GCC Static Analyzer evaluates `( ((c)<=(b)) && ((c)!=(b)) ) == false` to be FALSE with the fact `c >= b`

[Geoffrey1014]

date: 2023-1-9 commit: 8c8ca873216387bc26046615c806b96f0345ff9d args: -O0 -fanalyzer test:

#include "stdint.h"
#include <stdbool.h>

int a(int* b, int *c) {

d:
  if (c >= b) {

    __analyzer_eval((!(c >= b))==false);
    __analyzer_eval((((c)<=(b))&&((c)!=(b)))==false);
    __analyzer_eval(true);
    goto d;
  }
}

report: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108381 fix: original:

[Geoffrey1014]

Hi, i found a problem that GCC Static Analyzer evaluates ( ((c)<=(b)) && ((c)!=(b)) ) == false to be FALSE with the fact c >= b. However, CSA does not have this problem.

GSA: https://godbolt.org/z/qjEvndsxT CSA: https://godbolt.org/z/zMYheK7Pf

Input:

#include "stdint.h"
#include <stdbool.h>

int a(int* b, int *c) {

d:
  if (c >= b) {

    __analyzer_eval((!(c >= b))==false);
    __analyzer_eval((((c)<=(b))&&((c)!=(b)))==false);
    __analyzer_eval(true);
    goto d;
  }
}

Output:

<source>: In function 'a':
<source>:10:5: warning: implicit declaration of function '__analyzer_eval' [-Wimplicit-function-declaration]
   10 |     __analyzer_eval((!(c >= b))==false);
      |     ^~~~~~~~~~~~~~~
<source>:10:5: warning: TRUE
   10 |     __analyzer_eval((!(c >= b))==false);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<source>:11:5: warning: FALSE
   11 |     __analyzer_eval((((c)<=(b))&&((c)!=(b)))==false);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<source>:12:5: warning: TRUE
   12 |     __analyzer_eval(true);
      |     ^~~~~~~~~~~~~~~~~~~~~
<source>:11:5: warning: UNKNOWN
   11 |     __analyzer_eval((((c)<=(b))&&((c)!=(b)))==false);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<source>:12:5: warning: TRUE
   12 |     __analyzer_eval(true);
      |     ^~~~~~~~~~~~~~~~~~~~~
Compiler returned: 0

[ghost]

CSA can handle: https://godbolt.org/z/hY3dG734s