From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 1B6713858C78; Thu, 1 Dec 2022 14:07:41 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 1B6713858C78 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1669903661; bh=B/Ihjd0Sks50M4bNPmD52fVQdOf4YDA3QhiDL2oVB3k=; h=From:To:Subject:Date:From; b=s5ZUerg6Z7Gemz2gmQqKesPud3XAJDhY37UcKmq1rmABvkV8oyuHaRN1e9KBNlPg5 PnvsRv7XP5huky7G9ZpMPH0XRspRCEqVKFnfLmWL/UEeXgqxF/Nw+b8eEm5lgChq8r 1OIQWEYLJPDEaWaNQbg3omNteh3ygX4TMPAif2D4= From: "geoffreydgr at icloud dot com" To: gcc-bugs@gcc.gnu.org Subject: =?UTF-8?B?W0J1ZyBhbmFseXplci8xMDc5NDhdIE5ldzogR0NDIFN0YXRpYyBB?= =?UTF-8?B?bmFseXplciBkb2Vzbid0IHJlYWxpemUgYDAgLSB3aWR0aCA8PSAwYCBpcyBh?= =?UTF-8?B?bHdheXMgdHJ1ZSB3aGVuIGB3aWR0aCA+IDBgIGFuZCBgd2lkdGggaXMgaW50?= =?UTF-8?B?YCB0eXBl77yM?= Date: Thu, 01 Dec 2022 14:07:40 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: analyzer X-Bugzilla-Version: 13.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: geoffreydgr at icloud dot com X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: dmalcolm at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D107948 Bug ID: 107948 Summary: GCC Static Analyzer doesn't realize `0 - width <=3D 0` is always true when `width > 0` and `width is int` type=EF=BC=8C Product: gcc Version: 13.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: geoffreydgr at icloud dot com Target Milestone: --- I got a false negative error when compiling the following program with gcc(trunk) -fanalyzer -O0. https://godbolt.org/z/vneenabc5 ``` extern void __analyzer_eval (int); void foo(int width) { int i =3D 0; int base; if (width > 0){ __analyzer_eval(i =3D=3D 0); __analyzer_eval(width > 0); __analyzer_eval(width - i > 0); __analyzer_eval(i - width <=3D 0); if (i - width <=3D 0) { base =3D 512; } } base+=3D1; } ``` Output: ``` : In function 'foo': :7:9: warning: TRUE 7 | __analyzer_eval(i =3D=3D 0); | ^~~~~~~~~~~~~~~~~~~~~~~ :8:9: warning: TRUE 8 | __analyzer_eval(width > 0); | ^~~~~~~~~~~~~~~~~~~~~~~~~~ :9:9: warning: TRUE 9 | __analyzer_eval(width - i > 0); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ :10:9: warning: UNKNOWN 10 | __analyzer_eval(i - width <=3D 0); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ :15:9: warning: use of uninitialized value 'base' [CWE-457] [-Wanalyzer-use-of-uninitialized-value] 15 | base+=3D1; | ~~~~^~~ 'foo': events 1-3 | | 5 | int base; | | ^~~~ | | | | | (1) region created on stack here | | (2) capacity: 4 bytes |...... | 15 | base+=3D1; | | ~~~~~~~ | | | | | (3) use of uninitialized value 'base' here ``` GCC Static Analyzer doesn't realize `0 - width <=3D 0` is always true when = `width > 0` and `width is int type`=EF=BC=8Chence it reports a wrong use-of-uninitialized-value warning. The analysis result shows that analyzer knows `width - i > 0` is true but d= oes not know the equivalence formula ` i - width <=3D 0` is also true.=