https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108725
Bug ID: 108725 Summary: -Wanalyzer-use-of-uninitialized-value on ternary pointer access seen in qemu-7.2.0's dump/win_dump.c Product: gcc Version: 13.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: dmalcolm at gcc dot gnu.org Target Milestone: --- Created attachment 54438 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=54438&action=edit Reproducer We get two false positives from the attached at -O1 and above, with both trunk and gcc 12: Trunk: https://godbolt.org/z/KboceYY7q GCC 12.2: https://godbolt.org/z/jEPa6vaPd <source>: In function 'cpu_read_ptr': <source>:15:24: warning: use of uninitialized value 'ptr64' [CWE-457] [-Wanalyzer-use-of-uninitialized-value] 15 | *ptr = x64 ? ptr64 : ptr32; | ~~~~~~~~~~~~^~~~~~~ 'cpu_read_ptr': events 1-5 | | 11 | uint64_t ptr64; | | ^~~~~ | | | | | (1) region created on stack here | | (2) capacity: 8 bytes |...... | 15 | *ptr = x64 ? ptr64 : ptr32; | | ~~~~~~~~~~~~~~~~~~~ | | | | | (3) following 'true' branch (when 'x64 != 0')... | | (4) ...to here | | (5) use of uninitialized value 'ptr64' here | <source>:15:24: warning: use of uninitialized value 'ptr32' [CWE-457] [-Wanalyzer-use-of-uninitialized-value] 15 | *ptr = x64 ? ptr64 : ptr32; | ~~~~~~~~~~~~^~~~~~~ 'cpu_read_ptr': events 1-5 | | 10 | uint32_t ptr32; | | ^~~~~ | | | | | (1) region created on stack here | | (2) capacity: 4 bytes |...... | 15 | *ptr = x64 ? ptr64 : ptr32; | | ~~~~~~~~~~~~~~~~~~~ | | | | | (3) following 'false' branch (when 'x64 == 0')... | | (4) ...to here | | (5) use of uninitialized value 'ptr32' here | Compiler returned: 0 where the analyzer isn't treating the argument pointer as potentially having been written through (presumably confused by the ternary operator).