[cfe-commits] r161214 - in /cfe/trunk: lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp test/Analysis/initializer.cpp test/Analysis/misc-ps-region-store.cpp test/Analysis/reference.cpp

[Jordan Rose]

On Aug 3, 2012, at 9:54 AM, Anna Zaks <ganna at apple.com> wrote:
>> +
>> +void testRef() {
>> +  int *x = 0;
>> +  int &y = *x; // expected-warning{{Dereference of null pointer}}
>> +  y = 5;
>> +}
>> +
> 
> Did we not warn here before this patch? (I checked that an old version of clang was catching this...)

The change in this commit is to warn at the creation of a "null reference", which is not allowed by the standard.

However, the change does mask errors like this:

> int &r = *p;
> if (p) return;
> r = 5;

Previously we would warn on the last line, and this commit changes it so we assume it's dead code. This is somewhat consistent with our handling of '*p' as an rvalue or as an assignment location, but the difference is that programs will actually crash at runtime when trying to load from or store to a null pointer. With the way Clang implements references, this program will not crash at runtime until the 'r = 5' line.

After offline discussion, we've decided it's best to weaken our assumptions here and /not/ assume 'p' is non-null even after being assigned to 'r'. I'll change that later today.

(We can still warn on the first line if 'p' is /already/ known to be null.)