https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108301
Bug ID: 108301
Summary: GCC Static Analyzer evaluates "__analyzer_eval((!(((0
!= b[0]) == p_9) && p_9)))" to be TRUE in the true
branch of "if ((((0 != b[0]) == p_9) && p_9))"
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: geoffreydgr at icloud dot com
Target Milestone: ---
Hi, I found a problem that GCC Static Analyzer evaluates two contradictory
expressions to be true at the same time.
The two contradictory expressions are "__analyzer_eval( ((((0 != b[0]) ==
p_9))) && (p_9) );" and "__analyzer_eval(! ((((0 != b[0]) == p_9))) && (p_9)
);".
https://godbolt.org/z/GYj1oaxqr
Input:
```c
#include <stdbool.h>
#include "stdint.h"
void __analyzer_eval(int a) {}
int foo(const int p_9)
{
int a = 8;
int b[2] ={1,1};
for (int i = 0; i < 2; i++)
{
b[i] = 1;
}
lbl_1710:
if ((((0 != b[0]) == p_9) && p_9))
{
__analyzer_eval( ((((0 != b[0]) == p_9))) && (p_9) );
__analyzer_eval(! ((((0 != b[0]) == p_9))) && (p_9) );
for (a = (1); (a != 2); ++a)
{
if (-1)
{
goto lbl_1710;
}
}
}
return p_9;
}
int main(){}
```
Output:
```bash
<source>: In function 'foo':
<source>:18:5: warning: TRUE
18 | __analyzer_eval( ((((0 != b[0]) == p_9))) && (p_9) );
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<source>:19:5: warning: TRUE
19 | __analyzer_eval(! ((((0 != b[0]) == p_9))) && (p_9) );
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<source>:18:5: warning: UNKNOWN
18 | __analyzer_eval( ((((0 != b[0]) == p_9))) && (p_9) );
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
<source>:19:5: warning: UNKNOWN
19 | __analyzer_eval(! ((((0 != b[0]) == p_9))) && (p_9) );
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Compiler returned: 0
```
