[PATCH] D35110: [Analyzer] Constraint Manager Negates Difference
Balogh, Ádám via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Jul 13 07:36:44 PDT 2017
baloghadamsoftware added inline comments.
================
Comment at: lib/StaticAnalyzer/Core/RangeConstraintManager.cpp:511
+ SSE->getLHS()->getType()->isSignedIntegerOrEnumerationType() ||
+ SSE->getLHS()->getType()->isPointerType()) {
+ return negV->Negate(BV, F);
----------------
NoQ wrote:
> Pointer types are currently treated as unsigned, so i'm not sure you want them here.
For me it seems that pointer differences are still pointer types and they are signed. (The range becomes negative upon negative assumption. From test `ptr-arith.c`:
```
void use_symbols(int *lhs, int *rhs) {
clang_analyzer_eval(lhs < rhs); // expected-warning{{UNKNOWN}}
if (lhs < rhs)
return;
clang_analyzer_eval(lhs < rhs); // expected-warning{{FALSE}}
clang_analyzer_eval(lhs - rhs); // expected-warning{{UNKNOWN}}
if ((lhs - rhs) != 5)
return;
clang_analyzer_eval((lhs - rhs) == 5); // expected-warning{{TRUE}}
}
```
If I put `clang_analyzer_printState()` into the empty line in the middle, I get the following range for the difference: `[-9223372036854775808, 0]`. If I replace `int*` with `unsigned`, this range becomes `[0, 0]`, so `int*` is handled as a signed type here.
https://reviews.llvm.org/D35110
More information about the cfe-commits
mailing list