> > for this specific function (vrp_int_const_binop), I'm issuing a
> > warning inside the else-if branch that tests for the overflowed
> > result. I'm unclear why that is a false positive since the result is
> > known to overflow. Could you elaborate?
>
> Well, we use that function to do arithmetic on value ranges like
> for example the ranges involving the expression a + b
>
> [50, INT_MAX] + [50, 100]
>
> now you will get a warning as we use vrp_int_const_binop to add
> INT_MAX and 100 (to yield INT_MAX in the signed case). Of
> course adding a + b will not always overflow here (it might never
> as the INT_MAX bound might be just due to VRP deficiencies),
> for example 50 + 50 will not overflow.
>
> So using vrp_int_const_binop to generate the warning will yield
> very many false positives (also due to the fact that if we only know
> the lower or upper bound we have lots of INT_MAX and INT_MIN
> in value ranges).
You could emit a warning if the entire range overflows (i.e. both lower
and upper bound calculations overflow), since that means that the calculation
of a+b necessarily overflows.