Open llvmbot opened 11 years ago
Oops, maybe it's not a false positive. In the unlikely case that numFaces is the most negative number (0x80000000 when using 32 bits), absFaces is the same, and the dereference is reached.
This embarrassing false positive is due to not reasoning about unary minus. In theory there are difficulties when hitting implementation-defined and undefined behavior, but in practice the analyzer's pretty heavily geared towards -fwrapv semantics right now.
Tracked by rdar://problem/12351075.
assigned to @tkremenek
Extended Description
Overview:
I get a null pointer dereference warning that assumes a certain variable is negative, when in fact one can easily deduce that the variable cannot be negative.
Steps to reproduce:
Analyze this code:
static void Foo( int numFaces ) { int* ptr = 0;
}
Actual results:
"Dereference of null pointer (loaded from variable 'ptr') 'ptr' initialized to a null pointer value Assuming 'numFaces' is <= 0 Assuming 'absFaces' is < 0"
Expected results:
No warnings, or maybe something saying that a line is unreachable.
Build date:
clang version 3.3 (trunk 180622) Target: x86_64-apple-darwin11.4.2 Thread model: posix