<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/134954>134954</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
SemaObjC::HandleExprPropertyRefExpr assumes getInterfaceType() will never return nullptr
</td>
</tr>
<tr>
<th>Labels</th>
<td>
new issue
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
shafik
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
shafik
</td>
</tr>
</table>
<pre>
Static analysis has flagged, this line in `SemaObjC::HandleExprPropertyRefExpr`:
https://github.com/llvm/llvm-project/blob/ab95005a05232030a16c2da7a8de867c2ded5f88/clang/lib/Sema/SemaExprObjC.cpp#L1982-L1983
as possibly returning `nullptr` which would make the subsequent access of `IFaceT->getDecl();` UB.
Based on the documentation:
https://github.com/llvm/llvm-project/blob/ab95005a05232030a16c2da7a8de867c2ded5f88/clang/lib/Sema/SemaExprObjC.cpp#L1975-L1976
and the rest of the code it seems clear that the assumption is that it will always be valid.
We could document more clearly w/ an assertion on `IFaceT`.
</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJzMU0HPnDYQ_TXmMvqQsYGFA4dvk6BGqtSqadXzYA_gxNjUNrvdf1952SjX9lYJYcbGb957M4MxmsURDay5MiHiirP5xoRgzccCj7T6MJx7xeT1Y_iSMBkF6NA-oomwYoTZ4rKQZuIDpNVEsMYRGAes5V9ow1-mrx-YfGfy_Sd02tKnv_fwa_A7hfT4jeYcspbnP3h-1pT2mCMxMjEuJq3HVCq_MTFae_u-vO3BfyWVmBgn6ycmRpz6hvMGeSOk4JJj1Sqh8YKdpq69KKFJN3PXMTEqi27JQCZfzBxfS-aS6ZZq35mQP1d9J97yW57cMMLuYzSTfUCgdARn3JJ1usPaPWUdcF-NWuHuD6thw28EaSWIxxTpr4NcAlSKYgQ_53ufR1T0-xuTnxZKH0lZJjomeiavGeqPawln4itG0uDdE0x7dWzkciW8Y_Id_o_GXZps3KV9Gef0k3qgmLL0_K28JjAJItEWQVnCAGnF9DzEGI9tzwLBxHPbJLgbawHtHR8RJoIbWqPLM8OfGTB7_t0d2HygE9Y-4M7ECOgyLoUnrHc_CsBaXhZ6kLqXPRY0VJe6rpqO932xDrqa547mTpGsWupmXYmJT9iTlKpTShdmEFw0vOY956KSfSlEl-P2MvW8buuK1Zw2NLbMBSh9WAoT40FDJeu-qQuLE9n4GkBHd3ievmYwDM-qTccSWc2tiSn-gEkmWRr-5ZCdnlKEhdJnlyjMWfpjp7PnTnMd3Si8ehteXV0cwQ7_ubueIiIT40vlbRD_BAAA__-dk2x-">