[PATCH] D52219: [analyzer] (1/n) Support pointee mutation analysis in ExprMutationAnalyzer.

Shuai Wang via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Tue Sep 18 21:39:48 PDT 2018 

shuaiwang added a comment.

In https://reviews.llvm.org/D52219#1238423, @JonasToth wrote:

> Do you think it would be possible to the analysis for `>const?< int ***`-cases? (recursively checking through the pointer levels)


I think that should be possible, will do after single-layer pointee analysis is done. I believe we can build multi-layer analysis based on much of the single-layer analysis.



================
Comment at: lib/Analysis/ExprMutationAnalyzer.cpp:198
 const Stmt *ExprMutationAnalyzer::findDirectMutation(const Expr *Exp) {
+  // `Exp` can be *directly* mutated if the type of `Exp` is not const.
+  // Bail out early otherwise.
----------------
JonasToth wrote:
> Just to be sure that i understand:
> the changes here are more performance optimizations then directly related to detect pointee mutations?
Yes :)


================
Comment at: lib/Analysis/ExprMutationAnalyzer.cpp:481
+  const auto AsArg =
+      anyOf(callExpr(hasAnyArgument(equalsNode(Exp))),
+            cxxConstructExpr(hasAnyArgument(equalsNode(Exp))),
----------------
JonasToth wrote:
> shouldn't be the constness of the argument considered here?
We need that for non-pointee version, but not for pointee version, for example:
```
void g1(int * const);

void f1() {
  int *x;
  g1(x); // <-- x is passed to `g1`, we consider that as a mutation, the argument type do have a top-level const
}

void g2(const int *);

void f2() {
  int *x;
  g2(x); // <-- declRefExp(to(x)) is NOT directly passed to `g2`, there's a layer a ImplicitCastExpr<NoOp> in between, and after the implicit cast, the type of the expression becomes "const int *" instead of just "int*", so it'll fail the `isPointeeMutable` check at the beginning of `findPointeeDirectMutation`
}
```

In summary, we rely on:
- Checking whether pointee is actually mutable at the beginning
- Carefully handling casts by not trivially ignoring them unless absolutely safe


Repository:
  rC Clang

https://reviews.llvm.org/D52219

More information about the cfe-commits mailing list