[PATCH] D49438: [analyzer][UninitializedObjectChecker] New flag to turn off dereferencing
Umann Kristóf via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Aug 6 13:34:20 PDT 2018
Szelethus added a comment.
In https://reviews.llvm.org/D49438#1189772, @george.karpenkov wrote:
> > I think what pointer chasing should do, is check whether that pointer owns the pointee
>
> But ownership is a convention, and it's not always deducible from a codebase.
How about the following case:
struct A {
struct B {
int b;
};
std::unique_ptr<B> ptr;
A() : ptr(new B) {}
};
A a;
Here, `a->ptr->b` is clearly uninitialized, and I think it's fine to assume in most cases that no other pointer points to it right after `a`'s construction.
> I think of those as two separate checks, and I think we should only talk about enabling the pointer-chasing after we had established that just checking for uninitialized fields finds lots of valid bugs (and we can only do that after it gets enabled for many projects)
I think in the earlier case `*this->ptr` should be regarded as a regular field, and it could be analyzed without fear of spamming too many reports. Currently the biggest problem is that many objects could contain references to the same object:
struct A { int x; };
struct B {
A &a;
B(A &a) : a(a) {}
};
struct C {
A &a;
C(A &a) : a(a) {}
};
A a;
B b(a);
C c(a); // a.x reported twice
https://reviews.llvm.org/D49438
More information about the cfe-commits
mailing list