Bug 102996 - No warning on dereferencing of uninitialized pointer in an array, in a loop
Summary: No warning on dereferencing of uninitialized pointer in an array, in a loop
Status: NEW
Alias: None
Product: gcc
Classification: Unclassified
Component: tree-optimization (show other bugs)
Version: 11.2.0
: P3 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords: diagnostic
Depends on:
Blocks: Wuninitialized
  Show dependency treegraph
 
Reported: 2021-10-29 07:34 UTC by Eyal Rozenberg
Modified: 2021-10-29 15:03 UTC (History)
1 user (show)

See Also:
Host:
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed: 2021-10-29 00:00:00

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Eyal Rozenberg 2021-10-29 07:34:10 UTC 
Consider the following two functions:

void foo() {
    int *as[2];
    *(as[0])=1;
}

void bar() {
    int i = 0;
    int *as[2];
    for(i=0;i<1;i++)
    {
        *(as[i])=i;
    }
}


When compiling these with -Wall, we get warnings about the uninitialized use of as in the first function, but not in the second one.

GodBolt: https://godbolt.org/z/Ta9fWYWs6
Inspired by this StackOverflow question: https://stackoverflow.com/q/69764896/1593077
Comment 1 Richard Biener 2021-10-29 09:49:28 UTC 
The foo form is handled by the early uninit pass but the bar form is optimized away as dead before we get to do a late warning.
Comment 2 Eyal Rozenberg 2021-10-29 10:10:11 UTC 
(In reply to Richard Biener from comment #1)
> The foo form is handled by the early uninit pass

Since _none_ of `as` is initialized, one could argue that an early uninit pass could catch that as well.
Comment 3 Martin Sebor 2021-10-29 15:03:46 UTC 
The early uninit pass deliberately defers the conditional cases to the late pass to avoid false positives.  It only handles straightforward unconditionally uninitialized reads.  It could probably do better.