GCC Static Analyzer evaluates `(!(e || d.b) == true)` to be TRUE with the fact that `(e || d.b) == true`

Question

GCC Static Analyzer evaluates `(!(e || d.b) == true)` to be TRUE with the fact that `(e || d.b) == true`

Closed this issue 2 years ago · 3 comments

date: 2023-1-25
commit: 8c8ca873216387bc26046615c806b96f0345ff9d
args: -O0 -fanalyzer
test:

#include "stdbool.h"
void __analyzer_eval();

struct a
{
    int b
} c()
{
    struct a d;
    int e;
    for (;;)
    {
        if (e || d.b)
        {
            __analyzer_eval((e || d.b) == true);
            __analyzer_eval(!(e || d.b) == true);
        }
    }
}

report:
fix:
original:

Answer 1 · 2023-01-25T07:51:23.000Z

See it live: https://godbolt.org/z/KWGo8YvxW.

Answer 2 · 2023-01-25T12:26:37.000Z

It would be due to the uninitializations of variables. If we initialize the variables, GSA behaviors are as expected.

Answer 3 · 2023-01-25T12:27:02.000Z

Perhaps we could check whether there are some undefined behaviors in this program.