Closed Geoffrey1014 closed 1 year ago
similar cases: /home/heweigang.hewg/working-place/fuzz_place/clang_16.0.0_2022_10_28_12_45/fuzz_0/reachable/reduce/instrument_npd425.c
/home/heweigang.hewg/working-place/fuzz_place/clang_16.0.0_2022_10_28_12_45/fuzz_0/reachable/reduce/instrument_npd305.c
#include <stdio.h>
unsigned char **a() {
int d =0;
int i;
int *k = &i;
int *j = k;
int *l = j;
for (; d < 7; d++)
printf("NPD_FLAG\n");
0 != l, *l;
}
void main() { a(); }
compilation options : clang --analyze --analyzer-output text -Xclang -analyzer-config -Xclang widen-loops=true
instrument_npd305.c:11:11: warning: Dereference of null pointer (loaded from variable 'l') [core.NullDereference]
0 != l, *l;
^
instrument_npd305.c:15:15: note: Calling 'a'
void main() { a(); }
^~~
instrument_npd305.c:9:3: note: Loop condition is true. Entering loop body
for (; d < 7; d++)
^
instrument_npd305.c:9:3: note: Loop condition is true. Entering loop body
instrument_npd305.c:9:3: note: Loop condition is true. Entering loop body
instrument_npd305.c:9:10: note: Value assigned to 'l'
for (; d < 7; d++)
^
instrument_npd305.c:9:10: note: Assuming 'd' is >= 7
for (; d < 7; d++)
^~~~~
instrument_npd305.c:9:3: note: Loop condition is false. Execution continues on line 11
for (; d < 7; d++)
^
instrument_npd305.c:11:3: note: Assuming 'l' is equal to null
0 != l, *l;
^~~~~~
instrument_npd305.c:11:3: note: Assuming pointer value is null
0 != l, *l;
^~~~~~
instrument_npd305.c:11:11: note: Dereference of null pointer (loaded from variable 'l')
0 != l, *l;
^~
1 warning generated.
wrong path note: instrument_npd305.c:9:10: note: Value assigned to 'l'
deleting the loop which is usless code, NPD warning disappear
#include <stdio.h>
unsigned char **a() {
int d =0;
int i;
int *k = &i;
int *j = k;
int *l = j;
//for (; d < 7; d++)
printf("NPD_FLAG\n");
0 != l, *l;
}
void main() { a(); }
Should we look into this bug further?
Compiling this case without widen-loop options does not results in FP NPD warning. So, it seems that widen-loop has a negative effect. https://godbolt.org/z/MKhGbvohT
duplicate of https://github.com/Geoffrey1014/SA_Bugs/issues/4
date: 2022-11-11 commit: 8c1a508616b438ace29429f4da3f4912772c5503 args: --analyze --analyzer-output text -Xclang -analyzer-config -Xclang widen-loops=true test:
report: https://github.com/llvm/llvm-project/issues/61512 fix: original: /home/heweigang.hewg/working-place/fuzz_place/clang_16.0.0_2022_10_28_12_45/fuzz_0/reachable/reduce/instrument_npd305.c