False positive with non-empty slice assigned through reference and named boolean as guard statement

[brebeek]

Description

Hi team, the following error is reported for the attached code snippet:

nonempty-slice.go:10:7: error: Potential nil panic detected. Observed nil flow from source to dereference point: 
        -> nilaway-test/nonempty-slice.go:18:9: unassigned variable `s` returned from `getSlice()` in position 0
        -> nilaway-test/nonempty-slice.go:10:7: result 0 of `getSlice()` sliced into

code:

const TARGETLEN = 1

func TestNonemptySlice() []string {
	s := getSlice()
	hasMore := len(s) > TARGETLEN
	if hasMore {
		s = s[:TARGETLEN]
	}
	return s
}

func getSlice() []string {
	var s []string
	setSlice(&s)
	return s
}

func setSlice(sp *[]string) {
	if sp != nil {
		*sp = append(*sp, "a")
	}
}

Noticed that if I modify the code to either s be assigned with slice literal in getSlice, or directly use len(s) > TARGETLEN as the if statement condition, no error is reported.

[sonalmahajan15]

@brebeek : ACK. NilAway currently has encoded limited support for analyzing integer arithmetic (e.g., len()), as was also discussed in issue #94 . We do plan to extend support (although with restrictions) for it to avoid reporting such false positives. Thanks for reporting :)