issues
search
Geoffrey1014
/
SA_Bugs
record bugs of static analyzers
1
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
[clang static analyzer] false negative related to alpha.security.ArrayBoundV2
#77
0x21af
opened
8 months ago
0
solver doesn't realize that `z > x && z < y` is unsat with the fact `x == y`
#76
0x21af
opened
8 months ago
0
pinpoint-fn-1
#75
Geoffrey1014
opened
9 months ago
0
pinpoint-fp-3
#74
Geoffrey1014
opened
9 months ago
0
pinpoint-fp-2
#73
Geoffrey1014
opened
9 months ago
0
pinpoint-fp-1
#72
Geoffrey1014
opened
9 months ago
0
-Wanalyzer-out-of-bounds false negative with `return arr[9];` at -O1 and above
#71
ghost
opened
9 months ago
1
-Wanalyzer-out-of-bounds false negative with `return l_1322[9];` at -O1 and above
#70
ghost
opened
9 months ago
1
-Wanalyzer-null-dereference false nagetive with `*ptr = 10086`
#69
ghost
opened
1 year ago
2
GCC --Wanalyzer-null-dereference false nagetive with `*p = i`
#68
ghost
opened
1 year ago
2
GCC --Wanalyzer-null-dereference false nagetive with `*arr[0] = 10086`
#67
ghost
opened
1 year ago
2
[clang static analyzer] core.NullDereference false positive with `*p`
#66
ghost
opened
1 year ago
1
GCC -Wanalyzer-out-of-bounds False negative
#65
Geoffrey1014
opened
1 year ago
1
GSA evaluates __analyzer_eval(((a())<(0))||((a())==(0))); to be TRUE, but function a() is a unknown function
#64
Geoffrey1014
opened
1 year ago
2
CSA does not know "b > 0" under the if condition that "a>0 && b > a"
#63
Geoffrey1014
opened
1 year ago
2
[clang static analyzer] core.NullDereference false negative with `*e = *c`
#62
ghost
opened
1 year ago
2
GCC --Wanalyzer-null-dereference false negative with `*c = 0`
#61
ghost
opened
1 year ago
3
GSA evaluates `a > b` to be TRUE but evaluates `b < a` to be UNKNOWN
#60
Geoffrey1014
opened
1 year ago
2
GSA evaluates `e == d + 1` to be UNKNOWN with the fact that `e == d`
#59
0-0x41
opened
1 year ago
3
[clang static analyzer] core.NullDereference false positive with `*(int *)0`
#58
0-0x41
closed
1 year ago
2
GSA does not make the assumption that a pointer `p` to a variable `a`is not NULL
#57
Geoffrey1014
closed
1 year ago
1
GCC Static Analyzer does not kown `c || b.d` is false with the fact that `c=0` and `b.d=0`
#56
0-0x41
opened
1 year ago
2
GSA evaluates `__analyzer_eval((((c) + 1) == ((&b[0]) + 1)))` to be FLASE with the fact `c == &b[0]`
#55
0-0x41
opened
1 year ago
1
GCC --Wdiv-by-zero false negative with `0 <= (f = 0) % e.b`
#54
0-0x41
closed
1 year ago
2
GCC Static Analyzer evaluates `(!(e || d.b) == true)` to be TRUE with the fact that `(e || d.b) == true`
#53
0-0x41
closed
1 year ago
3
GCC --Wanalyzer-null-dereference false negative with `*p = 42`
#52
0-0x41
closed
1 year ago
2
GCC --Wdiv-by-zero false negative with `(d.b = 1) / f`
#51
0-0x41
opened
1 year ago
3
GCC --Wanalyzer-null-dereference false negative with `*(int *)0`
#50
0-0x41
closed
1 year ago
1
[clang static analyzer] `clang_analyzer_eval` result error for `((c ^= b || b) == b)`
#49
0-0x41
closed
1 year ago
1
[clang static analyzer] `clang_analyzer_eval` affects the analyzer's result
#48
0-0x41
closed
1 year ago
1
Unrelated code has effect on the analysis result of GCC Static Analyzer
#47
0-0x41
closed
1 year ago
1
[clang static analyzer] `clang_analyzer_eval` affects the analyzer's result
#46
0-0x41
closed
1 year ago
1
[clang static analyzer] `clang_analyzer_eval` result error for `((&b) + 1) < ((&b) + 2)`
#45
0-0x41
closed
1 year ago
2
[clang static analyzer] core.NullDereference false positive with `*p = 42`
#44
0-0x41
closed
1 year ago
3
[clang static analyzer] core.NullDereference false positive with `*r = 42`
#43
0-0x41
opened
1 year ago
2
CSA does not report the out-of-bounds warning for `*c--` with the fact that `c` is a pointer to an int variable
#42
Geoffrey1014
closed
1 year ago
2
GSA evaluates `((0)+1)==((b[0][0][1])+1)` to be FALSE with the fact that `0 == b[0][0][1]`
#41
Geoffrey1014
closed
1 year ago
3
CSA evaluates `((b)+1)==((0)+1)` to be FALSE with the fact that `b == 0`
#40
Geoffrey1014
closed
1 year ago
2
CSA evaluates `(255UL == b) == true` to be FALSE with the fact that `255UL == b`
#39
Geoffrey1014
opened
1 year ago
2
CSA evaluates `((0)+1)==((a)+1)` to be FALSE with the fact that variable `a` is a pointer and is NULL
#38
Geoffrey1014
closed
1 year ago
2
GCC Static Analyzer evaluates `(((a())>=(0))&&((a())!=(0)))==false` to be FALSE with the fact `a() <= 0` and `a()` return int
#37
Geoffrey1014
closed
1 year ago
2
CSA evaluates `clang_analyzer_eval(((a())<(0))||((a())==(0)));` to be TRUE, but function `a()` is a unknown function.
#36
Geoffrey1014
opened
1 year ago
5
CSA evaluates `((b)+0)<((b)+1)` to be FALSE with the facts that variable `b` is a pointer and is NULL
#35
Geoffrey1014
closed
1 year ago
2
GCC --Wanalyzer-null-dereference false negative with `*q == 0`
#34
0-0x41
opened
1 year ago
5
CSA makes a unreasonable assumption that `a() <= 0` is true
#33
Geoffrey1014
opened
1 year ago
3
CSA evaluates `( ((b)-0) <= ((c)-0) ) ` to be FALSE with the fact `c >= b`
#32
Geoffrey1014
opened
1 year ago
5
GCC Static Analyzer evaluates `( ((c)<=(b)) && ((c)!=(b)) ) == false` to be FALSE with the fact `c >= b`
#31
Geoffrey1014
opened
1 year ago
2
CSA dose not realize that `( ((void *)0) + 0 ) < ( ((void *)0) + 1 )` is true
#30
Geoffrey1014
opened
1 year ago
4
GCC --Wanalyzer-null-dereference false positive with `*f = 42`
#29
0-0x41
opened
1 year ago
5
GCC Static Analyzer -- evaluates `__analyzer_eval((!(((0 != b[0]) == p_9) && p_9))==false)` to be FALSE in the true branch of `if ((((0 != b[0]) == p_9) && p_9))`
#28
Geoffrey1014
opened
1 year ago
2
Next