analyzer: fix pointer comparisons
Fixes a bug in the static analyzer that caused false positives due to incorrect pointer comparison logic.
The static analyzer was producing false positives related to pointer comparisons, particularly when using std::string with small-string optimization. This commit fixes a bug in region_svalue::eval_condition that was comparing memory regions by identity rather than by their addresses. This change improves the accuracy of the analyzer and reduces the number of false warnings reported to users.
In Details
The analyzer's region_svalue::eval_condition function was incorrectly comparing pointer values based on the identity of the underlying memory "region" instances. This led to incorrect results in cases where different regions represented the same memory address, such as with std::string's small-string optimization. The fix involves comparing region_offset values using store::eval_alias to properly account for base regions and byte offsets.
For Context
A static analyzer is a tool that automatically examines source code to identify potential bugs and vulnerabilities. This commit addresses a flaw in how the GCC static analyzer compared pointers, which could lead to incorrect warnings about potential issues in the code. By fixing this comparison, the analyzer becomes more accurate, providing developers with more reliable feedback about their code.