The reproducers for PR 63311, both Fortran and C (attachment 33852 [details]) currently generate false positives from -Wanalyzer-use-of-uninitialized-value when optimization is off (and they are silent when optimization is on).
It seems to be an issue with -fanalyzer thinking that __builtin_sinf could clobber *flag (which presumably it can't, being pure or const), thus allowing for the "flag is false" branch to skip initialization of t and tt, and then later executing the "flag is true" branch.
Potentially just a dup of PR analyzer/104434, but there might be additional issues with the reproducer.
The master branch has been updated by David Malcolm <firstname.lastname@example.org>:
Author: David Malcolm <email@example.com>
Date: Wed Feb 16 18:21:58 2022 -0500
analyzer: const functions have no side effects [PR104576]
PR analyzer/104576 tracks that we issue a false positive from
-Wanalyzer-use-of-uninitialized-value for the reproducers of PR 63311
when optimization is disabled.
The root cause is that the analyzer was considering that a call to
__builtin_sinf could have side-effects.
This patch fixes things by generalizing the handling for "pure"
functions to also consider "const" functions.
* region-model.cc: Include "calls.h".
(region_model::on_call_pre): Use flags_from_decl_or_type to
generalize check for DECL_PURE_P to also check for ECF_CONST.
* gcc.dg/analyzer/torture/uninit-pr63311.c: New test.
* gcc.dg/analyzer/uninit-pr104576.c: New test.
* gfortran.dg/analyzer/uninit-pr63311.f90: New test.
Signed-off-by: David Malcolm <firstname.lastname@example.org>
Should be fixed by the above patch.
(In reply to David Malcolm from comment #1)
> Potentially just a dup of PR analyzer/104434, but there might be additional
> issues with the reproducer.
Not quite: this one covers "const" functions not having side-effects, whereas PR analyzer/104434 concerns the return values of const/pure functions.