[cfe-dev] [analyzer] Should analyzer report about potential null-dereferencing?
Denis Petrov via cfe-dev
cfe-dev at lists.llvm.org
Thu Apr 16 07:28:51 PDT 2020
Next code generates a sink node and a bug report:
int setPtr(const int&);
int* getPtr();
void f(bool is, const int x, const int y)
{
const int *ptr = &x;
if (is) {
ptr = nullptr;?
}
setPtr(*ptr);
}
But next code just generates a sink node without a bug report:?
int setPtr(const int&);
int* getPtr();
void f(bool is, const int x, const int y)
{
const int *ptr = &x;
if (is) {
ptr = getPtr();?
}
setPtr(*ptr);
}
Why does analyzer act like that? Is there any command line option to turn this on?
________________________________
Denys Petrov
Senior ะก++ Developer | Kharkiv, Ukraine
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20200416/b6cdbc99/attachment.html>
More information about the cfe-dev
mailing list