Static Analysis Problem Type Reference
An invalid pointer was dereferenced.
This diagnostic covers dereference of several kinds of invalid pointer values. Pointer values that are not based on a valid object are considered invalid. Such values can occur by taking the address of a local variable and using that address after its lifetime has ended or by typecasting a non-zero integer to pointer type. This diagnostic is also sometimes used when a pointer value is based on the address of a valid object, but the pointer computation yields a value outside the bounds of that object, for example "p = &x - 1; *p = 1;". Errors like that may also be reported as bounds violations instead.
|
ID |
Code Location |
Description |
|---|---|---|
|
1 |
Bad dereference |
The place where the bad pointer value was used |
|
2 |
Memory write |
The place where the pointer value was created |
#include <stdio.h>
int *p;
void f()
{
int x = 1;
// uses invalid value assigned to p in main
printf("contents of address 100 is equal to %d\n", *p);
p = &x;
}
int main(int argc, char **argv)
{
p = (int *)100;
f();
// uses invalid value assigned to p in f
printf("local variable x is equal to %d after call returns\n", *p);
}