[all-commits] [llvm/llvm-project] c68bc1: [analyzer] Fix note for member reference (#68691)

Mon Oct 16 01:55:44 PDT 2023

  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: c68bc1726c1c14a297c75cae597dab00e9e7e905
      https://github.com/llvm/llvm-project/commit/c68bc1726c1c14a297c75cae597dab00e9e7e905
  Author: Gábor Spaits <48805437+spaits at users.noreply.github.com>
  Date:   2023-10-16 (Mon, 16 Oct 2023)

  Changed paths:
    M clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
    M clang/test/Analysis/diagnostics/deref-track-symbolic-region.cpp

  Log Message:
  -----------
  [analyzer] Fix note for member reference (#68691)

In the following code:
```cpp
int main() {
    struct Wrapper {char c; int &ref; };
    Wrapper w = {.c = 'a', .ref = *(int *)0 };
    w.ref = 1;
}
```

The clang static analyzer will produce the following warnings and notes:
```
test.cpp:12:11: warning: Dereference of null pointer [core.NullDereference]
   12 |     w.ref = 1;
      |     ~~~~~~^~~
test.cpp:11:5: note: 'w' initialized here
   11 |     Wrapper w = {.c = 'a', .ref = *(int *)0 };
      |     ^~~~~~~~~
test.cpp:12:11: note: Dereference of null pointer
   12 |     w.ref = 1;
      |     ~~~~~~^~~
1 warning generated.
```
In the line where `w` is created, the note gives information about the
initialization of `w` instead of `w.ref`. Let's compare it to a similar
case where a null pointer dereference happens to a pointer member:

```cpp
int main() {
     struct Wrapper {char c; int *ptr; };
     Wrapper w = {.c = 'a', .ptr = nullptr };
     *w.ptr = 1;
}
```

Here the following error and notes are seen:
```
test.cpp:18:12: warning: Dereference of null pointer (loaded from field 'ptr') [core.NullDereference]
   18 |     *w.ptr = 1;
      |        ~~~ ^
test.cpp:17:5: note: 'w.ptr' initialized to a null pointer value
   17 |     Wrapper w = {.c = 'a', .ptr = nullptr };
      |     ^~~~~~~~~
test.cpp:18:12: note: Dereference of null pointer (loaded from field 'ptr')
   18 |     *w.ptr = 1;
      |        ~~~ ^
1 warning generated.
```
Here the note that shows the initialization the initialization of
`w.ptr` in shown instead of `w`.

This commit is here to achieve similar notes for member reference as the
notes of member pointers, so the report looks like the following:

```
test.cpp:12:11: warning: Dereference of null pointer [core.NullDereference]
   12 |     w.ref = 1;
      |     ~~~~~~^~~
test.cpp:11:5: note: 'w.ref' initialized to a null pointer value
   11 |     Wrapper w = {.c = 'a', .ref = *(int *)0 };
      |     ^~~~~~~~~
test.cpp:12:11: note: Dereference of null pointer
   12 |     w.ref = 1;
      |     ~~~~~~^~~
1 warning generated.
```
Here the initialization of `w.ref` is shown instead of `w`.

---------

Authored-by: Gábor Spaits <gabor.spaits at ericsson.com>
Reviewed-by: Donát Nagy <donat.nagy at ericsson.com>