[clang static analyzer] `clang_analyzer_eval` affects the analyzer's result

Question

[clang static analyzer] `clang_analyzer_eval` affects the analyzer's result

Closed this issue 2 years ago · 1 comments

date: 2023-1-15
commit: 0c0681b7414c385d0fd5fad302c0d48607262050
args: --analyze -Xclang -analyzer-stats -Xclang -analyzer-checker=core,debug.ExprInspection
test:

void clang_analyzer_eval();

void f(int b)
{
    int c = 1;
    clang_analyzer_eval(c && (c = 0) | b);
    if (c && (c = 0) | b)
    {
        clang_analyzer_eval(c && (c = 0) | b);
        if (c && (c = 0) | b)
        {
            *(int *)0;
        }
    }
}

report: llvm/llvm-project#60120
fix:
original:

Answer 1 · 2023-01-15T09:55:00.000Z

In this case, when clang_analyzer_eval is added at line 6 (https://godbolt.org/z/7o9647f17), the eval statement inside the if branch has no output. However, when line 6 is commented out (https://godbolt.org/z/szb8v58b9), then it is output.

Also, the eval result of (c && (c = 0) | b) (line 9) should probably be TRUE after analyzer goes inside the if branch.