> > for this specific function (vrp_int_const_binop), I'm issuing a > > warning inside the else-if branch that tests for the overflowed > > result. I'm unclear why that is a false positive since the result is > > known to overflow. Could you elaborate? > > Well, we use that function to do arithmetic on value ranges like > for example the ranges involving the expression a + b > > [50, INT_MAX] + [50, 100] > > now you will get a warning as we use vrp_int_const_binop to add > INT_MAX and 100 (to yield INT_MAX in the signed case). Of > course adding a + b will not always overflow here (it might never > as the INT_MAX bound might be just due to VRP deficiencies), > for example 50 + 50 will not overflow. > > So using vrp_int_const_binop to generate the warning will yield > very many false positives (also due to the fact that if we only know > the lower or upper bound we have lots of INT_MAX and INT_MIN > in value ranges).
You could emit a warning if the entire range overflows (i.e. both lower and upper bound calculations overflow), since that means that the calculation of a+b necessarily overflows. Best wishes, Duncan.
