dcoughlin added inline comments.
================
Comment at: lib/StaticAnalyzer/Core/ExprEngineC.cpp:462
+ case CK_ReinterpretMemberPointer: {
+ const Expr *UOExpr = CastE->getSubExpr()->IgnoreParenCasts();
+ assert(isa<UnaryOperator>(UOExpr) &&
----------------
I don't think pattern matching on the sub expression to find the referred-to
declaration is the right thing to do here. It isn't always the case that the
casted expression will be a unary pointer to member operation. For example,
this is perfectly fine and triggers an assertion failure on your patch:
```
struct B {
int f;
};
struct D : public B {
int g;
};
void foo() {
D d;
d.f = 7;
int B::* pfb = &B::f;
int D::* pfd = pfb;
int v = d.*pfd;
}
```
Note that you can't just propagate the value already computed for the
subexpression. Here is a particularly annoying example from the C++ spec:
```
struct B {
int f;
};
struct L : public B { };
struct R : public B { };
struct D : public L, R { };
void foo() {
D d;
int B::* pb = &B::f;
int L::* pl = pb;
int R::* pr = pb;
int D::* pdl = pl;
int D::* pdr = pr;
clang_analyzer_eval(pdl == pdr); // FALSE
clang_analyzer_eval(pb == pl); // TRUE
}
```
My guess is this will require accumulating CXXBasePath s or something similar
for each cast. I don't know how to do this efficiently.
https://reviews.llvm.org/D25475
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
