https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109791
--- Comment #14 from Richard Biener <rguenth at gcc dot gnu.org> ---
So one issue with the unfolding of PHIs is that for example
gcc.dg/warn-sprintf-no-nul.c has
const char a2[][3] = {
"", "1", "12", "123", "123\000"
};
and for
# str_1 = PHI <&a2[2], &a2[3]>
we can determine bounds on the string length of str_1 by unioning the
string lengths of &a2[2] and &a2[3]. But with
# off_2 = PHI <6, 9>
str_1 = &a2 + off_2;
this isn't possible. In fact get_range_strlen doesn't handle POINTER_PLUS_EXPR
and while it might be possible to handle "foo" + off_2 with looking at the
range of off_2 for example the above case of refering to two different
strings rather than offsetting within one string isn't distinguishable.
I've also figured that when one PHI argument has zero offset (aka plain &a2)
then PRE tends to undo the transform since &a2 + 0 is readily available
on that edge and thus it inserts pointer adjustments on the other edges.
So while it looked like the easy way out on the ranger limitation it's
not a viable solution (because it regresses testcases).
