Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LGTM.com - false positive - Dereferenced variable may be null #2630

Open
chrjohn opened this issue Jan 15, 2020 · 5 comments
Open

LGTM.com - false positive - Dereferenced variable may be null #2630

chrjohn opened this issue Jan 15, 2020 · 5 comments
Assignees
@aschackmull
Labels
false-positive Java

Comments

@chrjohn
Copy link

chrjohn commented Jan 15, 2020

https://lgtm.com/projects/g/quickfix-j/quickfixj/snapshot/9657839bf46838645b670486e57852de40d34f04/files/quickfixj-core/src/main/java/quickfix/Message.java?sort=name&dir=ASC&mode=heatmap#xaced2743c6d7c82:1

To be honest it is quite tricky to find out that the variable group cannot be null. This is conveyed via boolean firstFieldFound which is only set when group has been assigned. See here:

https://lgtm.com/projects/g/quickfix-j/quickfixj/snapshot/9657839bf46838645b670486e57852de40d34f04/files/quickfixj-core/src/main/java/quickfix/Message.java?sort=name&dir=ASC&mode=heatmap#L707

But if firstFieldFound is false an Exception would be thrown from here:
https://lgtm.com/projects/g/quickfix-j/quickfixj/snapshot/9657839bf46838645b670486e57852de40d34f04/files/quickfixj-core/src/main/java/quickfix/Message.java?sort=name&dir=ASC&mode=heatmap#L720

However, I wanted to make the null-check easier to spot for LGTM by removing the boolean variable and simply check for group!=null in checkFirstFieldFound() but the alert is still not removed. This can be seen here:

https://lgtm.com/projects/g/quickfix-j/quickfixj/rev/pr-e6092b79d8f5ba3d89e1644bd0153b8c5b22f5bb

The only alert not fixed by that PR is the possible null pointer dereference:
https://lgtm.com/projects/g/quickfix-j/quickfixj/snapshot/9657839bf46838645b670486e57852de40d34f04/files/quickfixj-core/src/main/java/quickfix/Message.java?sort=name&dir=ASC&mode=heatmap#xaced2743c6d7c82:1
@aschackmull
Copy link
Contributor

The nullness analysis is currently mostly intra-procedural, so if the check on firstFieldFound was inlined then it would likely work. Note that the analysis is able to rule out group being null a few lines above - likely due to an inferred correlation with previousOffset being -1.

@chrjohn
Copy link
Author

chrjohn commented Jan 16, 2020

I didn't want to inline the check on firstFieldFound because it is used in two different places.

Note that the analysis is able to rule out group being null a few lines above

You are right. E.g. Netbeans is not as clever and is also claiming a possible NP derefence there.

@aschackmull aschackmull self-assigned this Jan 17, 2020
@aschackmull
Copy link
Contributor

In any case, thank you for your FP report. I think we can reasonably extend the analysis to cover both the original code and your proposed fixup - they each require different extensions to the analysis as the inferences required are somewhat different. However fixing these is not at the top of the priority list at the moment so it may take me some time to get to.

@aschackmull aschackmull mentioned this issue Jan 17, 2020
Merged
@aschackmull
Copy link
Contributor

For now, I've made a PR (#2640) to document the two FPs as unit tests.

@chrjohn
Copy link
Author

chrjohn commented Jan 17, 2020

No problem, thanks for your reply.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aschackmull aschackmull

Labels
false-positive Java
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chrjohn @aschackmull