https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109577
--- Comment #2 from CVS Commits <cvs-commit at gcc dot gnu.org> --- The master branch has been updated by Tim Lange <tla...@gcc.gnu.org>: https://gcc.gnu.org/g:1d57a2232575913ad1085bac0ba5e22b58185179 commit r14-1684-g1d57a2232575913ad1085bac0ba5e22b58185179 Author: Tim Lange <m...@tim-lange.me> Date: Fri Jun 9 20:07:33 2023 +0200 analyzer: Fix allocation size false positive on conjured svalue [PR109577] Currently, the analyzer tries to prove that the allocation size is a multiple of the pointee's type size. This patch reverses the behavior to try to prove that the expression is not a multiple of the pointee's type size. With this change, each unhandled case should be gracefully considered as correct. This fixes the bug reported in PR 109577 by Paul Eggert. Regression-tested on Linux x86-64 with -m32 and -m64. 2023-06-09 Tim Lange <m...@tim-lange.me> PR analyzer/109577 gcc/analyzer/ChangeLog: * constraint-manager.cc (class sval_finder): Visitor to find childs in svalue trees. (constraint_manager::sval_constrained_p): Add new function to check whether a sval might be part of an constraint. * constraint-manager.h: Add sval_constrained_p function. * region-model.cc (class size_visitor): Reverse behavior to not emit a warning on not explicitly considered cases. (region_model::check_region_size): Adapt to size_visitor changes. gcc/testsuite/ChangeLog: * gcc.dg/analyzer/allocation-size-2.c: Change expected output and add new test case. * gcc.dg/analyzer/pr109577.c: New test.
