[clang] [clang][StaticAnalyzer] Fix crash in SimpleSValBuilder with unsigned __int128 and negative literals (PR #150225)

Balazs Benics via cfe-commits Fri, 25 Jul 2025 06:16:56 -0700

================
@@ -164,6 +170,11 @@ BuiltinFunctionChecker::checkOverflow(CheckerContext &C, 
SVal RetVal,
   SVal IsLeMax = SVB.evalBinOp(State, BO_LE, RetVal, MaxVal, Res);
   SVal IsGeMin = SVB.evalBinOp(State, BO_GE, RetVal, MinVal, Res);
 
+  // If the comparison results are unknown, be conservative
+  if (IsLeMax.isUnknown() || IsGeMin.isUnknown()) {
+    return {true, true};
+  }
+
----------------
steakhal wrote:


I thought that `assume(x,z)` is `{true,true}` if either of `x` or `y` are 
`Unknown`.
This would suggest to me that `{MayOverflow || MayUnderflow, MayNotOverflow && 
MayNotUnderflow}` should also result in `{true,true}` if `x` or `y` was 
`Unknown`.

WDYT?

// of course checking it before the `assume` should do no harm, it's just 
unnecessary.

https://github.com/llvm/llvm-project/pull/150225
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][StaticAnalyzer] Fix crash in SimpleSValBuilder with unsigned __int128 and negative literals (PR #150225)

Reply via email to