================
@@ -206,23 +221,42 @@ class StdVariantChecker : public Checker<eval::Call,
check::RegionChanges> {
if (!ThisMemRegion)
return;
+ // Get the first type alternative of the std::variant instance.
+ assert((ThisSVal.getType(C.getASTContext())->isPointerType() ||
+ ThisSVal.getType(C.getASTContext())->isReferenceType()) &&
+ "The This SVal must be a pointer!");
+
std::optional<QualType> DefaultType = getNthTemplateTypeArgFromVariant(
ThisSVal.getType(C.getASTContext())->getPointeeType().getTypePtr(), 0);
if (!DefaultType)
return;
+ // We conjure a symbol that represents the value-initialized value held by
+ // the default constructed std::variant. This could be made more precise
+ // if we would actually simulate the value-initialization of the value.
+ //
+ // We are storing pointer/reference typed SVals because when an
+ // std::variant is constructed with a value constructor a reference is
+ // received. The SVal representing this parameter will also have reference
+ // type. We use this SVal to store information about the value held is an
+ // std::variant instance. Here we are conforming to this and also use
+ // reference type. Also if we would not use reference typed SVals
+ // the analyzer would crash when handling the cast expression with the
+ // reason that the SVal is a NonLoc SVal.
+ SVal DefaultConstructedHeldValue = C.getSValBuilder().conjureSymbolVal(
+ ConstructorCall->getOriginExpr(), C.getLocationContext(),
+ C.getASTContext().getLValueReferenceType(*DefaultType),
C.blockCount());
----------------
NagyDonat wrote:
It would be good to model running the default constructor of this `DefaultType`
at this point.
https://github.com/llvm/llvm-project/pull/87886
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
