https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86768
Bug ID: 86768 Summary: gcc wrongly decides that variable is <=1 after "while (x>1 && blah)" construct. Product: gcc Version: 8.1.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c Assignee: unassigned at gcc dot gnu.org Reporter: Emmanuel.Thome at inria dot fr Target Milestone: --- Created attachment 44477 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=44477&action=edit test program (wrong diagnostic emitted with -m32 -O3 only) I have a construct of the following form (comes from actual code, test case attached). // check argc >= 3 while (argc > 1 && argv[1][0] == '-') { // do something and then argc--, or maybe call exit() } // do code that relies on argc >= 3 As presented, it looks kinda weird, but I could as well make the condition be: while (argc > 1 && argv[1][0] == '-' && foo(argc)) with foo(argc) being outside the compilation unit. So we could be in a situation where because of the way foo() acts, the post-condition argc>=3 holds anyway (and the test argc>1 is pointless). However, I get the following with -m32 -O3: (note: nr_B2 is argc-2) localhost $ gcc -m32 -O3 /tmp/t.c -W -Wall -c /tmp/t.c: In function ‘blah’: /tmp/t.c:32:10: warning: argument 1 value ‘4294967292’ exceeds maximum object size 2147483647 [-Walloc-size-larger-than=] B2 = malloc(nr_B2 * sizeof(unsigned long)); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from /tmp/t.c:2: /usr/include/stdlib.h:539:14: note: in a call to allocation function ‘malloc’ declared here extern void *malloc (size_t __size) __THROW __attribute_malloc__ __wur; ^~~~~~ Meaning that gcc has decided that the post-condition argc==1 holds after the while loop. I think that this is an incorrect guess.