https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109350
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |diagnostic
Blocks| |88443
--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
We have
<bb 2> [local count: 1073741824]:
_28 ={v} signed_value_source;
_4 = (unsigned long) _28;
_9 = _4 + 2147483648;
if (_9 > 4294967295)
goto <bb 8>; [50.00%]
else
goto <bb 3>; [50.00%]
<bb 3> [local count: 536870913]:
r_imin_imax_8 = (int) _28;
_31 = r_imin_imax_8 + 1;
_29 = (sizetype) _31;
if (_4 <= 4611686018427387900)
goto <bb 4>; [50.00%]
else
goto <bb 5>; [50.00%]
<bb 5> [local count: 268435458]:
_13 = operator new [] (18446744073709551615);
__builtin_memcpy (_13, &MEM <const char[37]> [(void
*)"0123456789abcdefghijklmnopqrstuvwxyz" + 35B], 2);
sink (_13);
if (_29 <= 4611686018427387900)
goto <bb 9>; [100.00%]
else
goto <bb 7>; [0.00%]
<bb 9> [local count: 0]:
iftmp.1_38 = _29 * 2;
_40 = operator new [] (iftmp.1_38);
__builtin_memcpy (_40, &MEM <const char[37]> [(void
*)"0123456789abcdefghijklmnopqrstuvwxyz" + 34B], 3);
and we're again down into get_size_range of the operator new[] argument
iftmp.1_38:
pointer-query.cc:507
/* Determine the largest valid range size, including zero. */
if (!get_size_range (qry, size, stmt, r, SR_ALLOW_ZERO | SR_USE_LARGEST))
return NULL_TREE;
where we compute
[irange] long unsigned int [0, 0] NONZERO 0x0$27 = void
for the range. I have to make up my mind if that's correct, but ranger
debug prints the same conclusion so it doesn't seem to be an artifact of
using legacy value_range.
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88443
[Bug 88443] [meta-bug] bogus/missing -Wstringop-overflow warnings
