On Wed, 23 Jun 2021, Martin Jambor wrote: > Hi, > > On Wed, Jun 23 2021, Erick Ochoa via Gcc wrote: > > Hello, > > > > I know that some BUILT_IN functions are treated in a special way by > > the points-to analysis. Those functions are those that take pointers > > as arguments or return them but do not change their points-to set and > > similar cases. (E.g. strcpy returns a pointer to the same object as > > their first argument points to.) > > > > I notice that in these special cases, the printf function is nowhere > > to be found, and if one prints a pointer using printf the pointer > > points to escaped memory. > > > > Why is this the case? > > I guess that to assume otherwise, one would have to make sure the > pointer does not correspond to a "%n" (or similar, perhaps even future) > conversion specifier. > > (But I am only guessing.)
%p (not %n) allows the pointer to escape. Alexander
