[llvm-bugs] [Bug 44492] New: CallAndMessage false positive for "T* const member" while it's not nullptr

via llvm-bugs llvm-bugs at lists.llvm.org
Wed Jan 8 09:35:20 PST 2020 

https://bugs.llvm.org/show_bug.cgi?id=44492

            Bug ID: 44492
           Summary: CallAndMessage false positive for "T* const member"
                    while it's not nullptr
           Product: clang
           Version: unspecified
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: dcoughlin at apple.com
          Reporter: zinovy.nis at gmail.com
                CC: dcoughlin at apple.com, llvm-bugs at lists.llvm.org

The following code emits false-positive

--------------------------------------------------------
#include <cassert>
#include <string>

class C {
 public:
  int foo(int x) { return x * 2; }
};

class A {
 public:
  A(C* c, std::string s) : c_(c), s_(s) {
    assert(c_);
    bar("12345");
    c_->foo(42);
  }
  void bar(std::string s) {
    // s_, not c_!
    // c_ is not changed here.
    s_ = s;
  }

 private:
  std::string s_;        // [1]
  C* const c_ = nullptr; // [2]
};

int main(int argc, char** /*unused*/) {
  C* c = new C;
  A a(c, "123");
  return 1;
};
--------------------------------------------------------

> clang-tidy.exe -checks=-*,*CallAndMessage* test.cc
...


test.cc:14:5: warning: Called C++ object pointer is null
[clang-analyzer-core.CallAndMessage]
    c_->foo(42);
    ^
test.cc:29:5: note: Calling constructor for 'A'
  A a(c, "123");
    ^
test.cc:12:12: note: Field 'c_' is non-null
    assert(c_);
           ^
test.cc:12:12: note: Field 'c_' is non-null
test.cc:12:5: note: Left side of '||' is true
    assert(c_);
    ^
C:\Program Files (x86)\Windows
Kits\10\Include\10.0.18362.0\ucrt\assert.h:33:30: note: expanded from macro
'assert'
            (!!(expression)) ||                                                
             \
                             ^
test.cc:13:5: note: Calling 'A::bar'
    bar("12345");
    ^
test.cc:19:5: note: Null pointer value stored to 'a.c_'
    s_ = s;
    ^
test.cc:13:5: note: Returning from 'A::bar'
    bar("12345");
    ^
test.cc:14:5: note: Called C++ object pointer is null
    c_->foo(42);
    ^


"c_" is considered nullptr, while it's not changed during a call to "bar".

Moreover, 1) if we swap [1] and [2] lines, then CallAndMessage is not raised;
2) if we remove 'const' in [2] then CallAndMessage is not raised.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20200108/ae0498d4/attachment.html>

More information about the llvm-bugs mailing list