[PATCH] D110927: [analyzer] Access stored value of a constant array through a pointer to another type
Shafik Yaghmour via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Oct 1 12:04:44 PDT 2021
shafik added a comment.
In D110927#3036647 <https://reviews.llvm.org/D110927#3036647>, @ASDenysPetrov wrote:
> In D110927#3036436 <https://reviews.llvm.org/D110927#3036436>, @steakhal wrote:
>
>> I'm pretty sure that `int x4 = ((char*)arr)[1];` is supposed to be valid in your summary.
>> I think it's allowed by the standard to access any valid object via a `char*` - according to the strict aliasing rule.
>> @shafik WDYT?
>
> As I found we can legaly treat `char*` as the object of type `char` but not as an array of objects. This is mentioned in http://eel.is/c++draft/basic.compound#3.4 //For purposes of pointer arithmetic ... an object of type T that is not an array element is considered to belong to an array with one element of type T.// That means that we can get only the first element of `char*`, otherwise it would be an UB. There is also a paper to overcome this constraint http://open-std.org/JTC1/SC22/WG21/docs/papers/2019/p1839r0.pdf
>
> @aaron.ballman I would like you join the discussion, as we have similar one in D104285 <https://reviews.llvm.org/D104285>.
IIUC the object is `const int arr[42]` and the `(char *)arr` is an expression of pointer type and adding `1` to this is valid. The case you refer to in D104285 <https://reviews.llvm.org/D104285> ended up being a pointer to an array of 2 ints and therefore accessing the third element was out of bounds.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D110927/new/
https://reviews.llvm.org/D110927
More information about the cfe-commits
mailing list