From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 2BFDF3854563; Fri, 18 Nov 2022 20:20:19 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 2BFDF3854563
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1668802819;
	bh=PYgfvSCghYXusdw27SF1RaJGDn/Q2llar1jYqAHdRdU=;
	h=From:To:Subject:Date:In-Reply-To:References:From;
	b=bqoL6q+A9SndXOt8Ekcq0eJKbCfF3ICggHaUsxW2RxOrD1HOF9wXJQzElnVkwxmOS
	 OsD2iehXrki4uC0kcboU9/8h7iwocIOwu/pHBV5Hzxqx1nWB9DL3ciNYeG6PQfpYBA
	 sPdqDEDI89Tc0Tyxc5nj2qsgS5tz82z748zWxhCM=
From: "dmalcolm at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug analyzer/107582] - -Wanalyzer-use-of-uninitialized-value false
 positive with while loop in pthread_cleanup_push
Date: Fri, 18 Nov 2022 20:20:18 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: analyzer
X-Bugzilla-Version: 12.2.0
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: dmalcolm at gcc dot gnu.org
X-Bugzilla-Status: ASSIGNED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: dmalcolm at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-107582-4-GMATkR44Ah@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-107582-4@http.gcc.gnu.org/bugzilla/>
References: <bug-107582-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <gcc-bugs.sourceware.org>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D107582

--- Comment #5 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
It's a bug in feasibility-checking when jumping through a function pointer:
dynamic_call_info_t::update_model blindly copies over the state from the
exploded_node's state, overwriting the precise knowledge of "ret" (which was
known to be =3D=3D 110) with the UNKNOWN svalue.=