<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/122457>122457</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
[Clang] Diagnose invalid pointer overflow check with intermediate variable
</td>
</tr>
<tr>
<th>Labels</th>
<td>
clang:diagnostics
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
nikic
</td>
</tr>
</table>
<pre>
https://github.com/llvm/llvm-project/pull/120222 added support to `-Wtautological-compare` to diagnose comparisons like `ptr + unsigned_offset < ptr`, which are always false due to undefined behavior on pointer overflow during addition.
However, most commonly this pattern appears when the result of the addition is stored in an intermediate variable first (because it will also be used later):
```
bool test(const char *ptr, size_t index) {
const char *end_ptr = ptr + index;
return end_ptr < ptr;
}
```
It would be great to diagnose these cases as well, based on CFG analysis.
cc @AaronBallman @ldionne as we discussed this on Wednesday.
</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJyUVMGO4zYM_RrlQkxgy0mcHHzwJEjbL9jjgJaYmB1FMkQ6afr1hZwdLLbtZQEDhiSSenyPTyjC10jUme272Z5WOOuYchf5k91qSP7ZjaqTmKY39mzs-co6zsPapZux5xDuX7-3Kac_yamx52kOwdhzbStrLaD35EHmaUpZQROYXfX2TXHWFNKVHYY3l24TZjK7qpx7xmtMQvDaZklRIPAnlcxJMxj7DnNcYPuPdLkIKZjmCJNms6uMPcJjZDcCZgIMD3wKXDAIgZ-pXDBHTxeO5GGgEe-cMqQIU-KolCHdKV9CeoCfM8drwc_KKa5N1Zuq_z096E653HJLogXkLcXwBB1ZYEJVyhFwmgizwGOkCDoSZJI5KKTLsvqqCSwgmjJ54AgYYYFwI8-oBHfMjEMguHAWBWP3AzmchYAVHhwCYJAEA8Es5CGgFlyHIlXVFyZeX9UPKQVQEjV271IsqEcsPPaFMnsE4b_pQ4Gjp7-MPYBp303VA_wcTNF_LPw3J_jS4ZXSvMIz6Zwj_Ih7abKcmvb0L1Sm6v9QeKQ5FCHgmgn1J_11pDIFKCSAAg8qY3WEAUu3KcLx_BtgxPAUlu_qOAdmU_WYU3zHEG4Yyzp4TjHSqwh4FjdLqbFIliJ8Ix9JPD7XK981_tAccEVd3Ta7bd22O7sau53b1Dt07eZiN4dqT23d7odN2-wc7j1Su-LOVnZb1XVVbyq7sWu_G_ZbtM7X5JtmuzWbim7IYV3csk75umKRmbra2s22XQUcKMjiQmtdwHg1Tf-dCmUnxtpiz9wtZhvmq5TGWFR-FFTWsBj5uORvT3D64pLjHQP7_065G8l9woN1_P_hW805_PoTsLQmyyOwdHfv7D8BAAD__5FId30">