https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115380
Bug ID: 115380
Summary: Missing MUL_OVERFLOW support in analayzer
Product: gcc
Version: 15.0
Status: UNCONFIRMED
Keywords: diagnostic
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: pinskia at gcc dot gnu.org
Blocks: 109896
Target Milestone: ---
Take (which is a modified version of g++.dg/analyzer/placement-new-size.C):
```
/* { dg-additional-options "-Wno-placement-new
-Wno-analyzer-use-of-uninitialized-value" } */
#include <new>
#include <stdlib.h>
#include <stdint.h>
void static_buffer_too_short (int t)
{
int n = t*4;
int n1 = (t+1);
if (__builtin_mul_overflow(n1, 4, &n1))
__builtin_abort();
char buf[n];
char *p = new (buf) char[n1]; /* { dg-warning "stack-based buffer overflow" }
*/
}
void static_buffer_too_short1 (int t)
{
int n = t*4;
int n1 = (t+1);
n1 = n1*4;
char buf[n];
char *p = new (buf) char[n1]; /* { dg-warning "stack-based buffer overflow" }
*/
}
```
static_buffer_too_short should warn the same way as static_buffer_too_short1
currently does.
Note this was found while looking into the regressions developing of the patch
for PR 109896.
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109896
[Bug 109896] Missed optimisation: overflow detection in multiplication
instructions for operator new
