[cfe-commits] r163644 - in /cfe/trunk: lib/StaticAnalyzer/Core/CallEvent.cpp test/Analysis/inlining/dyn-dispatch-bifurcate.cpp
Jordan Rose
jordan_rose at apple.com
Tue Sep 11 11:47:13 PDT 2012
Author: jrose
Date: Tue Sep 11 13:47:13 2012
New Revision: 163644
URL: http://llvm.org/viewvc/llvm-project?rev=163644&view=rev
Log:
[analyzer] Use the static type for a virtual call if the dynamic type is worse.
reinterpret_cast does not provide any of the usual type information that
static_cast or dynamic_cast provide -- only the new type. This can get us
in a situation where the dynamic type info for an object is actually a
superclass of the static type, which does not match what CodeGen does at all.
In these cases, just fall back to the static type as the best possible type
for devirtualization.
Should fix the crashes on our internal buildbot.
Modified:
cfe/trunk/lib/StaticAnalyzer/Core/CallEvent.cpp
cfe/trunk/test/Analysis/inlining/dyn-dispatch-bifurcate.cpp
Modified: cfe/trunk/lib/StaticAnalyzer/Core/CallEvent.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/CallEvent.cpp?rev=163644&r1=163643&r2=163644&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/CallEvent.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/CallEvent.cpp Tue Sep 11 13:47:13 2012
@@ -433,14 +433,21 @@
if (!RD || !RD->hasDefinition())
return RuntimeDefinition();
- // Find the decl for this method in that class.
- const CXXMethodDecl *Result = MD->getCorrespondingMethodInClass(RD, true);
+ const CXXMethodDecl *Result;
+ if (MD->getParent()->isDerivedFrom(RD)) {
+ // If our static type info is better than our dynamic type info, don't
+ // bother doing a search. Just use the static method.
+ Result = MD;
+ } else {
+ // Otherwise, find the decl for the method in the dynamic class.
+ Result = MD->getCorrespondingMethodInClass(RD, true);
+ }
+
if (!Result) {
// We might not even get the original statically-resolved method due to
// some particularly nasty casting (e.g. casts to sister classes).
// However, we should at least be able to search up and down our own class
// hierarchy, and some real bugs have been caught by checking this.
- assert(!MD->getParent()->isDerivedFrom(RD) && "Bad DynamicTypeInfo");
assert(!RD->isDerivedFrom(MD->getParent()) && "Couldn't find known method");
return RuntimeDefinition();
}
Modified: cfe/trunk/test/Analysis/inlining/dyn-dispatch-bifurcate.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/inlining/dyn-dispatch-bifurcate.cpp?rev=163644&r1=163643&r2=163644&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/inlining/dyn-dispatch-bifurcate.cpp (original)
+++ cfe/trunk/test/Analysis/inlining/dyn-dispatch-bifurcate.cpp Tue Sep 11 13:47:13 2012
@@ -15,3 +15,19 @@
A a;
clang_analyzer_eval(a.get() == 0); // expected-warning{{TRUE}}
}
+
+
+namespace ReinterpretDisruptsDynamicTypeInfo {
+ class Parent {};
+
+ class Child : public Parent {
+ public:
+ virtual int foo() { return 42; }
+ };
+
+ void test(Parent *a) {
+ Child *b = reinterpret_cast<Child *>(a);
+ if (!b) return;
+ clang_analyzer_eval(b->foo() == 42); // expected-warning{{TRUE}} expected-warning{{UNKNOWN}}
+ }
+}
More information about the cfe-commits
mailing list