<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - Escaping symbols written to pre-escaped stack regions"
href="https://bugs.llvm.org/show_bug.cgi?id=44267">44267</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>Escaping symbols written to pre-escaped stack regions
</td>
</tr>
<tr>
<th>Product</th>
<td>clang
</td>
</tr>
<tr>
<th>Version</th>
<td>trunk
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>enhancement
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>Static Analyzer
</td>
</tr>
<tr>
<th>Assignee</th>
<td>dcoughlin@apple.com
</td>
</tr>
<tr>
<th>Reporter</th>
<td>xazax.hun@gmail.com
</td>
</tr>
<tr>
<th>CC</th>
<td>dcoughlin@apple.com, llvm-bugs@lists.llvm.org
</td>
</tr></table>
<p>
<div>
<pre>The problem in the title was partially solved in
<a href="https://github.com/llvm/llvm-project/commit/f3a28202ef58551db15818f8f51afd21e0f3e231">https://github.com/llvm/llvm-project/commit/f3a28202ef58551db15818f8f51afd21e0f3e231</a>
So we do not warn on:
void save_ptr(int **);
void delete_saved();
void store_to_escaped_region() {
int *p;
save_ptr(&p);
p = new int;
delete_saved();
} // no-warning
The reason why we decided to revert this change for now because we have not
found out a good way introduce this concept to the checkers. The pre-escape
happens in the analyzer core and the checker has no control over it. If the
checker is not interestd in a pre-escape it would need to do additional work on
each escape to check if the escaped symbol is originated from an
"uninteresting" pre-escaped memory region. In order to keep the checker API
simple we abandoned this solution for now.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>