steakhal added a comment.
In D77062#2294516 <https://reviews.llvm.org/D77062#2294516>, @martong wrote:
> Though, the fix probably will not be simple, because the issue itself always
> requires a 3x indirection. The code that is presented by @steakhal is the
> least minimal example to get this crash. The reason why we cannot have a
> crash with a `**` is a mystic at the moment.
I think probably the representation of casts is behind this.
Eg. if you reinterpret cast `b` to `int**`, and make the type pun that way, we
don't crash.
template <typename T> void clang_analyzer_dump(T);
void test(int *a, char ***b) {
*(int **)b = a; // only this line changed!
clang_analyzer_dump(**b); // &SymRegion{reg_$2<char *
Element{SymRegion{reg_$0<int * a>},0 S64b,char *}>}
if (**b == nullptr) // will-not-crash
;
}
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D77062/new/
https://reviews.llvm.org/D77062
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
