search

Geoffrey1014 / SA_Bugs

record bugs of static analyzers
3 stars 1 forks source link

GCC --Wdiv-by-zero false negative with `0 <= (f = 0) % e.b` #54

Closed 0-0x41 closed 1 year ago

0-0x41 commented 1 year ago

date: 2023-1-26 commit: 8c8ca873216387bc26046615c806b96f0345ff9d args: -O0 -fanalyzer test:

void __analyzer_eval();

union a
{
  int b;
} c()
{
  union a e;
  int f;
  e.b = 0;
  if (0 <= (f = 0) % e.b)
  {
    __analyzer_eval(0 <= (f = 0) % e.b);
  }
}

report: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109200 fix: original:

0-0x41 commented 1 year ago

GCC Static Analyzer does not generate a div-by-zero warning for the 0 <= (f = 0) % e.b statement, but if it is changed to 0 <= (f = 0) % 0, analyzer generates that warning.

See it live: https://godbolt.org/z/PYoroM8hx

void __analyzer_eval();

union a
{
  int b;
} ;
void c(){
  union a e;
  int f;
  e.b = 0;
  if (0 <= (f = 0) % e.b)
  // if (0 <= (f = 0) % 0)
  {
    __analyzer_eval(0 <= (f = 0) % e.b);
  }
}

Output:

<source>: In function 'c':
<source>:14:5: warning: TRUE
   14 |     __analyzer_eval(0 <= (f = 0) % e.b);
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Compiler returned: 0
Geoffrey1014 commented 1 year ago

duplicate of https://github.com/Geoffrey1014/SA_Bugs/issues/51