[cfe-commits] r61147 - in /cfe/trunk: lib/Analysis/CFRefCount.cpp test/Analysis/uninit-vals-ps.c
Ted Kremenek
kremenek at apple.com
Mon Mar 9 23:09:58 PDT 2009
On Mar 9, 2009, at 10:48 PM, Zhongxing Xu wrote:
> Hi Ted,
>
> We don't have any casts for this example. So why would p and q point
> to different region?
>
> typedef struct s* MyPointer;
>
> struct s* foo();
>
> void bar() {
> MyPointer p = foo();
> struct s* q = p;
> }
That's a fair point. There are no casts in this example. That
doesn't mean, however, that we don't have to reason about them when
they are present. Put another way, I'm not convinced it isn't a
problem.
For example, considered the following contrived example:
struct s* p = ...
p->f = 5;
void* r = p;
MyPointer *q = r;
if (q->f == 5)
// do something
if (q == p)
// do something
While contrived, we should be able to readily determine that q->f is
indeed 5 at the first branch as well as the fact that q == p at the
second branch. We have a variety of hacks in place to handle some of
these cases; it would be nice if there was just a clear, consistent
model of what different kinds of region views mean and how they should
be interpreted.
The point of having a clear model for region views and their semantics
that handles all cases consistently (and inductively) means that the
corner cases just get naturally handled without us having to
specifically consider them.
More information about the cfe-commits
mailing list