NoQ added inline comments.
================
Comment at:
clang/include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h:378
+ type = type->isReferenceType()
+ ? Context.getPointerType(type->getPointeeType())
+ : type;
----------------
vabridgers wrote:
> NoQ wrote:
> > How do you discover the pointer width by looking only at the pointee type?
> > Are objects of specific type always restricted to a specific address space?
> > I.e., does every `int *` have the same width everywhere in the program? If
> > not, how is this code supposed to work?
> The case this code addresses is represented in the test case
> clang/test/Analysis/cast-value-notes.cpp, this function ...
>
> ```
> 24 void evalReferences(const Shape &S) {
> 25 const auto &C = dyn_cast<Circle>(S);
> 26 // expected-note@-1 {{Assuming 'S' is not a 'Circle'}}
> 27 // expected-note@-2 {{Dereference of null pointer}}
> 28 // expected-warning@-3 {{Dereference of null pointer}}
> 29 }
>
> ```
> The crash occurs from line 25 above.
>
> Debug printing what I see at this point in the code for this case ...
>
> ```
> QualType type : LValueReferenceType 0xffea820 'const class clang::Circle &'
> `-QualType 0xffea7c1 'const class clang::Circle' const
> `-SubstTemplateTypeParmType 0xffea7c0 'class clang::Circle' sugar
> |-TemplateTypeParmType 0xffe4f90 'X' dependent depth 0 index 0
> | `-TemplateTypeParm 0xffe4f40 'X'
> `-RecordType 0xffea090 'class clang::Circle'
> `-CXXRecord 0xffea000 'Circle'
>
> Context.getPointerType(type) : PointerType 0x10006ab0 'const class
> clang::Circle &*'
> `-LValueReferenceType 0xffea820 'const class clang::Circle &'
> `-QualType 0xffea7c1 'const class clang::Circle' const
> `-SubstTemplateTypeParmType 0xffea7c0 'class clang::Circle' sugar
> |-TemplateTypeParmType 0xffe4f90 'X' dependent depth 0 index 0
> | `-TemplateTypeParm 0xffe4f40 'X'
> `-RecordType 0xffea090 'class clang::Circle'
> `-CXXRecord 0xffea000 'Circle'
>
> Context.getPointerType(type->getPointeeType()) : PointerType 0x10006ae0
> 'const class clang::Circle *'
> `-QualType 0xffea7c1 'const class clang::Circle' const
> `-SubstTemplateTypeParmType 0xffea7c0 'class clang::Circle' sugar
> |-TemplateTypeParmType 0xffe4f90 'X' dependent depth 0 index 0
> | `-TemplateTypeParm 0xffe4f40 'X'
> `-RecordType 0xffea090 'class clang::Circle'
> `-CXXRecord 0xffea000 'Circle'
>
> ```
> The LValueReferenceType causes a crash if I do not get a pointer type, looks
> like ...
>
> ```
> clang:
> <root>/clang/include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h:219:
> const llvm::APSInt&
> clang::ento::BasicValueFactory::getZeroWithTypeSize(clang::QualType):
> Assertion `T->isScalarType()' failed.
>
> ```
> I'm assuming the pointer type retains the address space attribute of the
> LValueReferenceType.
>
> Context.getPointerType(type->getPointeeType()) produces a QualType :
> PointerType 'const class clang::Circle *' from an original QualType :
> LValueReferenceType 'const class clang::Circle &'
>
> Is this not what's wanted - a pointer type instead of a reference, with the
> same address space qualifiers, or am I missing something in the query?
>
> Thanks
Do I understand correctly that `__attribute__((address_space))` is a type
attribute that gets applied to values rather than to pointers, so
`__attribute__((address_space(3))) int *x` defines `x` as "pointer to (int that
lives in address_space(3))", so when you unwrap the pointer type you get an
"int that lives in address_space(3)"?
Can you share some dumps to demonstrate that the attribute is correctly
preserved by this procedure? Damn, a test case could be great if we could have
them.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D119601/new/
https://reviews.llvm.org/D119601
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
