[cfe-dev] CFGElement changes and initializers addition (with patch)

[Ted Kremenek]

On Aug 24, 2010, at 5:43 PM, Zhongxing Xu <xuzhongxing at gmail.com> wrote:

>> Going with my above suggestion, CXXConstructExprs should probably just be treated the same way as CallExprs, and have their own CallEnter/CallExit nodes.  In this way they are treated just like any other call.  That means they should also be block-level expressions.
> 
> We're treating CXXConstructExprs as CallExprs. But they have an
> implicit 'this' argument. I prefer we set up 'this' before entering
> the call.

Hi Zhongxing,

I'm not exactly certain what you mean by setting up 'this'.  What aspect of control-flow do you want to represent in the CFG w.r.t. the 'this' argument?  I assume that this is specific to constructors, and not all calls to member functions.

> That is, I'm suggesting we create CFG for DeclStmt
> 
> A a(3), b(4);
> 
> as
> 
> A a(3)
> A b(4)
> 
> not
> 
> 3
> a(3)
> 4
> b(4)

The reason we do the latter is because of the control-flow sequencing between declarations and initializers.  For example, the following is legal:

  int a = a, b = a;

We represent the control-flow here as:

  a
  int a = a
  a
  int b = a

because there is a control-flow ordering between the initializer expressions and the object they are initializing.  This is important for catching uses of uninitialized values (for example).

With respect to the CFG, I guess I'm not certain what you mean by:

 A a(3)
 A b(4)

To me the '3' and the '4' (the arguments of the call) need to be evaluated before the constructor call, which includes its member initializers.  I would thus expect:

  3
  A a(3)
  4
  A b(4)

I am also not clear what you mean by:

  A a(3)

instead of:

  a(3)

I think I'm missing something basic here.  Could you explain this a little further?  That would really help me understand what you want to represent here, and why it needs to be in the CFG.