https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100546
Bug ID: 100546
Summary: -Wanayzer-null-dereference false positive through
noreturn function pointer
Product: gcc
Version: 11.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: andrew at ishiboo dot com
Target Milestone: ---
Test case:
$ cat /tmp/test.cpp
#include <cstdio>
#include <cstdlib>
static void noReturn(const char *str) __attribute__((noreturn));
static void noReturn(const char *str) {
printf("%s\n", str);
exit(1);
}
void (*noReturnPtr)(const char *str) = &noReturn;
int main(int argc, char **argv) {
char *str = 0;
if (!str)
noReturnPtr(__FILE__);
return printf("%c\n", *str);
}
Output:
$ g++-11 -fanalyzer -c /tmp/test.cpp
/tmp/test.cpp: In function 'int main(int, char**)':
/tmp/test.cpp:16:27: warning: dereference of NULL 'str' [CWE-476]
[-Wanalyzer-null-dereference]
16 | return printf("%c\n", *str);
| ^~~~
'int main(int, char**)': events 1-4
|
| 13 | char *str = 0;
| | ^~~
| | |
| | (1) 'str' is NULL
| 14 | if (!str)
| | ~~
| | |
| | (2) following 'true' branch (when 'str' is NULL)...
| 15 | noReturnPtr(__FILE__);
| | ~~~~~~~~~~~~~~~~~~~~~
| | |
| | (3) ...to here
| 16 | return printf("%c\n", *str);
| | ~~~~
| | |
| | (4) dereference of NULL 'str'
|
