[llvm-bugs] [Bug 25826] New: False positive: null pointer dereference with varargs

[via llvm-bugs]

https://llvm.org/bugs/show_bug.cgi?id=25826

            Bug ID: 25826
           Summary: False positive: null pointer dereference with varargs
           Product: clang
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: warren at icouldbedeadwrong.net
                CC: llvm-bugs at lists.llvm.org
    Classification: Unclassified

Created attachment 15447
  --> https://llvm.org/bugs/attachment.cgi?id=15447&action=edit
Test case

Platform: Ubuntu 14.04.2 LTS
Tool version (svn info):
   URL: http://llvm.org/svn/llvm-project/cfe/trunk/tools/scan-build
   Relative URL: ^/cfe/trunk/tools/scan-build
   Repository Root: http://llvm.org/svn/llvm-project
   Repository UUID: 91177308-0d34-0410-b5e6-96231b3b80d8
   Revision: 254388

The attached test case triggers erroneous behaviour from scan-build - it
reports a NULL pointer dereference when none is possible.  Note that the
reported reference goes away if either:

a) The calls to va_start and va_end are commented out
b) The assertion is uncommented

The report from scan-build is:

/opt/llvm/libexec/ccc-analyzer -g -Wall -Wextra -o output input.c
input.c:26:16: warning: Array access (from variable 'ret') results in a null
pointer dereference
        ret[i] = NULL;;
        ~~~    ^
1 warning generated.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20151214/618d5e4f/attachment.html>