AIM: - Transfer the vfunc handling code to region_model::get_fndecl_for_call () - Filter out a possible targets of a polymorphic call to only one most porbable target
--- PROGRESS : - I decided to transfer the code of detecting virtual call to region_model::get_fndecl_for_call () so that the analyzer kind of "devirtualise" polymorphic calls to give a single accurate fn_decl of the possible target . This makes it possible to fix the part where I had to make analyzer assume a call to have no side effect when it is a polymorphic call when analysing a call stmt. - The way analyzer is more capable to see through a polymorphic call is the fact that state of the expoloded node at the time of call knows what subclass the pointer which is being used to call a vfunc is actually pointing to. ( here is an example showing the same https://godbolt.org/z/8MWx58dWo ) - So currently I am working on a way to extract this info from the state and use it to find the most accurate target amongst all possible targets of a polymorphic call we already have, and let the analyzer only call one function at the callsite. Current idea is to evaluate both's ( the possible fn_decl and the pointee of the pointer used to call that is used to call vfunc ) DECL_CONTEXT to see if we find a match. --- STATUS AT THE END OF THE DAY :- - Transfer the vfunc handling code to region_model::get_fndecl_for_call () (done ) - Filter out a possible targets of a polymorphic call to only one most porbable target ( pending ) Thank you - Ankur
