https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109577
--- Comment #6 from GCC Commits ---
The releases/gcc-13 branch has been updated by David Malcolm
:
https://gcc.gnu.org/g:ccf8d3e3d26c6ba3d5e11fffeed8d64018e9c060
commit r13-8742-gccf8d3e3d26c6ba3d5e11fffeed8d64018e9c060
Author: Tim Lange
Date: Thu May 9 13:09:26 2024 -0400
analyzer: Fix allocation size false positive on conjured svalue [PR109577]
Currently, the analyzer tries to prove that the allocation size is a
multiple of the pointee's type size. This patch reverses the behavior
to try to prove that the expression is not a multiple of the pointee's
type size. With this change, each unhandled case should be gracefully
considered as correct. This fixes the bug reported in PR 109577 by
Paul Eggert.
Regression-tested on Linux x86-64 with -m32 and -m64.
2023-06-09 Tim Lange
PR analyzer/109577
gcc/analyzer/ChangeLog:
* constraint-manager.cc (class sval_finder): Visitor to find
childs in svalue trees.
(constraint_manager::sval_constrained_p): Add new function to
check whether a sval might be part of an constraint.
* constraint-manager.h: Add sval_constrained_p function.
* region-model.cc (class size_visitor): Reverse behavior to not
emit a warning on not explicitly considered cases.
(region_model::check_region_size):
Adapt to size_visitor changes.
gcc/testsuite/ChangeLog:
* gcc.dg/analyzer/allocation-size-2.c: Change expected output
and add new test case.
* gcc.dg/analyzer/pr109577.c: New test.
(cherry picked from commit
r14-1684-g1d57a2232575913ad1085bac0ba5e22b58185179)
Signed-off-by: David Malcolm