[clang static analyzer] core.NullDereference false negative with `*e = *c`

Geoffrey1014 / SA_Bugs

record bugs of static analyzers

1 stars 1 forks source link

[clang static analyzer] core.NullDereference false negative with `e = c` #62

Open ghost opened 1 year ago

ghost commented 1 year ago

date: 2023-03-14 commit: 0c0681b7414c385d0fd5fad302c0d48607262050 args: --analyze -Xclang -analyzer-stats -Xclang -analyzer-checker=core,debug.ExprInspection test:

void clang_analyzer_eval();

int main()
{
    int a = 0;
    int d = 0;
    int *c = (void *)0;
    int *e = &d;
    clang_analyzer_eval(c == 0);
    for (; a < 4; a++)
    {
        ;
    }
    clang_analyzer_eval(c == 0);
    *e = *c;
}

report: https://github.com/llvm/llvm-project/issues/61491 fix: original:

ghost commented 1 year ago

See it live: https://godbolt.org/z/h3Mr5Mv3K

ghost commented 10 months ago

GSA not FN: https://godbolt.org/z/TnqnP6jed

Geoffrey1014 / SA_Bugs

[clang static analyzer] core.NullDereference false negative with `*e = *c` #62

[clang static analyzer] core.NullDereference false negative with `e = c` #62