https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116006
Bug ID: 116006
Summary: RFE: detect usage of pointers to local variables that
are out of scope
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: dmalcolm at gcc dot gnu.org
Target Milestone: ---
Consider e.g.:
struct A *extref = something;
...
for (int i = 0; i < n; i++)
{
struct A intref = *extref;
intref.memb = i;
extref = &intref;
}
This is storing a pointer to local variable "intref" into extref.
I think we detect the case where someone tries to use *extref once the function
frame has been popped (via the poisoned_svalue machinery) but I don't think we
detect the case where the usage happens in the same function but outside the
scope of "intref".
Trying it out here: https://godbolt.org/z/6s9WMh53K but I can't seem to trigger
even the popped frame case
