https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94362
Bug ID: 94362 Summary: False analyzer report due to i >= 0 and i < 0 on openssl Product: gcc Version: 10.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: dmalcolm at gcc dot gnu.org Target Milestone: --- Created attachment 48134 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=48134&action=edit Reduced test case https://github.com/openssl/openssl/issues/11420 reports what looks like a false positive: crypto/asn1/ameth_lib.c:131:18: error: dereference of NULL 'ameth' [CWE-690] [-Werror=analyzer-null-dereference] where on the path to the diagnostic i >= 0 and i < 0, which ought to be rejected by constraint-checking. I'm attaching a somewhat simplified reproducer.