[Bug analyzer/109106] New: GCC Static Analyzer doesn't model printf

geoffreydgr at icloud dot com via Gcc-bugs Sun, 12 Mar 2023 06:08:17 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109106


            Bug ID: 109106
           Summary: GCC Static Analyzer doesn't model printf
           Product: gcc
           Version: 13.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: analyzer
          Assignee: dmalcolm at gcc dot gnu.org
          Reporter: geoffreydgr at icloud dot com
  Target Milestone: ---

GCC Static Analyzer does not model `printf`.

see it live: https://godbolt.org/z/6ooW44sPq

Input:
```c
#include <stdio.h>

int main() { 
  int *j = 0;
  printf("NPD_FLAG\n") || *j;
}
```

Output:
```
<source>: In function 'main':
<source>:10:27: warning: dereference of NULL 'j' [CWE-476]
[-Wanalyzer-null-dereference]
   10 |   printf("NPD_FLAG\n") || *j;
      |                           ^~
  'main': events 1-4
    |
    |    9 |   int *j = 0;
    |      |        ^
    |      |        |
    |      |        (1) 'j' is NULL
    |   10 |   printf("NPD_FLAG\n") || *j;
    |      |   ~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                        |  |
    |      |                        |  (3) ...to here
    |      |                        |  (4) dereference of NULL 'j'
    |      |                        (2) following 'false' branch...
    |
Compiler returned: 0
```

[Bug analyzer/109106] New: GCC Static Analyzer doesn't model printf

Reply via email to