[PATCH] D74735: [analyzer] Add support for CXXInheritedCtorInitExpr.
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Mar 3 17:16:47 PST 2020
NoQ added a comment.
In D74735#1903503 <https://reviews.llvm.org/D74735#1903503>, @martong wrote:
> @NoQ
>
> I've found the following reproducer to crash in `CallAndMessageChecker`:
>
> class a {
> public:
> a(int);
> };
> struct b : a {
> using a::a;
> };
> void c() {
> int d;
> b x(d); //Crash!, Note, x(0) causes no crash
> }
>
>
> I am working on a fix, but any insight and help from you is really appreciated.
Uh-oh, i've been looking for those but never found them.
If you do `-analyzer-display-progress` you'll see that it crashes not in `c()` but in `b::a()`, i.e. when trying to analyze an inheriting constructor as a top-level function. It then crashes when it's trying to figure out which argument expressions do we pass into the inherited constructor, but is unable to do that because the answer is "the same arguments we've received" but we don't know which arguments we've received, because, well, we are the top-level call, so no expressions for us.
I believe we simply should not try to analyze inheriting constructors as top-level functions. We won't be able to even display any diagnostics, given that the inheriting constructor doesn't have a body.
I thereby leave out the reason why `x(d)` and `x(0)` demonstrate different behavior as a simple exercise to the reader :]
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D74735/new/
https://reviews.llvm.org/D74735
More information about the cfe-commits
mailing list