[cfe-dev] [analyzer] Why this null pointer dereference error doesn't report
邹越 via cfe-dev
cfe-dev at lists.llvm.org
Tue Nov 3 22:16:06 PST 2015
Hi!
The code sample as below:
-------------main.cpp----------------
int* func(int b)
{
if (b > 0)
{
return new int[3];
}
return 0;
}
void np_1(int* p, int b)
{
p = func(b);
*p = 123;
return;
}
---------------------------------------
The command I ran: "clang -cc1 -analyze -analyzer-checker=core.NullDereference main.cpp".
In my opinion,there should report a null pointer dereference error at code "*p = 123", since "func" would return 0 if b is not greater than zero.
Howerver, no error reported. I debugged clang and found that "CheckerContext::emitReport()" indeed has been invoked when derefencing pointer p.
clang version:
clang version 3.8.0 (trunk 248698)
Target: x86_64-apple-darwin15.0.0
Thread model: posix
Can somebody tell me where the problem is?
Thanks in advance, Quark
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20151104/01372925/attachment.html>
More information about the cfe-dev
mailing list