Bug Summary

File:build/source/clang/lib/Analysis/FlowSensitive/Value.cpp
Warning:line 47, column 33
Called C++ object pointer is null

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name Value.cpp -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=cplusplus -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -mframe-pointer=none -relaxed-aliasing -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -ffunction-sections -fdata-sections -fcoverage-compilation-dir=/build/source/build-llvm/tools/clang/stage2-bins -resource-dir /usr/lib/llvm-17/lib/clang/17 -D CLANG_REPOSITORY_STRING="++20230510111145+7df43bdb42ae-1~exp1~20230510111303.1288" -D _DEBUG -D _GLIBCXX_ASSERTIONS -D _GNU_SOURCE -D _LIBCPP_ENABLE_ASSERTIONS -D __STDC_CONSTANT_MACROS -D __STDC_FORMAT_MACROS -D __STDC_LIMIT_MACROS -I tools/clang/lib/Analysis/FlowSensitive -I /build/source/clang/lib/Analysis/FlowSensitive -I /build/source/clang/include -I tools/clang/include -I include -I /build/source/llvm/include -D _FORTIFY_SOURCE=2 -D NDEBUG -U NDEBUG -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../include/x86_64-linux-gnu/c++/10 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/backward -internal-isystem /usr/lib/llvm-17/lib/clang/17/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fmacro-prefix-map=/build/source/build-llvm/tools/clang/stage2-bins=build-llvm/tools/clang/stage2-bins -fmacro-prefix-map=/build/source/= -fcoverage-prefix-map=/build/source/build-llvm/tools/clang/stage2-bins=build-llvm/tools/clang/stage2-bins -fcoverage-prefix-map=/build/source/= -source-date-epoch 1683717183 -O2 -Wno-unused-command-line-argument -Wno-unused-parameter -Wwrite-strings -Wno-missing-field-initializers -Wno-long-long -Wno-maybe-uninitialized -Wno-class-memaccess -Wno-redundant-move -Wno-pessimizing-move -Wno-noexcept-type -Wno-comment -Wno-misleading-indentation -std=c++17 -fdeprecated-macro -fdebug-compilation-dir=/build/source/build-llvm/tools/clang/stage2-bins -fdebug-prefix-map=/build/source/build-llvm/tools/clang/stage2-bins=build-llvm/tools/clang/stage2-bins -fdebug-prefix-map=/build/source/= -ferror-limit 19 -fvisibility-inlines-hidden -stack-protector 2 -fgnuc-version=4.2.1 -fcolor-diagnostics -vectorize-loops -vectorize-slp -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2023-05-10-133810-16478-1 -x c++ /build/source/clang/lib/Analysis/FlowSensitive/Value.cpp
1//===-- Value.cpp -----------------------------------------------*- C++ -*-===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8//
9// This file defines support functions for the `Value` type.
10//
11//===----------------------------------------------------------------------===//
12
13#include "clang/Analysis/FlowSensitive/Value.h"
14#include "clang/Analysis/FlowSensitive/DebugSupport.h"
15#include "llvm/Support/Casting.h"
16
17namespace clang {
18namespace dataflow {
19
20static bool areEquivalentIndirectionValues(const Value &Val1,
21 const Value &Val2) {
22 if (auto *IndVal1 = dyn_cast<ReferenceValue>(&Val1)) {
23 auto *IndVal2 = cast<ReferenceValue>(&Val2);
24 return &IndVal1->getReferentLoc() == &IndVal2->getReferentLoc();
25 }
26 if (auto *IndVal1 = dyn_cast<PointerValue>(&Val1)) {
27 auto *IndVal2 = cast<PointerValue>(&Val2);
28 return &IndVal1->getPointeeLoc() == &IndVal2->getPointeeLoc();
29 }
30 return false;
31}
32
33bool areEquivalentValues(const Value &Val1, const Value &Val2) {
34 return &Val1 == &Val2 || (Val1.getKind() == Val2.getKind() &&
35 (isa<TopBoolValue>(&Val1) ||
36 areEquivalentIndirectionValues(Val1, Val2)));
37}
38
39raw_ostream &operator<<(raw_ostream &OS, const Value &Val) {
40 switch (Val.getKind()) {
1
Control jumps to 'case Pointer:' at line 45
41 case Value::Kind::Reference: {
42 const auto *RV = cast<ReferenceValue>(&Val);
43 return OS << "Reference(" << &RV->getReferentLoc() << ")";
44 }
45 case Value::Kind::Pointer: {
46 const auto *PV = dyn_cast<PointerValue>(&Val);
2
Assuming the object is not a 'CastReturnType'
3
'PV' initialized to a null pointer value
47 return OS << "Pointer(" << &PV->getPointeeLoc() << ")";
4
Called C++ object pointer is null
48 }
49 // FIXME: support remaining cases.
50 default:
51 return OS << debugString(Val.getKind());
52 }
53}
54
55} // namespace dataflow
56} // namespace clang