Bug Summary

File:programs/pluto/list_entry.c
Warning:line 157, column 15
Access to field 'older' results in a dereference of a null pointer (loaded from variable 'newer')

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name list_entry.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -mrelocation-model pic -pic-level 2 -pic-is-pie -mthread-model posix -mdisable-fp-elim -relaxed-aliasing -fmath-errno -masm-verbose -mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -resource-dir /usr/lib64/clang/8.0.0 -D TimeZoneOffset=timezone -D linux -D PIE -D NSS_IPSEC_PROFILE -D XFRM_SUPPORT -D USE_XFRM_INTERFACE -D USE_DNSSEC -D DEFAULT_DNSSEC_ROOTKEY_FILE="/var/lib/unbound/root.key" -D HAVE_LABELED_IPSEC -D HAVE_SECCOMP -D LIBCURL -D USE_LINUX_AUDIT -D USE_SYSTEMD_WATCHDOG -D HAVE_NM -D XAUTH_HAVE_PAM -D USE_3DES -D USE_AES -D USE_CAMELLIA -D USE_CHACHA -D USE_DH31 -D USE_MD5 -D USE_SHA1 -D USE_SHA2 -D USE_PRF_AES_XCBC -D DEFAULT_RUNDIR="/run/pluto" -D IPSEC_CONF="/etc/ipsec.conf" -D IPSEC_CONFDDIR="/etc/ipsec.d" -D IPSEC_NSSDIR="/etc/ipsec.d" -D IPSEC_CONFDIR="/etc" -D IPSEC_EXECDIR="/usr/local/libexec/ipsec" -D IPSEC_SBINDIR="/usr/local/sbin" -D IPSEC_VARDIR="/var" -D POLICYGROUPSDIR="/etc/ipsec.d/policies" -D IPSEC_SECRETS_FILE="/etc/ipsec.secrets" -D FORCE_PR_ASSERT -D USE_FORK=1 -D USE_VFORK=0 -D USE_DAEMON=0 -D USE_PTHREAD_SETSCHEDPRIO=1 -D GCC_LINT -D HAVE_LIBCAP_NG -I . -I ../../OBJ.linux.x86_64/programs/pluto -I ../../include -I /usr/include/nss3 -I /usr/include/nspr4 -I /home/build/libreswan/programs/pluto/linux-copy -D HERE_BASENAME="list_entry.c" -internal-isystem /usr/local/include -internal-isystem /usr/lib64/clang/8.0.0/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -Wno-missing-field-initializers -std=gnu99 -fdebug-compilation-dir /home/build/libreswan/programs/pluto -ferror-limit 19 -fmessage-length 0 -stack-protector 3 -fobjc-runtime=gcc -fdiagnostics-show-option -analyzer-output=html -o /tmp/scan-build-2020-09-09-193337-25440-1 -x c /home/build/libreswan/programs/pluto/list_entry.c -faddrsig
1/* State lists and hash tables, for libreswan
2 *
3 * Copyright (C) 2015-2019 Andrew Cagney <cagney@gnu.org>
4 * Copyright (C) 2019 D. Hugh Redelmeier <hugh@mimosa.com>
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <https://www.gnu.org/licenses/gpl2.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17#include <stdint.h>
18
19#include "passert.h"
20#include "defs.h"
21#include "log.h"
22#include "hash_table.h"
23
24#define passert_entry(ENTRY, ASSERTION){ _Bool a_ = ASSERTION; if (!a_) { for (char lswbuf[((size_t)
1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void*)0); lswbuf_ = (
(void*)0)) for (struct jambuf jambuf = array_as_jambuf((lswbuf
), sizeof(lswbuf)), *buf = &jambuf; buf != ((void*)0); buf
= ((void*)0)) { jam(buf, "%s: ", (ENTRY)->info->name);
jam_list_entry(buf, (ENTRY)); jam(buf, ": %s", "ASSERTION");
log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 24}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } } \
25 { \
26 bool_Bool a_ = ASSERTION; /* evaluate once */ \
27 if (!a_) { \
28 JAMBUF(buf)for (char lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ !=
((void*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf =
array_as_jambuf((lswbuf), sizeof(lswbuf)), *buf = &jambuf
; buf != ((void*)0); buf = ((void*)0)) { \
29 jam(buf, "%s: ", \
30 (ENTRY)->info->name); \
31 jam_list_entry(buf, (ENTRY)); \
32 jam(buf, ": %s", #ASSERTION); \
33 /* XXX: hack: double copy */ \
34 log_pexpect(HERE(where_t) { .func = __func__, .basename = "list_entry.c" , .line
= 34}, PRI_SHUNK"%.*s", \
35 pri_shunk(jambuf_as_shunk(buf))((int) (jambuf_as_shunk(buf)).len), (const char *) ((jambuf_as_shunk
(buf)).ptr)); \
36 } \
37 } \
38 }
39
40#define passert_info(INFO, ASSERTION){ _Bool a_ = ASSERTION; if (!a_) { for (char lswbuf[((size_t)
1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void*)0); lswbuf_ = (
(void*)0)) for (struct jambuf jambuf = array_as_jambuf((lswbuf
), sizeof(lswbuf)), *buf = &jambuf; buf != ((void*)0); buf
= ((void*)0)) { jam(buf, "%s: %s", (INFO)->name, "ASSERTION"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 40}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } } \
41 { \
42 bool_Bool a_ = ASSERTION; /* evaluate once */ \
43 if (!a_) { \
44 JAMBUF(buf)for (char lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ !=
((void*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf =
array_as_jambuf((lswbuf), sizeof(lswbuf)), *buf = &jambuf
; buf != ((void*)0); buf = ((void*)0)) { \
45 jam(buf, "%s: %s", \
46 (INFO)->name, \
47 #ASSERTION); \
48 /* XXX: hack: double copy */ \
49 log_pexpect(HERE(where_t) { .func = __func__, .basename = "list_entry.c" , .line
= 49}, PRI_SHUNK"%.*s", \
50 pri_shunk(jambuf_as_shunk(buf))((int) (jambuf_as_shunk(buf)).len), (const char *) ((jambuf_as_shunk
(buf)).ptr)); \
51 } \
52 } \
53 }
54
55void jam_list_entry(struct jambuf *buf, const struct list_entry *entry)
56{
57 if (entry == NULL((void*)0)) {
58 jam(buf, "(null)");
59 } else {
60 if (entry->data == NULL((void*)0)) {
61 jam(buf, "HEAD");
62 } else {
63 entry->info->jam(buf, entry->data);
64 }
65 jam(buf, " %p<-%p->%p", entry->older, entry, entry->newer);
66 }
67}
68
69static void log_entry(const char *op, struct list_entry *entry)
70{
71 passert(entry != NULL){ _Bool assertion__ = entry != ((void*)0); if (!assertion__) {
lsw_passert_fail((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 71}, "%s", "entry != NULL"); } };
72 if (DBGP(DBG_TMI)(cur_debugging & (((lset_t)1 << (DBG_TMI_IX))))) {
73 LSWLOG_DEBUG(buf)for (char lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ !=
((void*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf =
array_as_jambuf((lswbuf), sizeof(lswbuf)), *buf = &jambuf
; buf != ((void*)0); buf = ((void*)0)) for (; buf != ((void*)
0); jambuf_to_debug_stream(buf), buf = ((void*)0)) {
74 jam(buf, "%s: %s ", entry->info->name, op);
75 jam_list_entry(buf, entry);
76 }
77 }
78 if (entry->newer != NULL((void*)0) || entry->older != NULL((void*)0)) {
79 passert_entry(entry, entry->newer != NULL){ _Bool a_ = entry->newer != ((void*)0); if (!a_) { for (char
lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void
*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf = array_as_jambuf
((lswbuf), sizeof(lswbuf)), *buf = &jambuf; buf != ((void
*)0); buf = ((void*)0)) { jam(buf, "%s: ", (entry)->info->
name); jam_list_entry(buf, (entry)); jam(buf, ": %s", "entry->newer != NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 79}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
80 passert_entry(entry, entry->newer->older == entry){ _Bool a_ = entry->newer->older == entry; if (!a_) { for
(char lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != (
(void*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf = array_as_jambuf
((lswbuf), sizeof(lswbuf)), *buf = &jambuf; buf != ((void
*)0); buf = ((void*)0)) { jam(buf, "%s: ", (entry)->info->
name); jam_list_entry(buf, (entry)); jam(buf, ": %s", "entry->newer->older == entry"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 80}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
81 passert_entry(entry, entry->older != NULL){ _Bool a_ = entry->older != ((void*)0); if (!a_) { for (char
lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void
*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf = array_as_jambuf
((lswbuf), sizeof(lswbuf)), *buf = &jambuf; buf != ((void
*)0); buf = ((void*)0)) { jam(buf, "%s: ", (entry)->info->
name); jam_list_entry(buf, (entry)); jam(buf, ": %s", "entry->older != NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 81}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
82 passert_entry(entry, entry->older->newer == entry){ _Bool a_ = entry->older->newer == entry; if (!a_) { for
(char lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != (
(void*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf = array_as_jambuf
((lswbuf), sizeof(lswbuf)), *buf = &jambuf; buf != ((void
*)0); buf = ((void*)0)) { jam(buf, "%s: ", (entry)->info->
name); jam_list_entry(buf, (entry)); jam(buf, ": %s", "entry->older->newer == entry"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 82}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
83 }
84}
85
86struct list_entry list_entry(const struct list_info *info,
87 void *data)
88{
89 passert_info(info, info != NULL){ _Bool a_ = info != ((void*)0); if (!a_) { for (char lswbuf[
((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void*)0); lswbuf_
= ((void*)0)) for (struct jambuf jambuf = array_as_jambuf((lswbuf
), sizeof(lswbuf)), *buf = &jambuf; buf != ((void*)0); buf
= ((void*)0)) { jam(buf, "%s: %s", (info)->name, "info != NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 89}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
90 passert_info(info, data != NULL){ _Bool a_ = data != ((void*)0); if (!a_) { for (char lswbuf[
((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void*)0); lswbuf_
= ((void*)0)) for (struct jambuf jambuf = array_as_jambuf((lswbuf
), sizeof(lswbuf)), *buf = &jambuf; buf != ((void*)0); buf
= ((void*)0)) { jam(buf, "%s: %s", (info)->name, "data != NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 90}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
91
92 return (struct list_entry) {
93 .older = NULL((void*)0),
94 .newer = NULL((void*)0),
95 .data = data,
96 .info = info,
97 };
98}
99
100bool_Bool detached_list_entry(const struct list_entry *entry)
101{
102 passert_entry(entry, entry->data != NULL){ _Bool a_ = entry->data != ((void*)0); if (!a_) { for (char
lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void
*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf = array_as_jambuf
((lswbuf), sizeof(lswbuf)), *buf = &jambuf; buf != ((void
*)0); buf = ((void*)0)) { jam(buf, "%s: ", (entry)->info->
name); jam_list_entry(buf, (entry)); jam(buf, ": %s", "entry->data != NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 102}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } }; /* entry is not a list head */
103 passert_entry(entry, (entry->newer == NULL) == (entry->newer == NULL)){ _Bool a_ = (entry->newer == ((void*)0)) == (entry->newer
== ((void*)0)); if (!a_) { for (char lswbuf[((size_t)1024)],
*lswbuf_ = lswbuf; lswbuf_ != ((void*)0); lswbuf_ = ((void*)
0)) for (struct jambuf jambuf = array_as_jambuf((lswbuf), sizeof
(lswbuf)), *buf = &jambuf; buf != ((void*)0); buf = ((void
*)0)) { jam(buf, "%s: ", (entry)->info->name); jam_list_entry
(buf, (entry)); jam(buf, ": %s", "(entry->newer == NULL) == (entry->newer == NULL)"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 103}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
104 return entry->newer == NULL((void*)0);
105}
106
107void insert_list_entry(struct list_head *list,
108 struct list_entry *entry)
109{
110 passert_entry(entry, entry->info != NULL){ _Bool a_ = entry->info != ((void*)0); if (!a_) { for (char
lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void
*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf = array_as_jambuf
((lswbuf), sizeof(lswbuf)), *buf = &jambuf; buf != ((void
*)0); buf = ((void*)0)) { jam(buf, "%s: ", (entry)->info->
name); jam_list_entry(buf, (entry)); jam(buf, ": %s", "entry->info != NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 110}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
111 passert_entry(entry, entry->data != NULL){ _Bool a_ = entry->data != ((void*)0); if (!a_) { for (char
lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void
*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf = array_as_jambuf
((lswbuf), sizeof(lswbuf)), *buf = &jambuf; buf != ((void
*)0); buf = ((void*)0)) { jam(buf, "%s: ", (entry)->info->
name); jam_list_entry(buf, (entry)); jam(buf, ": %s", "entry->data != NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 111}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
112 if (DBGP(DBG_TMI)(cur_debugging & (((lset_t)1 << (DBG_TMI_IX))))) {
113 LSWLOG_DEBUG(buf)for (char lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ !=
((void*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf =
array_as_jambuf((lswbuf), sizeof(lswbuf)), *buf = &jambuf
; buf != ((void*)0); buf = ((void*)0)) for (; buf != ((void*)
0); jambuf_to_debug_stream(buf), buf = ((void*)0)) {
114 jam(buf, "%s: inserting ",
115 entry->info->name);
116 jam_list_entry(buf, entry);
117 jam(buf, " into list ");
118 jam_list_entry(buf, &list->head);
119 }
120 }
121 passert_entry(entry, list->head.info == entry->info){ _Bool a_ = list->head.info == entry->info; if (!a_) {
for (char lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_
!= ((void*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf
= array_as_jambuf((lswbuf), sizeof(lswbuf)), *buf = &jambuf
; buf != ((void*)0); buf = ((void*)0)) { jam(buf, "%s: ", (entry
)->info->name); jam_list_entry(buf, (entry)); jam(buf, ": %s"
, "list->head.info == entry->info"); log_pexpect((where_t
) { .func = __func__, .basename = "list_entry.c" , .line = 121
}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (const char *)
((jambuf_as_shunk(buf)).ptr)); } } };
122 passert_entry(entry, entry->data != NULL){ _Bool a_ = entry->data != ((void*)0); if (!a_) { for (char
lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void
*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf = array_as_jambuf
((lswbuf), sizeof(lswbuf)), *buf = &jambuf; buf != ((void
*)0); buf = ((void*)0)) { jam(buf, "%s: ", (entry)->info->
name); jam_list_entry(buf, (entry)); jam(buf, ": %s", "entry->data != NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 122}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
123 passert_entry(entry, entry->older == NULL && entry->newer == NULL){ _Bool a_ = entry->older == ((void*)0) && entry->
newer == ((void*)0); if (!a_) { for (char lswbuf[((size_t)1024
)], *lswbuf_ = lswbuf; lswbuf_ != ((void*)0); lswbuf_ = ((void
*)0)) for (struct jambuf jambuf = array_as_jambuf((lswbuf), sizeof
(lswbuf)), *buf = &jambuf; buf != ((void*)0); buf = ((void
*)0)) { jam(buf, "%s: ", (entry)->info->name); jam_list_entry
(buf, (entry)); jam(buf, ": %s", "entry->older == NULL && entry->newer == NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 123}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
124 passert_entry(entry, list->head.newer != NULL && list->head.older != NULL){ _Bool a_ = list->head.newer != ((void*)0) && list
->head.older != ((void*)0); if (!a_) { for (char lswbuf[((
size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void*)0); lswbuf_
= ((void*)0)) for (struct jambuf jambuf = array_as_jambuf((lswbuf
), sizeof(lswbuf)), *buf = &jambuf; buf != ((void*)0); buf
= ((void*)0)) { jam(buf, "%s: ", (entry)->info->name);
jam_list_entry(buf, (entry)); jam(buf, ": %s", "list->head.newer != NULL && list->head.older != NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 124}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
125 /* insert at the front */
126 entry->newer = &list->head;
127 entry->older = list->head.older;
128 entry->older->newer = entry;
129 entry->newer->older = entry;
130 /* list->newer = list->newer; */
131 if (DBGP(DBG_TMI)(cur_debugging & (((lset_t)1 << (DBG_TMI_IX))))) {
132 LSWLOG_DEBUG(buf)for (char lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ !=
((void*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf =
array_as_jambuf((lswbuf), sizeof(lswbuf)), *buf = &jambuf
; buf != ((void*)0); buf = ((void*)0)) for (; buf != ((void*)
0); jambuf_to_debug_stream(buf), buf = ((void*)0)) {
133 jam(buf, "%s: inserted ",
134 entry->info->name);
135 jam_list_entry(buf, entry);
136 jam(buf, " into list ");
137 jam_list_entry(buf, &list->head);
138 }
139 }
140}
141
142void remove_list_entry(struct list_entry *entry)
143{
144 log_entry("removing", entry);
145
146 /* entry is not a list head */
147 passert_entry(entry, entry->data != NULL){ _Bool a_ = entry->data != ((void*)0); if (!a_) { for (char
lswbuf[((size_t)1024)], *lswbuf_ = lswbuf; lswbuf_ != ((void
*)0); lswbuf_ = ((void*)0)) for (struct jambuf jambuf = array_as_jambuf
((lswbuf), sizeof(lswbuf)), *buf = &jambuf; buf != ((void
*)0); buf = ((void*)0)) { jam(buf, "%s: ", (entry)->info->
name); jam_list_entry(buf, (entry)); jam(buf, ": %s", "entry->data != NULL"
); log_pexpect((where_t) { .func = __func__, .basename = "list_entry.c"
, .line = 147}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (
const char *) ((jambuf_as_shunk(buf)).ptr)); } } };
1
Assuming the condition is false
2
Taking true branch
3
Loop condition is true. Entering loop body
4
Loop condition is true. Entering loop body
5
Loop condition is false. Execution continues on line 147
6
Loop condition is false. Execution continues on line 150
148
149 /* unlink: older - entry - newer */
150 struct list_entry *newer = entry->newer;
7
'newer' initialized here
151 struct list_entry *older = entry->older;
152 passert_entry(entry, older != NULL && newer != NULL){ _Bool a_ = older != ((void*)0) && newer != ((void*)
0); if (!a_) { for (char lswbuf[((size_t)1024)], *lswbuf_ = lswbuf
; lswbuf_ != ((void*)0); lswbuf_ = ((void*)0)) for (struct jambuf
jambuf = array_as_jambuf((lswbuf), sizeof(lswbuf)), *buf = &
jambuf; buf != ((void*)0); buf = ((void*)0)) { jam(buf, "%s: "
, (entry)->info->name); jam_list_entry(buf, (entry)); jam
(buf, ": %s", "older != NULL && newer != NULL"); log_pexpect
((where_t) { .func = __func__, .basename = "list_entry.c" , .
line = 152}, "%.*s", ((int) (jambuf_as_shunk(buf)).len), (const
char *) ((jambuf_as_shunk(buf)).ptr)); } } };
8
Assuming 'older' is not equal to null
9
Assuming 'newer' is equal to null
10
Taking true branch
11
Loop condition is true. Entering loop body
12
Loop condition is true. Entering loop body
13
Loop condition is false. Execution continues on line 152
14
Loop condition is false. Execution continues on line 154
153
154 entry->older = NULL((void*)0); /* detach from list */
155 entry->newer = NULL((void*)0);
156
157 newer->older = older; /* seal the rift */
15
Access to field 'older' results in a dereference of a null pointer (loaded from variable 'newer')
158 older->newer = newer;
159
160 if (older == newer) {
161 DBGF(DBG_TMI, "%s: empty", entry->info->name){ if ((cur_debugging & (((lset_t)1 << (DBG_TMI_IX))
))) { DBG_log("%s: empty", entry->info->name); } };
162 } else {
163 log_entry("updated older", older);
164 log_entry("updated newer ", newer);
165 }
166}