[LLVMbugs] [Bug 15855] New: False positive null pointer dereference with integer arithmetic

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Fri Apr 26 15:24:53 PDT 2013


            Bug ID: 15855
           Summary: False positive null pointer dereference with integer
           Product: clang
           Version: trunk
          Hardware: Macintosh
                OS: MacOS X
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: bugzilla at jwwalker.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified


I get a null pointer dereference warning that assumes a certain variable is
negative, when in fact one can easily deduce that the variable cannot be

Steps to reproduce:

Analyze this code:

static void Foo( int numFaces )
    int* ptr = 0;

    int absFaces;
    if (numFaces > 0)
        absFaces = numFaces;
        absFaces = - numFaces;

    if (absFaces < 0)
        *ptr = 99;

Actual results:

"Dereference of null pointer (loaded from variable 'ptr')
  'ptr' initialized to a null pointer value
  Assuming 'numFaces' is <= 0
  Assuming 'absFaces' is < 0"

Expected results:

No warnings, or maybe something saying that a line is unreachable.

Build date:

clang version 3.3 (trunk 180622)
Target: x86_64-apple-darwin11.4.2
Thread model: posix

You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20130426/bcac3fbb/attachment.html>

More information about the llvm-bugs mailing list