https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94527
Jeffrey A. Law <law at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Last reconfirmed| |2020-04-08
Status|UNCONFIRMED |NEW
--- Comment #3 from Jeffrey A. Law <law at redhat dot com> ---
GCC already knows that free() "kills" the pointed-to memory and should be doing
DSE with that in mind. It doesn't however know that other functions have
free-like semantics, so it wouldn't do so in for kfree. I suspect an
attribute that either say "this function is free-like" or "this argument is
free'd" and replacing the cases where we look for BUILT_IN_FREE with checking
for the attribute would be enough to make DSE "just work" in these cases.
With regard to the warnings. When we were investigating use-after-free and
double-free diagnostics it was our conclusion that do to any kind of reasonable
job you really have to do a whole program analysis. Otherwise it's just a toy.
As a result the focal point for those diagnostics is the static analyzer David
Malcolm is working on.
