[clang static analyzer] core.NullDereference false negative with *c = 404 #61491
Description
void clang_analyzer_eval();
int main()
{
int a = 0;
int *c = (void *)0;
for (; a < 4; a++)
{
;
}
clang_analyzer_eval(a == 0);
clang_analyzer_eval(c == 0);
*c = 404;
}See it live: https://godbolt.org/z/71KGz3Whq.
In this case, *c = 404 is reachable code, yet there is no [core.NullDereference] warning, and analyzer_eval(a == 0) and analyzer_eval(c == 0) have no output. However, if the for branch is commented out, all this appears (https://godbolt.org/z/s6rn8fan3).
Thanks a lot for taking the time to review this case.