[clang static analyzer] core.NullDereference false negative with `e = c`

Question

[clang static analyzer] core.NullDereference false negative with `e = c`

Opened this issue a year ago · 2 comments

date: 2023-03-14
commit: 0c0681b7414c385d0fd5fad302c0d48607262050
args: --analyze -Xclang -analyzer-stats -Xclang -analyzer-checker=core,debug.ExprInspection
test:

void clang_analyzer_eval();

int main()
{
    int a = 0;
    int d = 0;
    int *c = (void *)0;
    int *e = &d;
    clang_analyzer_eval(c == 0);
    for (; a < 4; a++)
    {
        ;
    }
    clang_analyzer_eval(c == 0);
    *e = *c;
}

report: llvm/llvm-project#61491
fix:
original:

Answer 1 · 2023-03-14T16:38:07.000Z

See it live: https://godbolt.org/z/h3Mr5Mv3K

Answer 2 · 2023-09-08T06:42:21.000Z

GSA not FN: https://godbolt.org/z/TnqnP6jed