[PATCH] D86027: [analyzer] Add bool operator modeling for unque_ptr
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Aug 25 00:08:51 PDT 2020
NoQ added inline comments.
================
Comment at: clang/lib/StaticAnalyzer/Checkers/SmartPtrModeling.cpp:315-318
+ SVal Val = I->second;
+ for (auto si = Val.symbol_begin(), se = Val.symbol_end(); si != se; ++si) {
+ SR.markLive(*si);
+ }
----------------
Yes, this looks correct, thanks!
In the ideal world we'd have checked that `I->first` is live before marking `I->second` live. Unfortunately, currently `checkLiveSymbols` is invoked before RegionStore's live symbols detection, so we can't rely on that and it's a bug; in order to be correct, RegionStore's live symbols detection and checker's live symbols callback should engage in fixpoint iteration.
================
Comment at: clang/lib/StaticAnalyzer/Checkers/SmartPtrModeling.cpp:494-496
+ OS << "Smart pointer";
+ checkAndPrettyPrintRegion(OS, ThisRegion);
+ OS << " is non-null";
----------------
Because these note tags aren't specific to the bug report at hand, they have to be marked as //prunable// (i.e., the optional `getNoteTag()`'s parameter "`IsPrunable`" should be set to true). That'd reduce bug report clutter by not bringing in stack frames that aren't otherwise interesting for the bug report.
Something like this may act as a test (i didn't try):
```lang=c++
struct S {
std::unique_ptr<int> P;
void foo() {
if (!P) { // no-note because foo() is pruned
return;
}
}
int bar() {
P = new int(0);
foo();
return 1 / *P; // warning: division by zero
}
}
```
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D86027/new/
https://reviews.llvm.org/D86027
More information about the cfe-commits
mailing list