Bugzilla – Full Text Bug Listing
| Summary: | [compiler][null][correlation] False warning "Potential null pointer access" | ||
|---|---|---|---|
| Product: | [Eclipse Project] JDT | Reporter: | Alexey Kuznetsov <kuaw26> |
| Component: | Core | Assignee: | Ayushman Jain <amj87.iitr> |
| Status: | RESOLVED DUPLICATE | QA Contact: | |
| Severity: | enhancement | ||
| Priority: | P3 | CC: | Olivier_Thomann, stephan.herrmann |
| Version: | 3.4.1 | Keywords: | helpwanted |
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | Windows XP | ||
| Whiteboard: | |||
(In reply to comment #0) > Build id: M20080911-1700 > > Steps To Reproduce: > > Sample code: > .... > SecurityManager security = System.getSecurityManager(); > String packageName = (lastDot >= 0) ? name.substring(0, lastDot) : null; > boolean needSecurityCheck = (security != null) && (packageName != null); > > if (needSecurityCheck) > { > security.checkPackageAccess(packageName); > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > !!! False warning here !!! > } > .... There is a rationale behind this warning. When 'security' was initialised as 'SecurityManager security = System.getSecurityManager()', we do not really know at compile time if we'd get a valid SecurityManager object from the call or simply a null. So, we mark security as having been initialised to an 'unknown value'. When the compiler comes across the check (security != null), it has no other way but to believe that security might have been initialised to null in the first place, and so security is marked as maybe null - which in turn triggers the warning. Change the initialization of security to SecurityManager security = new SecurityManager(); and the warning goes. It is evident to a human reader that there exists a relation between needSecurityCheck and security as : needSecurityCheck = true => security is NON NULL AND needSecurityCheck = false => security is NULL. However, eclipse compiler currently does not have the feature of variables correlation and hence not capable of making this kind of conclusion. This will be fixed if we decide to implement variables correlation in the future. *** This has been marked as a duplicate of bug 133173. *** *** This bug has been marked as a duplicate of bug 133173 *** *** This bug has been marked as a duplicate of bug 538421 *** |
Build id: M20080911-1700 Steps To Reproduce: Sample code: .... SecurityManager security = System.getSecurityManager(); String packageName = (lastDot >= 0) ? name.substring(0, lastDot) : null; boolean needSecurityCheck = (security != null) && (packageName != null); if (needSecurityCheck) { security.checkPackageAccess(packageName); ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ !!! False warning here !!! } .... More information: There already 4 similar bugs registered(198157, 220788, 248040, 248916), but they looks a little bit different. And possibly this bug could be a separate bug.