https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98753
--- Comment #8 from Akim Demaille <akim.demaille at gmail dot com> --- Hi Richard, (In reply to Richard Biener from comment #3) > The issue is that we isolate a path that is impossible to take but on that > path we have p = &foo; free (p); and thus a "proved" mistake. But in > reality it is guarded by an effective if (false) condition. So it's not as > simple as you think. Point taken, thanks (though I'm not sure I understand why it would explore branches below an 'if (false)', but I definitely don't know the details). > (we also emit diagnostics on function bodies we do not > know are actually never called) I will not dispute that this is a hard job (I was just pointing that it should not impossible in that precise case). But it just emphasizes again that the *wording* is wrong. > warning: ‘void free(void*)’ called on unallocated object ‘yyssa’ This is plain false. Free is provably *never* called with yyssa. The wording should stop being so affirmative, so that the users don't get the wrong impression. Cheers!
