GCC Static Analyzer evaluates `( ((c)<=(b)) && ((c)!=(b)) ) == false` to be FALSE with the fact `c >= b`
Opened this issue · 2 comments
Geoffrey1014 commented
date: 2023-1-9
commit: 8c8ca873216387bc26046615c806b96f0345ff9d
args: -O0 -fanalyzer
test:
#include "stdint.h"
#include <stdbool.h>
int a(int* b, int *c) {
d:
if (c >= b) {
__analyzer_eval((!(c >= b))==false);
__analyzer_eval((((c)<=(b))&&((c)!=(b)))==false);
__analyzer_eval(true);
goto d;
}
}
report: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108381
fix:
original:
Geoffrey1014 commented
Hi, i found a problem that GCC Static Analyzer evaluates ( ((c)<=(b)) && ((c)!=(b)) ) == false
to be FALSE with the fact c >= b
. However, CSA does not have this problem.
GSA: https://godbolt.org/z/qjEvndsxT
CSA: https://godbolt.org/z/zMYheK7Pf
Input:
#include "stdint.h"
#include <stdbool.h>
int a(int* b, int *c) {
d:
if (c >= b) {
__analyzer_eval((!(c >= b))==false);
__analyzer_eval((((c)<=(b))&&((c)!=(b)))==false);
__analyzer_eval(true);
goto d;
}
}
Output:
<source>: In function 'a':
<source>:10:5: warning: implicit declaration of function '__analyzer_eval' [-Wimplicit-function-declaration]
10 | __analyzer_eval((!(c >= b))==false);
| ^~~~~~~~~~~~~~~
<source>:10:5: warning: TRUE
10 | __analyzer_eval((!(c >= b))==false);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<source>:11:5: warning: FALSE
11 | __analyzer_eval((((c)<=(b))&&((c)!=(b)))==false);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<source>:12:5: warning: TRUE
12 | __analyzer_eval(true);
| ^~~~~~~~~~~~~~~~~~~~~
<source>:11:5: warning: UNKNOWN
11 | __analyzer_eval((((c)<=(b))&&((c)!=(b)))==false);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<source>:12:5: warning: TRUE
12 | __analyzer_eval(true);
| ^~~~~~~~~~~~~~~~~~~~~
Compiler returned: 0
Deleted user commented
CSA can handle: https://godbolt.org/z/hY3dG734s