================
@@ -1,4 +1,27 @@
-// RUN: %clang_analyze_cc1 -analyzer-checker=core -verify %s
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection -verify
%s
+
+void clang_analyzer_warnIfReached();
+
+struct Clazz {
+ template <typename T>
+ static void templated_memfn();
+};
+
+// This must come before the 'templated_memfn' is defined!
+static void instantiate() {
+ Clazz::templated_memfn<int>();
+}
+
+template <typename T>
+void Clazz::templated_memfn() {
+ // When we report a bug in a function, we traverse the lexical decl context
+ // of it while looking for suppression attributes to record what source
----------------
haoNoQ wrote:
If there's a branch then there's probably an assertion failure on the null side
of the branch. So there won't be a bug report and there's nothing to suppress.
But it's very common to not have a branch, just dereference it blindly inside
`operator*()` to form a null reference if the pointer was null. That's where
the warning would show up if and only if the call site misuses the pointer, so
it makes perfect sense to have suppression at the call site too.
Basically if your code never uses raw pointers and only uses standard smart
pointers (and our experimental explicit models for those standard smart
pointers aren't turned on) then \*every\* null dereference warning would suffer
from this problem, and \*every\* false positive among those otherwise
reasonably-reliable warnings would need to be suppressed at the call site this
way.
(Ok ok not every warning. The call sites that perform dereference with
`operator->()` wouldn't need it because the dereference happens at the call
site, the operator simply passes the null pointer through. I'm only talking
about dereferences with `operator*()` which would create a null reference
before they leave the system header.)
But either way, as long as we believe that emitting warnings in the system
headers is a good idea (simply because the root cause of the problem isn't
necessarily in the system header), we have to accept that we need a way to
suppress these warnings without touching system headers (when the root cause of
the \*false positive\* isn't necessarily in the system header either).
https://github.com/llvm/llvm-project/pull/168954
_______________________________________________
cfe-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
