public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "eggert at cs dot ucla.edu" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug analyzer/102671] -Wanalyzer-null-dereference false positive when compiling GNU Emacs
Date: Mon, 11 Oct 2021 03:03:20 +0000 [thread overview]
Message-ID: <bug-102671-4-JnAdDXXbtG@http.gcc.gnu.org/bugzilla/> (raw)
In-Reply-To: <bug-102671-4@http.gcc.gnu.org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102671
--- Comment #1 from eggert at cs dot ucla.edu ---
Created attachment 51582
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=51582&action=edit
2nd test case illustrating the bug
I'm attaching a second test case, also taken from GNU Emacs, illustrating the
same bug or at least something similar. Compile it on the same platform with:
gcc -fanalyzer -O2 -S analyzer-null-dereference-2.i
and the output will be the following. The false alarm is incorrect here, too. I
plan to modify Emacs to disable the warnings in the two source-code files that
are generating these false alarms.
analyzer-null-dereference-2.i: In function 'Ftime_convert':
analyzer-null-dereference-2.i:36:13: warning: dereference of NULL 'time'
[CWE-476] [-Wanalyzer-null-dereference]
36 | return ((a->size & (PSEUDOVECTOR_FLAG | PVEC_TYPE_MASK))
| ~^~~~~~
'Ftime_convert': events 1-4
|
| 72 | Ftime_convert (struct lisp *time)
| | ^~~~~~~~~~~~~
| | |
| | (1) entry to 'Ftime_convert'
| 73 | {
| 74 | decode_time_components (time ? XCDR (time) : time);
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (2) following 'false' branch (when 'time' is NULL)...
| | (3) ...to here
| | (4) calling 'decode_time_components' from 'Ftime_convert'
|
+--> 'decode_time_components': events 5-7
|
| 43 | if (! VECTORLIKEP (a))
| | ~
| | |
| | (6) following 'true' branch...
|......
| 65 | decode_time_components (struct lisp *low)
| | ^~~~~~~~~~~~~~~~~~~~~~
| | |
| | (5) entry to 'decode_time_components'
|......
| 69 | }
| | ~
| | |
| | (7) ...to here
|
<------+
|
'Ftime_convert': events 8-11
|
| 36 | return ((a->size & (PSEUDOVECTOR_FLAG | PVEC_TYPE_MASK))
| | ~~~~~~~
| | |
| | (10) ...to here
| | (11) dereference of NULL 'time'
|......
| 43 | if (! VECTORLIKEP (a))
| | ~
| | |
| | (9) following 'false' branch...
|......
| 74 | decode_time_components (time ? XCDR (time) : time);
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (8) returning to 'Ftime_convert' from 'decode_time_components'
|
next prev parent reply other threads:[~2021-10-11 3:03 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-09 19:06 [Bug analyzer/102671] New: " eggert at cs dot ucla.edu
2021-10-11 3:03 ` eggert at cs dot ucla.edu [this message]
2021-10-11 21:49 ` [Bug analyzer/102671] " eggert at cs dot ucla.edu
2023-03-09 21:21 ` cvs-commit at gcc dot gnu.org
2024-01-06 18:32 ` eggert at cs dot ucla.edu
2024-01-06 18:37 ` eggert at cs dot ucla.edu
2024-01-06 19:11 ` eggert at cs dot ucla.edu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-102671-4-JnAdDXXbtG@http.gcc.gnu.org/bugzilla/ \
--to=gcc-bugzilla@gcc.gnu.org \
--cc=gcc-bugs@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).