[LLVMbugs] [Bug 21796] New: core.NullDereference doesn't check assign of function output

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Tue Dec 9 14:47:59 PST 2014


            Bug ID: 21796
           Summary: core.NullDereference doesn't check assign of function
           Product: clang
           Version: 3.5
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: boloomka at gmail.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

core.NullDereference checker can check whether code is dereferencing pointer
that was previously initialized to NULL (or zero) by assignment, but for some
reason it doesn't warn about dereferencing when pointer was initialized to NULL
by calling a function (that returns NULL).

This is smallest testcase how to reproduce it:

int *init() {
    return 0;

int main() {
    int *p = init();
    *p = 10;

Running static analysis on this code doesn't result in warning about
dereferencing NULL, but when you replace "init()" call with "0", it does show

You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20141209/bfd93fd7/attachment.html>

More information about the llvm-bugs mailing list