r179736 - [analyzer] Tweak getDerefExpr more to track DeclRefExprs to references.
David Blaikie
dblaikie at gmail.com
Wed Apr 17 18:35:12 PDT 2013
On Wed, Apr 17, 2013 at 6:14 PM, Jordan Rose <jordan_rose at apple.com> wrote:
>
> On Apr 17, 2013, at 17:15 , Anna Zaks <ganna at apple.com> wrote:
>
> + // This is not valid C++; dynamic_cast with a reference type will throw
> an
> + // exception if the pointer does not match the expected type. However,
> our
> + // implementation of dynamic_cast will pass through a null pointer...or a
> + // "null reference"! So this branch is actually possible.
> + if (&val == 0) { //expected-note {{Assuming pointer value is null}}
>
>
> I know this is just a test, but the comment is bogus. Instead it's something
> like this:
>
> // This is not valid C++; if 'ptr' were null, creating 'ref' would be
> illegal.
> // However, this is not checked at runtime, so this branch is actually
> possible.
Shouldn't the SA just be diagnosing the initialization of the
reference 'val' as problematic, rather than the later use? The code is
UB because of that reference initialization.
>
> Not sure if that's 80 cols or more.
> Jordan
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
>
More information about the cfe-commits
mailing list