[PATCH] D50488: [Analyzer] Checker for non-determinism caused by sorting of pointer-like keys
Umann Kristóf via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Aug 17 09:51:29 PDT 2018
Szelethus added inline comments.
================
Comment at: lib/StaticAnalyzer/Checkers/PointerSortingChecker.cpp:72-76
+ auto IteratesPointerKeysM = hasType(cxxRecordDecl(has(
+ fieldDecl(hasType(hasCanonicalType(
+ pointsTo(hasCanonicalType(pointerType()))
+ )))
+ )));
----------------
Szelethus wrote:
> I'm not a matcher-expert, but here we go:
>
> As I understand it, you're matching iterator objects that wrap a pointer to pointer. Would it match this case?:
>
> ```
> void fill(int **IntPointerArray);
>
> int main() {
> int *IntPointerArray[20]; // or a simple int array
> fill(IntPointerArray);
>
> std::sort(IntPointerArray, IntPointerArray + 20);
> }
> ```
> `int**` is an [[ https://en.cppreference.com/w/cpp/named_req/RandomAccessIterator | RandomAccessIterator ]], but is not a `CXXRecordDecl`. As I mentioned earlier, it might be worth taking a look at `hasType`, and attempt to acquire `value_type`, as it is required for STL algorithms (it could be in a base class as well). `value_type` is also predefined through `std::iterator_traits` for pointer iterators like `int**`.
Also, this could lead to false positives, as iterators may store pointers to pointers that don't compare memory addresses. And it could maybe cause false negatives, if the `value_type` is a pointer type but the elements are stored in wrappers.
As I understand it.
https://reviews.llvm.org/D50488
More information about the cfe-commits
mailing list