https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105285
Bug ID: 105285 Summary: False positive with -Wanalyzer-null-dereference in git.git's reftable/reader.c Product: gcc Version: 12.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: avarab at gmail dot com Target Milestone: --- Created attachment 52813 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=52813&action=edit gcc -E of reftable/reader.c I didn't have time to come up with a nice isolated test case this time for $subject, sorry, but (maybe this is easier): git clone https://github.com/git/git/ cd git make CC=gcc CFLAGS=-fanalyzer reftable/reader.o Or alternatively the gcc -E output that's attached, but most informative is the patch I'll attach to git.git to work around this (as the code was pretty nonsensical anyway). Why do I think it's a false positive? It's code that's basically doing: struct x = { 0 }; /* "foo" member is NULL */ if (x >= 0) return 0; /* early abort */ [...] if (x >= 0) return 1; /* we don't init "x.foo" */ x.foo I.e. the analyzer thinks you can go through these two and for "x >= 0" to be true the first time, and false the next, or the other way around. In this case the types didn't have "const" on them, but to make sure these *really* weren't being changed I added that in all the relevant places, but it still complained. The warning was: reftable/reader.c: In function ‘extract_block_size’: reftable/reader.c:274:20: warning: dereference of NULL ‘data’ [CWE-476] [-Wanalyzer-null-dereference] 274 | *typ = data[0]; | ~~~~^~~ Also, for the GCC 11.2 I have locally (I tested the warning on near-trunk GCC 12.0) I got two different warnings from -fanalyzer, so this seems to be an area that's seen active changes recently...