[PATCH] D65287: [analyzer][CFG] Don't track the condition of asserts
Gábor Horváth via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Jul 29 21:02:41 PDT 2019
xazax.hun added inline comments.
Comment at: clang/include/clang/Analysis/CFG.h:860
+ /// child CFG blocks in a depth-first manner and see if all paths eventually
+ /// end up in an immediate sink block.
+ bool isInevitablySinking() const;
Is it obvious what sink means in CFG's context? Maybe we should mention what our definition of sink is? Think about non-csa devs too :)
Comment at: clang/lib/Analysis/CFG.cpp:5628
+ // FIXME: Throw-expressions are currently generating sinks during analysis:
+ // they're not supported yet, and also often used for actually terminating
Are there other nodes that are treated as sinks? If so I wonder if there is a way to keep the list updated. Oh, I just saw that this code is just moved around.
Comment at: clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:1743
+ if (Then->isInevitablySinking() || Else->isInevitablySinking())
+ return true;
Do we consider a block assert like if both branches are inevitable sinking?
Comment at: clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:1750
+ // [B1] -> [B2] -> [B3] -> [sink]
+ // assert(A && B || C); \ \ \
+ // -------------------> [go on with the execution]
I wonder if the CFG is correct for your example. If A evaluates to false, we still check C before the sink. If A evaluates to true we still check B before going on. But maybe it is just late for me :)
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
More information about the cfe-commits