[PATCH] D35110: [Analyzer] Constraint Manager Negates Difference
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Jul 17 08:04:30 PDT 2017
NoQ added inline comments.
================
Comment at: lib/StaticAnalyzer/Core/RangeConstraintManager.cpp:511
+ SSE->getLHS()->getType()->isSignedIntegerOrEnumerationType() ||
+ SSE->getLHS()->getType()->isPointerType()) {
+ return negV->Negate(BV, F);
----------------
baloghadamsoftware wrote:
> NoQ wrote:
> > Pointer types are currently treated as unsigned, so i'm not sure you want them here.
> For me it seems that pointer differences are still pointer types and they are signed. (The range becomes negative upon negative assumption. From test `ptr-arith.c`:
>
> ```
> void use_symbols(int *lhs, int *rhs) {
> clang_analyzer_eval(lhs < rhs); // expected-warning{{UNKNOWN}}
> if (lhs < rhs)
> return;
> clang_analyzer_eval(lhs < rhs); // expected-warning{{FALSE}}
>
> clang_analyzer_eval(lhs - rhs); // expected-warning{{UNKNOWN}}
> if ((lhs - rhs) != 5)
> return;
> clang_analyzer_eval((lhs - rhs) == 5); // expected-warning{{TRUE}}
> }
> ```
>
> If I put `clang_analyzer_printState()` into the empty line in the middle, I get the following range for the difference: `[-9223372036854775808, 0]`. If I replace `int*` with `unsigned`, this range becomes `[0, 0]`, so `int*` is handled as a signed type here.
Umm, yeah, i was wrong.
*looks closer*
`T` is the type of the difference, right? I don't think i'd expect pointer type as the type of the difference.
Could you add test cases for pointers if you intend to support them (and maybe for unsigned types)?
https://reviews.llvm.org/D35110
More information about the cfe-commits
mailing list