https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108806
Bug ID: 108806
Summary: -Wanalyzer-null-dereference false positives due to not
handling bitmasks
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: dmalcolm at gcc dot gnu.org
Blocks: 108562
Target Milestone: ---
Created attachment 54470
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=54470&action=edit
Reproducer
Trunk: https://godbolt.org/z/77EbbPEW5
GCC 12.2: https://godbolt.org/z/o8bbMhPxW
GCC 11.3: https://godbolt.org/z/o4dK3zn3b
GCC 10.4: https://godbolt.org/z/GzEqzMMjW
Lots of false positives of the form:
<source>: In function 'omap2_inth_read':
<source>:75:18: warning: dereference of NULL 'bank' [CWE-476]
[-Wanalyzer-null-dereference]
75 | return bank->inputs;
| ~~~~^~~~~~~~
'omap2_inth_read': events 1-6
|
| 40 | struct omap_intr_handler_bank_s* bank = NULL;
| | ^~~~
| | |
| | (1) 'bank' is NULL
| 41 |
| 42 | if ((offset & 0xf80) == 0x80) {
| | ~
| | |
| | (2) following 'false' branch...
|......
| 52 | switch (offset) {
| | ~~~~~~
| | |
| | (3) ...to here
| | (4) following 'case 128:' branch...
|......
| 74 | case 0x80:
| | ~~~~
| | |
| | (5) ...to here
| 75 | return bank->inputs;
| | ~~~~~~~~~~~~
| | |
| | (6) dereference of NULL 'bank'
|
where if offset == 128, then the:
| 42 | if ((offset & 0xf80) == 0x80) {
| | ~
| | |
| | (2) following 'false' branch...
|......
| 52 | switch (offset) {
| | ~~~~~~
| | |
| | (3) ...to here
edge is impossible, and "bank" will have been properly initialized.
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108562
[Bug 108562] [meta-bug] tracker bug for issues with -Wanalyzer-null-dereference
