https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109225

            Bug ID: 109225
           Summary: -Wanalyzer-null-dereference false negative with *c =
                    404
           Product: gcc
           Version: 13.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: analyzer
          Assignee: dmalcolm at gcc dot gnu.org
          Reporter: bagelming at outlook dot com
  Target Milestone: ---

```c
extern void __analyzer_eval();
extern void __analyzer_dump_path();

int a()
{
    int d;
    for (d = -1; d; ++d)
    {
        ;
    }
    __analyzer_dump_path();
    return d;
}

int b()
{
    int t = a();
    int *c = (void *)t;
    __analyzer_eval(c == 0);
    *c = 404;
}

int main() { b(); }

```

See it live: https://godbolt.org/z/oEcW5bP9v

In func b, `return d`, d is 0, and the pointer c in func a is a null pointer
when considering the path a calls b. However, `analyzer_eval(c == 0)` is
unknown and analyzer doesn't generate a null pointer dereference warning for
`*c = 404`.

Thanks a lot!

Reply via email to