[PATCH] D25475: [analyzer] Add a new SVal to support pointer-to-member operations.
Devin Coughlin via cfe-commits
cfe-commits at lists.llvm.org
Tue Oct 18 18:30:06 PDT 2016
dcoughlin added inline comments.
================
Comment at: lib/StaticAnalyzer/Core/ExprEngineC.cpp:462
+ case CK_ReinterpretMemberPointer: {
+ const Expr *UOExpr = CastE->getSubExpr()->IgnoreParenCasts();
+ assert(isa<UnaryOperator>(UOExpr) &&
----------------
I don't think pattern matching on the sub expression to find the referred-to declaration is the right thing to do here. It isn't always the case that the casted expression will be a unary pointer to member operation. For example, this is perfectly fine and triggers an assertion failure on your patch:
```
struct B {
int f;
};
struct D : public B {
int g;
};
void foo() {
D d;
d.f = 7;
int B::* pfb = &B::f;
int D::* pfd = pfb;
int v = d.*pfd;
}
```
Note that you can't just propagate the value already computed for the subexpression. Here is a particularly annoying example from the C++ spec:
```
struct B {
int f;
};
struct L : public B { };
struct R : public B { };
struct D : public L, R { };
void foo() {
D d;
int B::* pb = &B::f;
int L::* pl = pb;
int R::* pr = pb;
int D::* pdl = pl;
int D::* pdr = pr;
clang_analyzer_eval(pdl == pdr); // FALSE
clang_analyzer_eval(pb == pl); // TRUE
}
```
My guess is this will require accumulating CXXBasePath s or something similar for each cast. I don't know how to do this efficiently.
https://reviews.llvm.org/D25475
More information about the cfe-commits
mailing list