NoQ added a comment.
In D142354#4079643 <https://reviews.llvm.org/D142354#4079643>, @Szelethus wrote:
>> In the latter case, have you explored the possibility of force-inlining the
>> class instead, like I suggested in the thread?
>
> I have done some tests then, and figured that the analyzer can't really
> follow what happens in std::variant. I admit, now that I've taken a more
> thorough look, I was wrong! Here are some examples.
>
> std::variant<int, std::string> v = 0;
> int i = std::get<int>(v);
> clang_analyzer_eval(i == 0); // expected-warning{{TRUE}}
> 10 / i; // FIXME: This should warn for division by zero!
>
>
>
> std::variant<int, std::string> v = 0;
> std::string *sptr = std::get_if<std::string>(&v);
> clang_analyzer_eval(sptr == nullptr); // expected-warning{{TRUE}}
> *sptr = "Alma!"; // FIXME: Should warn, sptr is a null pointer!
>
>
>
> void g(std::variant<int, std::string> v) {
> if (!std::get_if<std::string>(&v))
> return;
> int *iptr = std::get_if<int>(&v);
> clang_analyzer_eval(iptr == nullptr); // expected-warning{{TRUE}}
> *iptr = 5; // FIXME: Should warn, iptr is a null pointer!
> }
>
> In neither of these cases was a warning emitted, but that was a result of bug
> report suppression, because the exploded graph indicates that the errors were
> found.
>
> We will need to teach these suppression strategies in these cases, the
> heuristic is too conservative, and I wouldn't mind some `NoteTag`s to tell
> the user something along the lines of "Assuming this variant holds and
> std::string value".
Yeah, right, these are probably inlined defensive check suppressions (type-2,
the ones with "let's early-return null"). So you'll need to see how these
inlined stack frames look like and what makes them different from the unwanted
case. (And it's possible that there are no formal differences, other than the
programmer's "intention"; but it could also be something really simple).
So in any case, I'm really curious whether there's any solution besides "let's
model everything manually", given that we've spent two summers modeling
`unique_ptr` manually and never finished it.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D142354/new/
https://reviews.llvm.org/D142354
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
