http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52923
--- Comment #4 from Fredrik Hederstierna <fredrik.hederstie...@securitas-direct.com> 2012-04-10 12:52:36 UTC --- Maybe it have advantages to have a "pointer-deref" analysis pass rather than a "point-to" analysis pass. Then GCC could warn only if the pointer is being dereferenced for real, this to avoid false positives. But in case of shared library-code etc, I guess we never know what users/callers will do with the pointer... Could there possibly be a connection to the work I think maybe Jeff Law and others maybe are doing will null-deref checking pass? I guess they already do some flow analysis and then checking for null-deref rather than 'dangeling-mem-deref' in this case (eg. stack local mem, or free()d-mem). (I think this is done in PR16351.) I also seen the __attribute__((nonnull)) with -Wnonnull, could it be possible perhaps to have some __attribute__((nonlocal)) or similar when declaring pointer? /Fredrik