[PATCH] D43666: [analyzer] When constructing a temporary without construction context, track it for destruction anyway.
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Feb 26 15:04:02 PST 2018
NoQ added inline comments.
================
Comment at: lib/StaticAnalyzer/Core/ExprEngine.cpp:2262
+ assert(DidCacheOutOnCleanup ||
+ areInitializedTemporariesClear(Pred->getState(),
Pred->getLocationContext(),
----------------
dcoughlin wrote:
> It sounds like this means if we did cache out then there are places where the initialized temporaries are not cleared (that is, we have extra gunk in the state that we don't want).
>
> Is that true? If so, then this relaxation of the assertion doesn't seem right to me.
>
> Do we need to introduce a new program point when calling `Bldr.generateNode` on the cleaned up state (for example, with a new tag or a new program point kind)? This would make it so that when we cache out when generating a node for the state with the cleaned up temporaries we know that it is safe to early return from processEndOfFunction(). It would be safe because we would know that the other node (the one we cached out because of) has already had its temporaries cleared and notified the checkers about the end of the function, etc.
>
>
>
>
>
Yep, this is a bug and also it can be simplified a lot.
https://reviews.llvm.org/D43666
More information about the cfe-commits
mailing list