GCC 11 has a new '-fanalyzer' implementation [1]. When applied to a gnulib testdir, it produces the following warnings:
../../gllib/argp-help.c:1594:25: warning: dereference of NULL 'argp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/argp-help.c:1606:11: warning: dereference of NULL 'argp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/argp-help.c:1643:19: warning: dereference of NULL 'argp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/argp-help.c:1772:50: warning: dereference of NULL 'argp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/argp-help.c:1782:14: warning: dereference of NULL 'hol' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/argp-help.c:1799:50: warning: dereference of NULL 'argp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4031:3: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4033:34: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4100:28: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4104:27: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4141:13: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4145:22: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4162:28: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4167:21: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4167:23: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4168:45: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4175:25: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4180:52: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/dfa.c:4182:20: warning: dereference of NULL 'mp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/unicase/u-ct-totitle.h:103:13: warning: dereference of NULL 'wp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/unicase/u-ct-totitle.h:103:13: warning: dereference of NULL 'wp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/unicase/u-ct-totitle.h:103:13: warning: dereference of NULL 'wp' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/uniconv/u-conv-to-enc.h:62:36: warning: dereference of NULL 'scaled_offsets' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/uniconv/u-conv-to-enc.h:62:36: warning: dereference of NULL 'scaled_offsets' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/vasnprintf.c:1969:36: warning: dereference of NULL 'result' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/vasnprintf.c:1969:36: warning: dereference of NULL 'result' [CWE-476] [-Wanalyzer-null-dereference] ../../gllib/astrxfrm.c:150:15: warning: use of NULL 'resultbuf' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/c-vasnprintf.c:29:19: warning: use of NULL 'result' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/vasnprintf.c:3650:17: warning: use of NULL 'result' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/vasnprintf.c:4833:17: warning: use of NULL 'result' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/savedir.c:137:15: warning: use of NULL 'name_space' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/unistdio/ulc-vasnprintf.c:42:19: warning: use of NULL 'result' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/unistdio/ulc-vasnprintf.c:42:19: warning: use of NULL 'buf_malloced' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/unistdio/ulc-vasnprintf.c:42:19: warning: use of NULL 'result' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/unistdio/ulc-vasnprintf.c:42:19: warning: use of NULL 'buf_malloced' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/unistdio/ulc-vasnprintf.c:42:19: warning: use of NULL 'result' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/unistdio/ulc-vasnprintf.c:42:19: warning: use of NULL 'buf_malloced' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/unistdio/ulc-vasnprintf.c:42:19: warning: use of NULL 'result' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/fts.c:1497:25: warning: use of NULL 'cp' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/vasnprintf.c:151:21: warning: use of NULL 'result' where non-null expected [CWE-476] [-Wanalyzer-null-argument] ../../gllib/amemxfrm.c:96:21: warning: leak of '<unknown>' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/gl_anylinked_list2.h:121:7: warning: leak of '<unknown>' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/malloca.c:69:11: warning: leak of 'mem' [CWE-401] [-Wanalyzer-malloc-leak] cc1: warning: leak of '<unknown>' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/unicase/u-casemap.h:409:6: warning: leak of 'larger_result' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/fts-cycle.c:94:10: warning: leak of 'ad' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/glob.c:955:7: warning: leak of '__strdup(dirname)' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/glob.c:955:7: warning: leak of 'dirname' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/regcomp.c:3831:6: warning: leak of 'storage' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/spawn_faction_addchdir.c:66:7: warning: leak of 'path_copy' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/spawn_faction_addopen.c:82:7: warning: leak of 'path_copy' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/time_rz.c:224:11: warning: leak of 'old_tz' [CWE-401] [-Wanalyzer-malloc-leak] ../../gllib/time_rz.c:315:7: warning: leak of 'old_tz' [CWE-401] [-Wanalyzer-malloc-leak] I have looked into a few of them, and suspect that most of these warnings are false alarms. For completeness, find attached the entire compilation log. Bruno [1] https://gcc.gnu.org/gcc-11/changes.html
fanalyzer-log.txt.xz
Description: application/xz
