GCC --Wdiv-by-zero false negative with `(d.b = 1) / f`

Geoffrey1014 / SA_Bugs

record bugs of static analyzers

3 stars 1 forks source link

GCC --Wdiv-by-zero false negative with `(d.b = 1) / f` #51

Open 0-0x41 opened 1 year ago

0-0x41 commented 1 year ago

date: 2023-1-20 commit: 8c8ca873216387bc26046615c806b96f0345ff9d args: -O0 -fanalyzer test:

void __analyzer_eval();

struct a
{
    int b : 6;
} c()
{
    struct a d;
    int e = 2;
    int f = 0;
    if ((d.b = 1) / f)
        if (1 >= d.b <= e)
        {
            __analyzer_eval(0 >= d.b <= e);
        }
}

report: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109201 fix: original:

0-0x41 commented 1 year ago

GCC Static Analyzer does not generate a div-by-zero warning for the if ((d.b = 1) / f) statement, but if it is changed to if ((d.b = 1) / 0), analyzer generates that warning.

See it live: https://godbolt.org/z/bsM86c4En.

Input:

void __analyzer_eval();

struct a
{
    int b : 6;
} c()
{
    struct a d;
    int e = 2;
    int f = 0;
    if ((d.b = 1) / f)
        if (1 >= d.b <= e)
        {
            __analyzer_eval(0 >= d.b <= e);
        }
}

0-0x41 commented 1 year ago

https://godbolt.org/z/jzbE4srYE

Geoffrey1014 commented 1 year ago

duplicate of https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99669