From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 65B1F3858D32; Thu,  6 Apr 2023 17:08:03 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 65B1F3858D32
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1680800883;
	bh=MqDvbWEoNYvWEfy0CSquN4pWcZZ+z7QCqSihJMQ4QYk=;
	h=From:To:Subject:Date:From;
	b=nSjFdsoIMt7Ytj5LahbfRhV9njPk3Q8BPC1Hl462UwdxaeqCMu3lV83FAthBZuC8u
	 +wjJe+oOjcw7L/Tkmqzjlxw6+QmjhIZs0fEFkJK1xRCgd2Qx/hKbroYnAfp0nBX88z
	 rsuF2KFdBpO6C4OVRhTvM+iKcxj4JvibRLCtiHTY=
From: "priour.be at gmail dot com" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug analyzer/109439] New: RFE: Spurious
 -Wanalyzer-use-of-uninitialized-value tagging along -Wanalyzer-out-of-bounds
Date: Thu, 06 Apr 2023 17:08:02 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: analyzer
X-Bugzilla-Version: 13.0
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: priour.be at gmail dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: dmalcolm at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status
 bug_severity priority component assigned_to reporter cc target_milestone
 cf_gccbuild
Message-ID: <bug-109439-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <gcc-bugs.sourceware.org>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D109439

            Bug ID: 109439
           Summary: RFE: Spurious -Wanalyzer-use-of-uninitialized-value
                    tagging along -Wanalyzer-out-of-bounds
           Product: gcc
           Version: 13.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: analyzer
          Assignee: dmalcolm at gcc dot gnu.org
          Reporter: priour.be at gmail dot com
                CC: priour.be at gmail dot com
  Target Milestone: ---
             Build: 13.0.1 20230328 (experimental)

For every -Wanalyzer-out-of-bounds, a corresponding
-Wanalyzer-use-of-initialized-value seemingly tags along.
As most likely fixing the former would also fix the latter, it would make s=
ense
to only have a OOB diagnosed.

Tested on trunk.

int would_like_only_oob ()
{
    int arr[] =3D {1,2,3,4,5,6,7};
    int y1 =3D arr[9]; // 2 warnings instead of only OOB warning are emitte=
d here
    return y1;
}=20

In the mail list, David suggested that

"Maybe we could fix this by having region_model::check_region_bounds
return a bool that signifies if the access is valid, and propagating
that value up through callers so that we can return a non-
poisoned_svalue at the point where we'd normally return an
"uninitialized" poisoned_svalue.

Alternatively, we could simply terminate any analysis path in which an
OOB access is detected (by implementing the
pending_diagnostic::terminate_path_p virtual function for class
out_of_bounds)."=