[PATCH] D92634: [Analyzer] Diagnose signed integer overflow
Ella Ma via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Sun Jan 3 19:59:54 PST 2021
OikawaKirie added a comment.
In D92634#2476161 <https://reviews.llvm.org/D92634#2476161>, @danielmarjamaki wrote:
>> Besides, the return value should be the exact value computed from the two integers, even unknown, rather than undefined. As the developers may overflow an integer on purpose.
>
> I am not sure what you mean. If there is undefined behavior then the value should be undefined and nothing else.. right?
Exactly, it is undefined behavior in the C++ standard. However, the mainstream compilers like GCC and Clang implement this as the overflowed value, and some programmers also use this feature to do some tricky things. Therefore I suggest the computed value should be "the exact value computed from the two integers". Or it can be the `Unknown` `SVal`, but rather than the `Undefined` `SVal`, as the `Undefined` `SVal` is used to represent what is read from an uninitialized variable.
But I do not favour the `Unknown` solution, as it could also trigger other problems in the engine, just as what has been mentioned by steakhal. Or maybe it would be no longer a problem if you implement this in a checker, but as a non-fatal error it is, you can just leave the overflowed value as it is, and report the problem only without terminating the symbol execution on this path. There is no need to report this problem all the time.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D92634/new/
https://reviews.llvm.org/D92634
More information about the cfe-commits
mailing list