https://gcc.gnu.org/g:67e1433a94f8ca82e2c36b79af44256430c73c38
commit r14-9935-g67e1433a94f8ca82e2c36b79af44256430c73c38 Author: Stefan Schulze Frielinghaus <stefa...@linux.ibm.com> Date: Fri Apr 12 11:06:24 2024 +0200 analyzer: Bail out on function pointer for -Wanalyzer-allocation-size On s390 pr94688.c is failing due to excess error pr94688.c:6:5: warning: allocated buffer size is not a multiple of the pointee's size [CWE-131] [-Wanalyzer-allocation-size] This is because on s390 functions are by default aligned to an 8-byte boundary and during function type construction size is set to function boundary. Thus, for the assignment a.0_1 = (void (*<T237>) ()) &a; we have that the right-hand side is pointing to a 4-byte memory region whereas the size of the function pointer is 8 byte and a warning is emitted. Since -Wanalyzer-allocation-size is not about pointers to code, bail out early. gcc/analyzer/ChangeLog: * region-model.cc (region_model::check_region_size): Bail out early on function pointers. Diff: --- gcc/analyzer/region-model.cc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc index 665873dbe94..bebe2ed3cd6 100644 --- a/gcc/analyzer/region-model.cc +++ b/gcc/analyzer/region-model.cc @@ -3514,6 +3514,10 @@ region_model::check_region_size (const region *lhs_reg, const svalue *rhs_sval, || TYPE_SIZE_UNIT (pointee_type) == NULL_TREE) return; + /* Bail out early on function pointers. */ + if (TREE_CODE (pointee_type) == FUNCTION_TYPE) + return; + /* Bail out early on pointers to structs where we can not deduce whether the buffer size is compatible. */ bool is_struct = RECORD_OR_UNION_TYPE_P (pointee_type);