Fix static analysis findings: uninitialized vars, bitwise shift UB, garbage values

- nla_core.cpp: Initialize j = null_lpvar in is_octagon_term - bit2int.cpp: Initialize sign_p, sign_n, sz_p, sz_n - act_cache.cpp: Initialize debug vars to nullptr - enum2bv_rewriter.cpp: Use unsigned literal in 1u << idx - bit_matrix.cpp: Use unsigned literal in 1u << (n-1) - bit_util.cpp: Guard against bit_shift == 0 in shl/shr - mpff.cpp: Cast exp to unsigned before shifting - sorting_network.h: Guard against bits == 0 - dl_sparse_table.h: Use >= 64 instead of == 64 Co-authored-by: NikolajBjorner <3085284+NikolajBjorner@users.noreply.github.com>
2026-06-09 10:30:59 +00:00 · 2026-03-02 00:13:55 +00:00 · 2026-03-02 00:13:55 +00:00 · 8e94cad8ab
commit 8e94cad8ab
parent 122ee94935
9 changed files with 42 additions and 22 deletions
--- a/src/ast/act_cache.cpp
+++ b/src/ast/act_cache.cpp
@ -173,7 +173,7 @@ void act_cache::insert(expr * k, unsigned offset, expr * v) {
        DEBUG_CODE(expected_tag = 0;); 
    }
    DEBUG_CODE({
-        expr * v2;
+        expr * v2 = nullptr;
        SASSERT(m_table.find(e, v2));
        SASSERT(v == UNTAG(expr*, v2));
        SASSERT(expected_tag == GET_TAG(v2));
@ -195,7 +195,7 @@ expr * act_cache::find(expr * k, unsigned offset) {
        SASSERT(m_unused > 0);
        m_unused--;
        DEBUG_CODE({
-            expr * v;
+            expr * v = nullptr;
            SASSERT(m_table.find(e, v));
            SASSERT(GET_TAG(v) == 1);
        });
--- a/src/ast/rewriter/bit2int.cpp
+++ b/src/ast/rewriter/bit2int.cpp
@ -354,8 +354,8 @@ void bit2int::visit(app* n) {
        //
        // (pos1 - neg1) mod e2 = (pos1 + (e2 - (neg1 mod e2))) mod e2
        //
-        unsigned sz_p, sz_n, sz;
-        bool sign_p, sign_n;
+        unsigned sz_p = 0, sz_n = 0, sz;
+        bool sign_p = false, sign_n = false;
        expr_ref tmp_p(m), tmp_n(m);
        VERIFY(extract_bv(pos1, sz_p, sign_p, tmp_p));
        VERIFY(extract_bv(neg1, sz_n, sign_n, tmp_n));
--- a/src/ast/rewriter/enum2bv_rewriter.cpp
+++ b/src/ast/rewriter/enum2bv_rewriter.cpp
@ -64,7 +64,7 @@ struct enum2bv_rewriter::imp {
            unsigned bv_size = get_bv_size(s);
            sort_ref bv_sort(m_bv.mk_sort(bv_size), m);
            if (is_unate(s))
-                return m_bv.mk_numeral(rational((1 << idx) - 1), bv_sort.get());
+                return m_bv.mk_numeral(rational((1u << idx) - 1), bv_sort.get());
            else 
                return m_bv.mk_numeral(rational(idx), bv_sort.get());
        }