Strange null deref from static analyzer

[Previously posted to cfe-users with no response, so trying here]

With the following code:

“clang —analyze” doesn’t produce a warning here either, so this looks something related to c++analyzer itself. It is possible that c++analyzer is finding an old version of clang that has this bug.

Users aren’t really suppose to use c++analyzer directly. It relies on a whole bunch of context when used within scan-build (including what version of clang to use). If you want to analyze a file directly, use “clang —analyze”.

Ted,

I agree that it's a bit risky to use c++-analyzer directly, but it usually works. Anyway, here's a slightly modified version that shows the two bad null deref errors when run using:

  checker-275's scan-build

    scan-build c++ -c nullderef.cpp

and the output shows it is using the clang that came with checker-275.

The code is: