GCC --Wanalyzer-null-dereference false nagetive with `*arr[0] = 10086`

Question

GCC --Wanalyzer-null-dereference false nagetive with `*arr[0] = 10086`

Opened this issue a year ago · 2 comments

void foo(int pc) {
    int *arr[2] = {&&x, &&y};
    int var = 0;
    goto *arr[pc];

x:
    arr[0] = (void *)0;
    *arr[0] = 10086;
    return;
y:
    return;
}

int main() { foo(0); }

report: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110529
fixed: https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1b761fede44afac5fa72e77caced9beda93fb381

Answer 1 · 2023-07-03T15:31:47.000Z

in this case, the analyzer with -O0 -O1 -O2 -O3 doesn't report an NPD about *arr[0] = 10086.

See it live: https://godbolt.org/z/1E9e5oKdE.

Answer 2 · 2023-09-08T06:16:07.000Z

CSA not FN: https://godbolt.org/z/8aqxGEorY