling, _1 = REALPART_EXPR <f> will
174 be treated as the uninitialized use point, which is incorrect. (the
175 real uninitialized use point is at line 11). */
176 if (is_gimple_assign (context)
177 && (gimple_assign_rhs_code (context) == REALPART_EXPR
178 || gimple_assign_rhs_code (context) == IMAGPART_EXPR))
179 {
180 tree v = gimple_assign_rhs1 (context);
181 if (TREE_CODE (TREE_OPERAND (v, 0)) == SSA_NAME
182 && gimple_call_internal_p (SSA_NAME_DEF_STMT (TREE_OPERAND (v, 0)),
183 IFN_DEFERRED_INIT))
184 return;
185 }
186
187 /* Anonymous SSA_NAMEs shouldn't be uninitialized, but ssa_undefined_value_p
188 can return true if the def stmt of an anonymous SSA_NAME is
189 1. A COMPLEX_EXPR created for conversion from scalar to complex. Use the
190 underlying var of the COMPLEX_EXPRs real part in that case. See PR71581.
191
192 Or
193
194 2. A call to .DEFERRED_INIT internal function. Since the original variable
195 has been eliminated by optimziation, we need to get the variable name,
196 and variable declaration location from this call. We recorded variable
197 name into VAR_NAME_STR, and will get location info and record warning
198 suppressed info to VAR_DEF_STMT, which is the .DEFERRED_INIT call. */
199
200 const char *var_name_str = NULL;
201 gimple *var_def_stmt = NULL;
202
203 if (!var && !SSA_NAME_VAR (t))
204 {
205 var_def_stmt = SSA_NAME_DEF_STMT (t);
206
207 if (is_gimple_assign (var_def_stmt)
208 && gimple_assign_rhs_code (var_def_stmt) == COMPLEX_EXPR)
209 {
210 tree v = gimple_assign_rhs1 (var_def_stmt);
211 if (TREE_CODE (v) == SSA_NAME
212 && has_undefined_value_p (v)
213 && zerop (gimple_assign_rhs2 (var_def_stmt)))
214 var = SSA_NAME_VAR (v);
215 }
216
217 if (gimple_call_internal_p (var_def_stmt, IFN_DEFERRED_INIT))
218 {
219 /* Ignore the call to .DEFERRED_INIT that define the original
220 var itself as the following case:
221 temp = .DEFERRED_INIT (4, 2, “alt_reloc");
222 alt_reloc = temp;
223 In order to avoid generating warning for the fake usage
224 at alt_reloc = temp.
225 */
226 tree lhs_var = NULL_TREE;
227 tree lhs_var_name = NULL_TREE;
228 const char *lhs_var_name_str = NULL;
229
230 /* Get the variable name from the 3rd argument of call. */
231 tree var_name = gimple_call_arg (var_def_stmt, 2);
232 var_name = TREE_OPERAND (TREE_OPERAND (var_name, 0), 0);
233 var_name_str = TREE_STRING_POINTER (var_name);
234
235 if (is_gimple_assign (context))
236 {
237 if (TREE_CODE (gimple_assign_lhs (context)) == VAR_DECL)
238 lhs_var = gimple_assign_lhs (context);
239 else if (TREE_CODE (gimple_assign_lhs (context)) == SSA_NAME)
240 lhs_var = SSA_NAME_VAR (gimple_assign_lhs (context));
241 }
242 if (lhs_var
243 && (lhs_var_name = DECL_NAME (lhs_var))
244 && (lhs_var_name_str = IDENTIFIER_POINTER (lhs_var_name))
245 && (strcmp (lhs_var_name_str, var_name_str) == 0))
246 return;
247 gcc_assert (var_name_str && var_def_stmt);
248 }
249 }
250
251 if (var == NULL_TREE && var_name_str == NULL)
252 return;
253
254 /* Avoid warning if we've already done so or if the warning has been
255 suppressed. */
256 if (((warning_suppressed_p (context, OPT_Wuninitialized)
257 || (gimple_assign_single_p (context)
258 && get_no_uninit_warning (gimple_assign_rhs1 (context)))))
259 || (var && get_no_uninit_warning (var))
260 || (var_name_str
261 && warning_suppressed_p (var_def_stmt, OPT_Wuninitialized)))
262 return;
263
264 /* Use either the location of the read statement or that of the PHI
265 argument, or that of the uninitialized variable, in that order,
266 whichever is valid. */
267 location_t location = UNKNOWN_LOCATION;
268 if (gimple_has_location (context))
269 location = gimple_location (context);
270 else if (phi_arg_loc != UNKNOWN_LOCATION)
271 location = phi_arg_loc;
272 else if (var)
273 location = DECL_SOURCE_LOCATION (var);
274 else if (var_name_str)
275 location = gimple_location (var_def_stmt);
276
277 auto_diagnostic_group d;
278 gcc_assert (opt == OPT_Wuninitialized || opt == OPT_Wmaybe_uninitialized);
279 if (var)
280 {
281 if ((opt == OPT_Wuninitialized
282 && !warning_at (location, opt, "%qD is used uninitialized", var))
283 || (opt == OPT_Wmaybe_uninitialized
284 && !warning_at (location, opt, "%qD may be used uninitialized",
285 var)))
286 return;
287 }
288 else if (var_name_str)
289 {
290 if ((opt == OPT_Wuninitialized
291 && !warning_at (location, opt, "%qs is used uninitialized",
292 var_name_str))
293 || (opt == OPT_Wmaybe_uninitialized
294 && !warning_at (location, opt, "%qs may be used uninitialized",
295 var_name_str)))
296 return;
297 }
298
299 /* Avoid subsequent warnings for reads of the same variable again. */
300 if (var)
301 suppress_warning (var, opt);
302 else if (var_name_str)
303 suppress_warning (var_def_stmt, opt);
304
305 /* Issue a note pointing to the read variable unless the warning
306 is at the same location. */
307 location_t var_loc = var ? DECL_SOURCE_LOCATION (var)
308 : gimple_location (var_def_stmt);
309 if (location == var_loc)
310 return;
311
312 if (var)
313 inform (var_loc, "%qD was declared here", var);
314 else if (var_name_str)
315 inform (var_loc, "%qs was declared here", var_name_str);
316 }
317
318 struct check_defs_data
319 {
320 /* If we found any may-defs besides must-def clobbers. */
321 bool found_may_defs;
322 };
323
324 /* Return true if STMT is a call to built-in function all of whose
325 by-reference arguments are const-qualified (i.e., the function can
326 be assumed not to modify them). */
327
328 static bool
329 builtin_call_nomodifying_p (gimple *stmt)
330 {
331 if (!gimple_call_builtin_p (stmt, BUILT_IN_NORMAL))
332 return false;
333
334 tree fndecl = gimple_call_fndecl (stmt);
335 if (!fndecl)
336 return false;
337
338 tree fntype = TREE_TYPE (fndecl);
339 if (!fntype)
340 return false;
341
342 /* Check the called function's signature for non-constc pointers.
343 If one is found, return false. */
344 unsigned argno = 0;
345 tree argtype;
346 function_args_iterator it;
347 FOREACH_FUNCTION_ARGS (fntype, argtype, it)
348 {
349 if (VOID_TYPE_P (argtype))
350 return true;
351
352 ++argno;
353
354 if (!POINTER_TYPE_P (argtype))
355 continue;
356
357 if (TYPE_READONLY (TREE_TYPE (argtype)))
358 continue;
359
360 return false;
361 }
362
363 /* If the number of actual arguments to the call is less than or
364 equal to the number of parameters, return false. */
365 unsigned nargs = gimple_call_num_args (stmt);
366 if (nargs <= argno)
367 return false;
368
369 /* Check arguments passed through the ellipsis in calls to variadic
370 functions for pointers. If one is found that's a non-constant
371 pointer, return false. */
372 for (; argno < nargs; ++argno)
373 {
374 tree arg = gimple_call_arg (stmt, argno);
375 argtype = TREE_TYPE (arg);
376 if (!POINTER_TYPE_P (argtype))
377 continue;
378
379 if (TYPE_READONLY (TREE_TYPE (argtype)))
380 continue;
381
382 return false;
383 }
384
385 return true;
386 }
387
388 /* If ARG is a FNDECL parameter declared with attribute access none or
389 write_only issue a warning for its read access via PTR. */
390
391 static void
392 maybe_warn_read_write_only (tree fndecl, gimple *stmt, tree arg, tree ptr)
393 {
394 if (!fndecl)
395 return;
396
397 if (get_no_uninit_warning (arg))
398 return;
399
400 tree fntype = TREE_TYPE (fndecl);
401 if (!fntype)
402 return;
403
404 /* Initialize a map of attribute access specifications for arguments
405 to the function call. */
406 rdwr_map rdwr_idx;
407 init_attr_rdwr_indices (&rdwr_idx, TYPE_ATTRIBUTES (fntype));
408
409 unsigned argno = 0;
410 tree parms = DECL_ARGUMENTS (fndecl);
411 for (tree parm = parms; parm; parm = TREE_CHAIN (parm), ++argno)
412 {
413 if (parm != arg)
414 continue;
415
416 const attr_access* access = rdwr_idx.get (argno);
417 if (!access)
418 break;
419
420 if (access->mode != access_none
421 && access->mode != access_write_only)
422 continue;
423
424 location_t stmtloc = gimple_location (stmt);
425 if (!warning_at (stmtloc, OPT_Wmaybe_uninitialized,
426 "%qE may be used uninitialized", ptr))
427 break;
428
429 suppress_warning (arg, OPT_Wmaybe_uninitialized);
430
431 const char* const access_str =
432 TREE_STRING_POINTER (access->to_external_string ());
433
434 location_t parmloc = DECL_SOURCE_LOCATION (parm);
435 inform (parmloc, "accessing argument %u of a function declared with "
436 "attribute %<%s%>",
437 argno + 1, access_str);
438
439 break;
440 }
441 }
442
443 /* Callback for walk_aliased_vdefs. */
444
445 static bool
446 check_defs (ao_ref *ref, tree vdef, void *data_)
447 {
448 check_defs_data *data = (check_defs_data *)data_;
449 gimple *def_stmt = SSA_NAME_DEF_STMT (vdef);
450
451 /* Ignore the vdef if the definition statement is a call
452 to .DEFERRED_INIT function. */
453 if (gimple_call_internal_p (def_stmt, IFN_DEFERRED_INIT))
454 return false;
455
456 /* For address taken variable, a temporary variable is added between
457 the variable and the call to .DEFERRED_INIT function as:
458 _1 = .DEFERRED_INIT (4, 2, &"i1"[0]);
459 i1 = _1;
460 Ignore this vdef as well. */
461 if (is_gimple_assign (def_stmt)
462 && gimple_assign_rhs_code (def_stmt) == SSA_NAME)
463 {
464 tree tmp_var = gimple_assign_rhs1 (def_stmt);
465 if (gimple_call_internal_p (SSA_NAME_DEF_STMT (tmp_var),
466 IFN_DEFERRED_INIT))
467 return false;
468 }
469
470 /* The ASAN_MARK intrinsic doesn't modify the variable. */
471 if (is_gimple_call (def_stmt))
472 {
473 /* The ASAN_MARK intrinsic doesn't modify the variable. */
474 if (gimple_call_internal_p (def_stmt)
475 && gimple_call_internal_fn (def_stmt) == IFN_ASAN_MARK)
476 return false;
477
478 if (tree fndecl = gimple_call_fndecl (def_stmt))
479 {
480 /* Some sanitizer calls pass integer arguments to built-ins
481 that expect pointets. Avoid using gimple_call_builtin_p()
482 which fails for such calls. */
483 if (DECL_BUILT_IN_CLASS (fndecl) == BUILT_IN_NORMAL)
484 {
485 built_in_function fncode = DECL_FUNCTION_CODE (fndecl);
486 if (fncode > BEGIN_SANITIZER_BUILTINS
487 && fncode < END_SANITIZER_BUILTINS)
488 return false;
489 }
490 }
491 }
492
493 /* End of VLA scope is not a kill. */
494 if (gimple_call_builtin_p (def_stmt, BUILT_IN_STACK_RESTORE))
495 return false;
496
497 /* If this is a clobber then if it is not a kill walk past it. */
498 if (gimple_clobber_p (def_stmt))
499 {
500 if (stmt_kills_ref_p (def_stmt, ref))
501 return true;
502 return false;
503 }
504
505 if (builtin_call_nomodifying_p (def_stmt))
506 return false;
507
508 /* Found a may-def on this path. */
509 data->found_may_defs = true;
510 return true;
511 }
512
513 /* Counters and limits controlling the depth of analysis and
514 strictness of the warning. */
515 struct wlimits
516 {
517 /* Number of VDEFs encountered. */
518 unsigned int vdef_cnt;
519 /* Number of statements examined by walk_aliased_vdefs. */
520 unsigned int oracle_cnt;
521 /* Limit on the number of statements visited by walk_aliased_vdefs. */
522 unsigned limit;
523 /* Set when basic block with statement is executed unconditionally. */
524 bool always_executed;
525 /* Set to issue -Wmaybe-uninitialized. */
526 bool wmaybe_uninit;
527 };
528
529 /* Determine if REF references an uninitialized operand and diagnose
530 it if so. STMS is the referencing statement. LHS is the result
531 of the access and may be null. RHS is the variable referenced by
532 the access; it may not be null. */
533
534 static tree
535 maybe_warn_operand (ao_ref &ref, gimple *stmt, tree lhs, tree rhs,
536 wlimits &wlims)
537 {
538 bool has_bit_insert = false;
539 use_operand_p luse_p;
540 imm_use_iterator liter;
541
542 if (get_no_uninit_warning (rhs))
543 return NULL_TREE;
544
545 /* Do not warn if the base was marked so or this is a
546 hard register var. */
547 tree base = ao_ref_base (&ref);
548 if ((VAR_P (base)
549 && DECL_HARD_REGISTER (base))
550 || get_no_uninit_warning (base))
551 return NULL_TREE;
552
553 /* Do not warn if the access is zero size or if it's fully outside
554 the object. */
555 poly_int64 decl_size;
556 if (known_size_p (ref.size)
557 && known_eq (ref.max_size, ref.size)
558 && (known_eq (ref.size, 0)
559 || known_le (ref.offset + ref.size, 0)))
560 return NULL_TREE;
561
562 if (DECL_P (base)
563 && known_ge (ref.offset, 0)
564 && DECL_SIZE (base)
565 && poly_int_tree_p (DECL_SIZE (base), &decl_size)
566 && known_le (decl_size, ref.offset))
567 return NULL_TREE;
568
569 /* Do not warn if the result of the access is then used for
570 a BIT_INSERT_EXPR. */
571 if (lhs && TREE_CODE (lhs) == SSA_NAME)
572 FOR_EACH_IMM_USE_FAST (luse_p, liter, lhs)
573 {
574 gimple *use_stmt = USE_STMT (luse_p);
575 /* BIT_INSERT_EXPR first operand should not be considered
576 a use for the purpose of uninit warnings. */
577 if (gassign *ass = dyn_cast <gassign *> (use_stmt))
578 {
579 if (gimple_assign_rhs_code (ass) == BIT_INSERT_EXPR
580 && luse_p->use == gimple_assign_rhs1_ptr (ass))
581 {
582 has_bit_insert = true;
583 break;
584 }
585 }
586 }
587
588 if (has_bit_insert)
589 return NULL_TREE;
590
591 /* Limit the walking to a constant number of stmts after
592 we overcommit quadratic behavior for small functions
593 and O(n) behavior. */
594 if (wlims.oracle_cnt > 128 * 128
595 && wlims.oracle_cnt > wlims.vdef_cnt * 2)
596 wlims.limit = 32;
597
598 check_defs_data data;
599 bool fentry_reached = false;
600 data.found_may_defs = false;
601 tree use = gimple_vuse (stmt);
602 if (!use)
603 return NULL_TREE;
604 int res = walk_aliased_vdefs (&ref, use,
605 check_defs, &data, NULL,
606 &fentry_reached, wlims.limit);
607 if (res == -1)
608 {
609 wlims.oracle_cnt += wlims.limit;
610 return NULL_TREE;
611 }
612
613 wlims.oracle_cnt += res;
614 if (data.found_may_defs)
615 return NULL_TREE;
616
617 bool found_alloc = false;
618
619 if (fentry_reached)
620 {
621 if (TREE_CODE (base) == MEM_REF)
622 base = TREE_OPERAND (base, 0);
623
624 /* Follow the chain of SSA_NAME assignments looking for an alloca
625 call (or VLA) or malloc/realloc, or for decls. If any is found
626 (and in the latter case, the operand is a local variable) issue
627 a warning. */
628 while (TREE_CODE (base) == SSA_NAME)
629 {
630 gimple *def_stmt = SSA_NAME_DEF_STMT (base);
631
632 if (is_gimple_call (def_stmt)
633 && gimple_call_builtin_p (def_stmt))
634 {
635 /* Detect uses of uninitialized alloca/VLAs. */
636 tree fndecl = gimple_call_fndecl (def_stmt);
637 const built_in_function fncode = DECL_FUNCTION_CODE (fndecl);
638 if (fncode == BUILT_IN_ALLOCA
639 || fncode == BUILT_IN_ALLOCA_WITH_ALIGN
640 || fncode == BUILT_IN_MALLOC)
641 found_alloc = true;
642 break;
643 }
644
645 if (!is_gimple_assign (def_stmt))
646 break;
647
648 tree_code code = gimple_assign_rhs_code (def_stmt);
649 if (code != ADDR_EXPR && code != POINTER_PLUS_EXPR)
650 break;
651
652 base = gimple_assign_rhs1 (def_stmt);
653 if (TREE_CODE (base) == ADDR_EXPR)
654 base = TREE_OPERAND (base, 0);
655
656 if (DECL_P (base)
657 || TREE_CODE (base) == COMPONENT_REF)
658 rhs = base;
659
660 if (TREE_CODE (base) == MEM_REF)
661 base = TREE_OPERAND (base, 0);
662
663 if (tree ba = get_base_address (base))
664 base = ba;
665 }
666
667 /* Replace the RHS expression with BASE so that it
668 refers to it in the diagnostic (instead of to
669 '<unknown>'). */
670 if (DECL_P (base)
671 && EXPR_P (rhs)
672 && TREE_CODE (rhs) != COMPONENT_REF)
673 rhs = base;
674 }
675
676 /* Do not warn if it can be initialized outside this function.
677 If we did not reach function entry then we found killing
678 clobbers on all paths to entry. */
679 if (!found_alloc && fentry_reached)
680 {
681 if (TREE_CODE (base) == SSA_NAME)
682 {
683 tree var = SSA_NAME_VAR (base);
684 if (var && TREE_CODE (var) == PARM_DECL)
685 {
686 maybe_warn_read_write_only (cfun->decl, stmt, var, rhs);
687 return NULL_TREE;
688 }
689 }
690
691 if (!VAR_P (base)
692 || is_global_var (base))
693 /* ??? We'd like to use ref_may_alias_global_p but that
694 excludes global readonly memory and thus we get bogus
695 warnings from p = cond ? "a" : "b" for example. */
696 return NULL_TREE;
697 }
698
699 /* Strip the address-of expression from arrays passed to functions. */
700 if (TREE_CODE (rhs) == ADDR_EXPR)
701 rhs = TREE_OPERAND (rhs, 0);
702
703 /* Check again since RHS may have changed above. */
704 if (get_no_uninit_warning (rhs))
705 return NULL_TREE;
706
707 /* Avoid warning about empty types such as structs with no members.
708 The first_field() test is important for C++ where the predicate
709 alone isn't always sufficient. */
710 tree rhstype = TREE_TYPE (rhs);
711 if (POINTER_TYPE_P (rhstype))
712 rhstype = TREE_TYPE (rhstype);
713 if (is_empty_type (rhstype))
714 return NULL_TREE;
715
716 bool warned = false;
717 /* We didn't find any may-defs so on all paths either
718 reached function entry or a killing clobber. */
719 location_t location = gimple_location (stmt);
720 if (wlims.always_executed)
721 {
722 if (warning_at (location, OPT_Wuninitialized,
723 "%qE is used uninitialized", rhs))
724 {
725 /* ??? This is only effective for decls as in
726 gcc.dg/uninit-B-O0.c. Avoid doing this for maybe-uninit
727 uses or accesses by functions as it may hide important
728 locations. */
729 if (lhs)
730 set_no_uninit_warning (rhs);
731 warned = true;
732 }
733 }
734 else if (wlims.wmaybe_uninit)
735 warned = warning_at (location, OPT_Wmaybe_uninitialized,
736 "%qE may be used uninitialized", rhs);
737
738 return warned ? base : NULL_TREE;
739 }
740
741
742 /* Diagnose passing addresses of uninitialized objects to either const
743 pointer arguments to functions, or to functions declared with attribute
744 access implying read access to those objects. */
745
746 static void
747 maybe_warn_pass_by_reference (gcall *stmt, wlimits &wlims)
748 {
749 if (!wlims.wmaybe_uninit)
750 return;
751
752 unsigned nargs = gimple_call_num_args (stmt);
753 if (!nargs)
754 return;
755
756 tree fndecl = gimple_call_fndecl (stmt);
757 tree fntype = gimple_call_fntype (stmt);
758 if (!fntype)
759 return;
760
761 /* Const function do not read their arguments. */
762 if (gimple_call_flags (stmt) & ECF_CONST)
763 return;
764
765 const built_in_function fncode
766 = (fndecl && gimple_call_builtin_p (stmt, BUILT_IN_NORMAL)
767 ? DECL_FUNCTION_CODE (fndecl) : (built_in_function)BUILT_IN_LAST);
768
769 if (fncode == BUILT_IN_MEMCPY || fncode == BUILT_IN_MEMMOVE)
770 /* Avoid diagnosing calls to raw memory functions (this is overly
771 permissive; consider tightening it up). */
772 return;
773
774 /* Save the current warning setting and replace it either a "maybe"
775 when passing addresses of uninitialized variables to const-qualified
776 pointers or arguments declared with attribute read_write, or with
777 a "certain" when passing them to arguments declared with attribute
778 read_only. */
779 const bool save_always_executed = wlims.always_executed;
780
781 /* Initialize a map of attribute access specifications for arguments
782 to the function call. */
783 rdwr_map rdwr_idx;
784 init_attr_rdwr_indices (&rdwr_idx, TYPE_ATTRIBUTES (fntype));
785
786 tree argtype;
787 unsigned argno = 0;
788 function_args_iterator it;
789
790 FOREACH_FUNCTION_ARGS (fntype, argtype, it)
791 {
792 ++argno;
793
794 if (argno > nargs)
795 break;
796
797 if (!POINTER_TYPE_P (argtype))
798 continue;
799
800 tree access_size = NULL_TREE;
801 const attr_access* access = rdwr_idx.get (argno - 1);
802 if (access)
803 {
804 if (access->mode == access_none
805 || access->mode == access_write_only)
806 continue;
807
808 if (access->mode == access_deferred
809 && !TYPE_READONLY (TREE_TYPE (argtype)))
810 continue;
811
812 if (save_always_executed && access->mode == access_read_only)
813 /* Attribute read_only arguments imply read access. */
814 wlims.always_executed = true;
815 else
816 /* Attribute read_write arguments are documented as requiring
817 initialized objects but it's expected that aggregates may
818 be only partially initialized regardless. */
819 wlims.always_executed = false;
820
821 if (access->sizarg < nargs)
822 access_size = gimple_call_arg (stmt, access->sizarg);
823 }
824 else if (!TYPE_READONLY (TREE_TYPE (argtype)))
825 continue;
826 else if (save_always_executed && fncode != BUILT_IN_LAST)
827 /* Const-qualified arguments to built-ins imply read access. */
828 wlims.always_executed = true;
829 else
830 /* Const-qualified arguments to ordinary functions imply a likely
831 (but not definitive) read access. */
832 wlims.always_executed = false;
833
834 /* Ignore args we are not going to read from. */
835 if (gimple_call_arg_flags (stmt, argno - 1)
836 & (EAF_UNUSED | EAF_NO_DIRECT_READ))
837 continue;
838
839 tree arg = gimple_call_arg (stmt, argno - 1);
840 if (!POINTER_TYPE_P (TREE_TYPE (arg)))
841 /* Avoid actual arguments with invalid types. */
842 continue;
843
844 ao_ref ref;
845 ao_ref_init_from_ptr_and_size (&ref, arg, access_size);
846 tree argbase = maybe_warn_operand (ref, stmt, NULL_TREE, arg, wlims);
847 if (!argbase)
848 continue;
849
850 if (access && access->mode != access_deferred)
851 {
852 const char* const access_str =
853 TREE_STRING_POINTER (access->to_external_string ());
854
855 if (fndecl)
856 {
857 location_t loc = DECL_SOURCE_LOCATION (fndecl);
858 inform (loc, "in a call to %qD declared with "
859 "attribute %<%s%> here", fndecl, access_str);
860 }
861 else
862 {
863 /* Handle calls through function pointers. */
864 location_t loc = gimple_location (stmt);
865 inform (loc, "in a call to %qT declared with "
866 "attribute %<%s%>", fntype, access_str);
867 }
868 }
869 else
870 {
871 /* For a declaration with no relevant attribute access create
872 a dummy object and use the formatting function to avoid
873 having to complicate things here. */
874 attr_access ptr_access = { };
875 if (!access)
876 access = &ptr_access;
877 const std::string argtypestr = access->array_as_string (argtype);
878 if (fndecl)
879 {
880 location_t loc (DECL_SOURCE_LOCATION (fndecl));
881 inform (loc, "by argument %u of type %s to %qD "
882 "declared here",
883 argno, argtypestr.c_str (), fndecl);
884 }
885 else
886 {
887 /* Handle calls through function pointers. */
888 location_t loc (gimple_location (stmt));
889 inform (loc, "by argument %u of type %s to %qT",
890 argno, argtypestr.c_str (), fntype);
891 }
892 }
893
894 if (DECL_P (argbase))
895 {
896 location_t loc = DECL_SOURCE_LOCATION (argbase);
897 inform (loc, "%qD declared here", argbase);
898 }
899 }
900
901 wlims.always_executed = save_always_executed;
902 }
903
904 /* Warn about an uninitialized PHI argument on the fallthru path to
905 an always executed block BB. */
906
907 static void
908 warn_uninit_phi_uses (basic_block bb)
909 {
910 edge_iterator ei;
911 edge e, found = NULL, found_back = NULL;
912 /* Look for a fallthru and possibly a single backedge. */
913 FOR_EACH_EDGE (e, ei, bb->preds)
914 {
915 /* Ignore backedges. */
916 if (dominated_by_p (CDI_DOMINATORS, e->src, bb))
917 {
918 if (found_back)
919 {
920 found = NULL;
921 break;
922 }
923 found_back = e;
924 continue;
925 }
926 if (found)
927 {
928 found = NULL;
929 break;
930 }
931 found = e;
932 }
933 if (!found)
934 return;
935
936 basic_block succ = single_succ (ENTRY_BLOCK_PTR_FOR_FN (cfun));
937 for (gphi_iterator si = gsi_start_phis (bb); !gsi_end_p (si);
938 gsi_next (&si))
939 {
940 gphi *phi = si.phi ();
941 tree def = PHI_ARG_DEF_FROM_EDGE (phi, found);
942 if (TREE_CODE (def) != SSA_NAME
943 || !SSA_NAME_IS_DEFAULT_DEF (def)
944 || virtual_operand_p (def))
945 continue;
946 /* If there's a default def on the fallthru edge PHI
947 value and there's a use that post-dominates entry
948 then that use is uninitialized and we can warn. */
949 imm_use_iterator iter;
950 use_operand_p use_p;
951 gimple *use_stmt = NULL;
952 FOR_EACH_IMM_USE_FAST (use_p, iter, gimple_phi_result (phi))
953 {
954 use_stmt = USE_STMT (use_p);
955 if (gimple_location (use_stmt) != UNKNOWN_LOCATION
956 && dominated_by_p (CDI_POST_DOMINATORS, succ,
957 gimple_bb (use_stmt))
958 /* If we found a non-fallthru edge make sure the
959 use is inside the loop, otherwise the backedge
960 can serve as initialization. */
961 && (!found_back
962 || dominated_by_p (CDI_DOMINATORS, found_back->src,
963 gimple_bb (use_stmt))))
964 break;
965 use_stmt = NULL;
966 }
967 if (use_stmt)
968 warn_uninit (OPT_Wuninitialized, def,
969 SSA_NAME_VAR (def), use_stmt);
970 }
971 }
972
973 /* Issue warnings about reads of uninitialized variables. WMAYBE_UNINIT
974 is true to issue -Wmaybe-uninitialized, otherwise -Wuninitialized. */
975
976 static void
977 warn_uninitialized_vars (bool wmaybe_uninit)
978 {
979 /* Counters and limits controlling the depth of the warning. */
980 wlimits wlims = { };
981 wlims.wmaybe_uninit = wmaybe_uninit;
982
983 auto_bb_flag ft_reachable (cfun);
984
985 /* Mark blocks that are always executed when we ignore provably
986 not executed and EH and abnormal edges. */
987 basic_block bb = single_succ (ENTRY_BLOCK_PTR_FOR_FN (cfun));
988 while (!(bb->flags & ft_reachable))
989 {
990 bb->flags |= ft_reachable;
991 edge e = find_fallthru_edge (bb->succs);
992 if (e && e->flags & EDGE_EXECUTABLE)
993 {
994 bb = e->dest;
995 continue;
996 }
997 /* Find a single executable edge. */
998 edge_iterator ei;
999 edge ee = NULL;
1000 FOR_EACH_EDGE (e, ei, bb->succs)
1001 if (e->flags & EDGE_EXECUTABLE)
1002 {
1003 if (!ee)
1004 ee = e;
1005 else
1006 {
1007 ee = NULL;
1008 break;
1009 }
1010 }
1011 if (ee)
1012 bb = ee->dest;
1013 else
1014 bb = get_immediate_dominator (CDI_POST_DOMINATORS, bb);
1015 if (!bb || bb->index == EXIT_BLOCK)
1016 break;
1017 }
1018
1019 FOR_EACH_BB_FN (bb, cfun)
1020 {
1021 wlims.always_executed = (bb->flags & ft_reachable);
1022 bb->flags &= ~ft_reachable;
1023
1024 edge_iterator ei;
1025 edge e;
1026 FOR_EACH_EDGE (e, ei, bb->preds)
1027 if (e->flags & EDGE_EXECUTABLE)
1028 break;
1029 /* Skip unreachable blocks. For early analysis we use VN to
1030 determine edge executability when wmaybe_uninit. */
1031 if (!e)
1032 continue;
1033
1034 if (wlims.always_executed)
1035 warn_uninit_phi_uses (bb);
1036
1037 gimple_stmt_iterator gsi;
1038 for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi); gsi_next (&gsi))
1039 {
1040 gimple *stmt = gsi_stmt (gsi);
1041
1042 /* The call is an artificial use, will not provide meaningful
1043 error message. If the result of the call is used somewhere
1044 else, we warn there instead. */
1045 if (gimple_call_internal_p (stmt, IFN_DEFERRED_INIT))
1046 continue;
1047
1048 if (is_gimple_debug (stmt))
1049 continue;
1050
1051 /* We only do data flow with SSA_NAMEs, so that's all we
1052 can warn about. */
1053 use_operand_p use_p;
1054 ssa_op_iter op_iter;
1055 FOR_EACH_SSA_USE_OPERAND (use_p, stmt, op_iter, SSA_OP_USE)
1056 {
1057 /* BIT_INSERT_EXPR first operand should not be considered
1058 a use for the purpose of uninit warnings. */
1059 if (gassign *ass = dyn_cast <gassign *> (stmt))
1060 {
1061 if (gimple_assign_rhs_code (ass) == BIT_INSERT_EXPR
1062 && use_p->use == gimple_assign_rhs1_ptr (ass))
1063 continue;
1064 }
1065 tree use = USE_FROM_PTR (use_p);
1066 if (wlims.always_executed)
1067 warn_uninit (OPT_Wuninitialized, use,
1068 SSA_NAME_VAR (use), stmt);
1069 else if (wlims.wmaybe_uninit)
1070 warn_uninit (OPT_Wmaybe_uninitialized, use,
1071 SSA_NAME_VAR (use), stmt);
1072 }
1073
1074 /* For limiting the alias walk below we count all
1075 vdefs in the function. */
1076 if (gimple_vdef (stmt))
1077 wlims.vdef_cnt++;
1078
1079 if (gcall *call = dyn_cast <gcall *> (stmt))
1080 maybe_warn_pass_by_reference (call, wlims);
1081 else if (gimple_assign_load_p (stmt)
1082 && gimple_has_location (stmt))
1083 {
1084 tree rhs = gimple_assign_rhs1 (stmt);
1085 tree lhs = gimple_assign_lhs (stmt);
1086
1087 ao_ref ref;
1088 ao_ref_init (&ref, rhs);
1089 tree var = maybe_warn_operand (ref, stmt, lhs, rhs, wlims);
1090 if (!var)
1091 continue;
1092
1093 if (DECL_P (var))
1094 {
1095 location_t loc = DECL_SOURCE_LOCATION (var);
1096 inform (loc, "%qD declared here", var);
1097 }
1098 }
1099 }
1100 }
1101 }
1102
1103 /* Checks if the operand OPND of PHI is defined by
1104 another phi with one operand defined by this PHI,
1105 but the rest operands are all defined. If yes,
1106 returns true to skip this operand as being
1107 redundant. Can be enhanced to be more general. */
1108
1109 static bool
1110 can_skip_redundant_opnd (tree opnd, gimple *phi)
1111 {
1112 tree phi_def = gimple_phi_result (phi);
1113 gimple *op_def = SSA_NAME_DEF_STMT (opnd);
1114 if (gimple_code (op_def) != GIMPLE_PHI)
1115 return false;
1116
1117 unsigned n = gimple_phi_num_args (op_def);
1118 for (unsigned i = 0; i < n; ++i)
1119 {
1120 tree op = gimple_phi_arg_def (op_def, i);
1121 if (TREE_CODE (op) != SSA_NAME)
1122 continue;
1123 if (op != phi_def && uninit_undefined_value_p (op))
1124 return false;
1125 }
1126
1127 return true;
1128 }
1129
1130 /* Return a bitset holding the positions of arguments in PHI with empty
1131 (or possibly empty) definitions. */
1132
1133 static unsigned
1134 compute_uninit_opnds_pos (gphi *phi)
1135 {
1136 unsigned uninit_opnds = 0;
1137
1138 unsigned n = gimple_phi_num_args (phi);
1139 /* Bail out for phi with too many args. */
1140 if (n > uninit_analysis::func_t::max_phi_args)
1141 return 0;
1142
1143 for (unsigned i = 0; i < n; ++i)
1144 {
1145 tree op = gimple_phi_arg_def (phi, i);
1146 if (TREE_CODE (op) == SSA_NAME
1147 && uninit_undefined_value_p (op)
1148 && !can_skip_redundant_opnd (op, phi))
1149 {
1150 if (cfun->has_nonlocal_label || cfun->calls_setjmp)
1151 {
1152 /* Ignore SSA_NAMEs that appear on abnormal edges
1153 somewhere. */
1154 if (SSA_NAME_OCCURS_IN_ABNORMAL_PHI (op))
1155 continue;
1156 }
1157 MASK_SET_BIT (uninit_opnds, i);
1158 }
1159 }
1160 /* If we have recorded guarded uses of may-uninit values mask those. */
1161 if (auto *def_mask = defined_args->get (phi))
1162 uninit_opnds &= ~*def_mask;
1163 return uninit_opnds;
1164 }
1165
1166 /* Function object type used to determine whether an expression
1167 is of interest to the predicate analyzer. */
1168
1169 struct uninit_undef_val_t: public uninit_analysis::func_t
1170 {
1171 virtual unsigned phi_arg_set (gphi *) override;
1172 };
1173
1174 /* Return a bitset of PHI arguments of interest. */
1175
1176 unsigned
1177 uninit_undef_val_t::phi_arg_set (gphi *phi)
1178 {
1179 return compute_uninit_opnds_pos (phi);
1180 }
1181
1182 /* sort helper for find_uninit_use. */
1183
1184 static int
1185 cand_cmp (const void *a, const void *b, void *data)
1186 {
1187 int *bb_to_rpo = (int *)data;
1188 const gimple *sa = *(const gimple * const *)a;
1189 const gimple *sb = *(const gimple * const *)b;
1190 if (bb_to_rpo[gimple_bb (sa)->index] < bb_to_rpo[gimple_bb (sb)->index])
1191 return -1;
1192 else if (bb_to_rpo[gimple_bb (sa)->index] > bb_to_rpo[gimple_bb (sb)->index])
1193 return 1;
1194 return 0;
1195 }
1196
1197 /* Searches through all uses of a potentially
1198 uninitialized variable defined by PHI and returns a use
1199 statement if the use is not properly guarded. It returns
1200 NULL if all uses are guarded. UNINIT_OPNDS is a bitvector
1201 holding the position(s) of uninit PHI operands. */
1202
1203 static gimple *
1204 find_uninit_use (gphi *phi, unsigned uninit_opnds, int *bb_to_rpo)
1205 {
1206 /* The Boolean predicate guarding the PHI definition. Initialized
1207 lazily from PHI in the first call to is_use_guarded() and cached
1208 for subsequent iterations. */
1209 uninit_undef_val_t eval;
1210 uninit_analysis def_preds (eval);
1211
1212 /* First process PHIs and record other candidates. */
1213 auto_vec<gimple *, 64> cands;
1214 use_operand_p use_p;
1215 imm_use_iterator iter;
1216 tree phi_result = gimple_phi_result (phi);
1217 FOR_EACH_IMM_USE_FAST (use_p, iter, phi_result)
1218 {
1219 gimple *use_stmt = USE_STMT (use_p);
1220 if (is_gimple_debug (use_stmt))
1221 continue;
1222
1223 if (gphi *use_phi = dyn_cast<gphi *> (use_stmt))
1224 {
1225 unsigned idx = PHI_ARG_INDEX_FROM_USE (use_p);
1226 edge e = gimple_phi_arg_edge (use_phi, idx);
1227 /* Do not look for uses in the next iteration of a loop, predicate
1228 analysis will not use the appropriate predicates to prove
1229 reachability. */
1230 if (e->flags & EDGE_DFS_BACK)
1231 continue;
1232
1233 basic_block use_bb = e->src;
1234 if (def_preds.is_use_guarded (use_stmt, use_bb, phi, uninit_opnds))
1235 {
1236 /* For a guarded use in a PHI record the PHI argument as
1237 initialized. */
1238 if (idx < uninit_analysis::func_t::max_phi_args)
1239 {
1240 bool existed_p;
1241 auto &def_mask
1242 = defined_args->get_or_insert (use_phi, &existed_p);
1243 if (!existed_p)
1244 def_mask = 0;
1245 MASK_SET_BIT (def_mask, idx);
1246 }
1247 continue;
1248 }
1249
1250 if (dump_file && (dump_flags & TDF_DETAILS))
1251 {
1252 fprintf (dump_file, "Found unguarded use in bb %u: ",
1253 use_bb->index);
1254 print_gimple_stmt (dump_file, use_stmt, 0);
1255 }
1256 /* Found a phi use that is not guarded, mark the phi_result as
1257 possibly undefined. */
1258 possibly_undefined_names->add (phi_result);
1259 }
1260 else
1261 cands.safe_push (use_stmt);
1262 }
1263
1264 /* Sort candidates after RPO. */
1265 cands.stablesort (cand_cmp, bb_to_rpo);
1266 basic_block use_bb = NULL;
1267 for (gimple *use_stmt : cands)
1268 {
1269 /* We only have to try diagnosing the first use in each block. */
1270 if (gimple_bb (use_stmt) == use_bb)
1271 continue;
1272
1273 use_bb = gimple_bb (use_stmt);
1274 if (def_preds.is_use_guarded (use_stmt, use_bb, phi, uninit_opnds))
1275 continue;
1276
1277 if (dump_file && (dump_flags & TDF_DETAILS))
1278 {
1279 fprintf (dump_file, "Found unguarded use in bb %u: ",
1280 use_bb->index);
1281 print_gimple_stmt (dump_file, use_stmt, 0);
1282 }
1283 return use_stmt;
1284 }
1285
1286 return NULL;
1287 }
1288
1289 /* Look for inputs to PHI that are SSA_NAMEs that have empty definitions
1290 and gives warning if there exists a runtime path from the entry to a
1291 use of the PHI def that does not contain a definition. In other words,
1292 the warning is on the real use. The more dead paths that can be pruned
1293 by the compiler, the fewer false positives the warning is. */
1294
1295 static void
1296 warn_uninitialized_phi (gphi *phi, unsigned uninit_opnds, int *bb_to_rpo)
1297 {
1298 if (dump_file && (dump_flags & TDF_DETAILS))
1299 {
1300 fprintf (dump_file, "Examining phi: ");
1301 print_gimple_stmt (dump_file, phi, 0);
1302 }
1303
1304 gimple *uninit_use_stmt = find_uninit_use (phi, uninit_opnds, bb_to_rpo);
1305
1306 /* All uses are properly guarded. */
1307 if (!uninit_use_stmt)
1308 return;
1309
1310 unsigned phiarg_index = MASK_FIRST_SET_BIT (uninit_opnds);
1311 tree uninit_op = gimple_phi_arg_def (phi, phiarg_index);
1312 if (SSA_NAME_VAR (uninit_op) == NULL_TREE)
1313 return;
1314
1315 location_t loc = UNKNOWN_LOCATION;
1316 if (gimple_phi_arg_has_location (phi, phiarg_index))
1317 loc = gimple_phi_arg_location (phi, phiarg_index);
1318 else
1319 {
1320 tree arg_def = gimple_phi_arg_def (phi, phiarg_index);
1321 if (TREE_CODE (arg_def) == SSA_NAME)
1322 {
1323 gimple *def_stmt = SSA_NAME_DEF_STMT (arg_def);
1324 if (gphi *arg_phi = dyn_cast<gphi *> (def_stmt))
1325 {
1326 unsigned uop = compute_uninit_opnds_pos (arg_phi);
1327 unsigned idx = MASK_FIRST_SET_BIT (uop);
1328 if (idx < gimple_phi_num_args (arg_phi)
1329 && gimple_phi_arg_has_location (arg_phi, idx))
1330 loc = gimple_phi_arg_location (arg_phi, idx);
1331 }
1332 }
1333 }
1334
1335 warn_uninit (OPT_Wmaybe_uninitialized, uninit_op,
1336 SSA_NAME_VAR (uninit_op),
1337 uninit_use_stmt, loc);
1338 }
1339
1340 static bool
1341 gate_warn_uninitialized (void)
1342 {
1343 return warn_uninitialized || warn_maybe_uninitialized;
1344 }
1345
1346 namespace {
1347
1348 const pass_data pass_data_late_warn_uninitialized =
1349 {
1350 GIMPLE_PASS, /* type */
1351 "uninit", /* name */
1352 OPTGROUP_NONE, /* optinfo_flags */
1353 TV_NONE, /* tv_id */
1354 PROP_ssa, /* properties_required */
1355 0, /* properties_provided */
1356 0, /* properties_destroyed */
1357 0, /* todo_flags_start */
1358 0, /* todo_flags_finish */
1359 };
1360
1361 class pass_late_warn_uninitialized : public gimple_opt_pass
1362 {
1363 public:
1364 pass_late_warn_uninitialized (gcc::context *ctxt)
1365 : gimple_opt_pass (pass_data_late_warn_uninitialized, ctxt)
1366 {}
1367
1368 /* opt_pass methods: */
1369 opt_pass *clone () final override
1370 {
1371 return new pass_late_warn_uninitialized (m_ctxt);
1372 }
1373 bool gate (function *) final override { return gate_warn_uninitialized (); }
1374 unsigned int execute (function *) final override;
1375
1376 }; // class pass_late_warn_uninitialized
1377
1378 static void
1379 execute_late_warn_uninitialized (function *fun)
1380 {
1381 calculate_dominance_info (CDI_DOMINATORS);
1382 calculate_dominance_info (CDI_POST_DOMINATORS);
1383
1384 /* Mark all edges executable, warn_uninitialized_vars will skip
1385 unreachable blocks. */
1386 set_all_edges_as_executable (fun);
1387 mark_dfs_back_edges (fun);
1388 int *rpo = XNEWVEC (int, n_basic_blocks_for_fn (fun));
1389 int n = pre_and_rev_post_order_compute_fn (fun, NULL, rpo, false);
1390 int *bb_to_rpo = XNEWVEC (int, last_basic_block_for_fn (fun));
1391 for (int i = 0; i < n; ++i)
1392 bb_to_rpo[rpo[i]] = i;
1393
1394 /* Re-do the plain uninitialized variable check, as optimization may have
1395 straightened control flow. Do this first so that we don't accidentally
1396 get a "may be" warning when we'd have seen an "is" warning later. */
1397 warn_uninitialized_vars (/*warn_maybe_uninitialized=*/1);
1398
1399 timevar_push (TV_TREE_UNINIT);
1400
1401 /* Avoid quadratic beahvior when looking up case labels for edges. */
1402 start_recording_case_labels ();
1403
1404 possibly_undefined_names = new hash_set<tree>;
1405 defined_args = new hash_map<gphi *, uninit_analysis::func_t::phi_arg_set_t>;
1406
1407 /* Walk the CFG in RPO order so we visit PHIs with defs that are
1408 possibly uninitialized from other PHIs after those. The uninit
1409 predicate analysis will then expand the PHIs predicate with
1410 the predicates of the edges from such PHI defs. */
1411 for (int i = 0; i < n; ++i)
1412 for (auto gsi = gsi_start_phis (BASIC_BLOCK_FOR_FN (fun, rpo[i]));
1413 !gsi_end_p (gsi); gsi_next (&gsi))
1414 {
1415 gphi *phi = gsi.phi ();
1416
1417 /* Don't look at virtual operands. */
1418 if (virtual_operand_p (gimple_phi_result (phi)))
1419 continue;
1420
1421 unsigned uninit_opnds = compute_uninit_opnds_pos (phi);
1422 if (MASK_EMPTY (uninit_opnds))
1423 continue;
1424
1425 warn_uninitialized_phi (phi, uninit_opnds, bb_to_rpo);
1426 }
1427
1428 free (rpo);
1429 free (bb_to_rpo);
1430 delete possibly_undefined_names;
1431 possibly_undefined_names = NULL;
1432 delete defined_args;
1433 defined_args = NULL;
1434 end_recording_case_labels ();
1435 free_dominance_info (CDI_POST_DOMINATORS);
1436 timevar_pop (TV_TREE_UNINIT);
1437 }
1438
1439 unsigned int
1440 pass_late_warn_uninitialized::execute (function *fun)
1441 {
1442 execute_late_warn_uninitialized (fun);
1443 return 0;
1444 }
1445
1446 } // anon namespace
1447
1448 gimple_opt_pass *
1449 make_pass_late_warn_uninitialized (gcc::context *ctxt)
1450 {
1451 return new pass_late_warn_uninitialized (ctxt);
1452 }
1453
1454 static unsigned int
1455 execute_early_warn_uninitialized (struct function *fun)
1456 {
1457 /* Currently, this pass runs always but
1458 execute_late_warn_uninitialized only runs with optimization. With
1459 optimization we want to warn about possible uninitialized as late
1460 as possible, thus don't do it here. However, without
1461 optimization we need to warn here about "may be uninitialized". */
1462 calculate_dominance_info (CDI_DOMINATORS);
1463 calculate_dominance_info (CDI_POST_DOMINATORS);
1464
1465 /* Use VN in its cheapest incarnation and without doing any
1466 elimination to compute edge reachability. Don't bother when
1467 we only warn for unconditionally executed code though. */
1468 if (!optimize)
1469 do_rpo_vn (fun, NULL, NULL, false, false, VN_NOWALK);
1470 else
1471 set_all_edges_as_executable (fun);
1472
1473 warn_uninitialized_vars (/*warn_maybe_uninitialized=*/!optimize);
1474
1475 /* Post-dominator information cannot be reliably updated. Free it
1476 after the use. */
1477
1478 free_dominance_info (CDI_POST_DOMINATORS);
1479 return 0;
1480 }
1481
1482 namespace {
1483
1484 const pass_data pass_data_early_warn_uninitialized =
1485 {
1486 GIMPLE_PASS, /* type */
1487 "early_uninit", /* name */
1488 OPTGROUP_NONE, /* optinfo_flags */
1489 TV_TREE_UNINIT, /* tv_id */
1490 PROP_ssa, /* properties_required */
1491 0, /* properties_provided */
1492 0, /* properties_destroyed */
1493 0, /* todo_flags_start */
1494 0, /* todo_flags_finish */
1495 };
1496
1497 class pass_early_warn_uninitialized : public gimple_opt_pass
1498 {
1499 public:
1500 pass_early_warn_uninitialized (gcc::context *ctxt)
1501 : gimple_opt_pass (pass_data_early_warn_uninitialized, ctxt)
1502 {}
1503
1504 /* opt_pass methods: */
1505 bool gate (function *) final override { return gate_warn_uninitialized (); }
1506 unsigned int execute (function *fun) final override
1507 {
1508 return execute_early_warn_uninitialized (fun);
1509 }
1510
1511 }; // class pass_early_warn_uninitialized
1512
1513 } // anon namespace
1514
1515 gimple_opt_pass *
1516 make_pass_early_warn_uninitialized (gcc::context *ctxt)
1517 {
1518 return new pass_early_warn_uninitialized (ctxt);
1519 }
Mirror of the offical gcc git repository hosted at gcc.gnu.org