alexshap added inline comments.
================
Comment at: lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp:144
+ return;
+ if (dyn_cast_or_null<StackSpaceRegion>(Region->getMemorySpace())) {
+ ExplodedNode *N = C.generateErrorNode();
----------------
NoQ wrote:
> `getMemorySpace()` is never null. Every region resides in a memory space.
i was looking at StackAddrEscapeChecker::checkPreStmt - should it be fixed
there as well, or that one is different ?
================
Comment at: lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp:145
+ if (dyn_cast_or_null<StackSpaceRegion>(Region->getMemorySpace())) {
+ ExplodedNode *N = C.generateErrorNode();
+ if (!N)
----------------
xazax.hun wrote:
> This will stop the analysis on this execution path. Is this desired? Usually,
> we stop the execution when there is no way to model the program state after
> the error, e.g.: after a division by zero. In this case the stack address
> escaped but it wasn't dereferenced (yet), so I think it might be safe to
> continue the analysis on this path. What do you think?
I think you are right, would be better to make it non-fatal
Repository:
rL LLVM
https://reviews.llvm.org/D39438
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
