================
@@ -297,20 +314,29 @@ std::optional<std::string> printReferrer(const MemRegion
*Referrer) {
return "global";
assert(isa<StackSpaceRegion>(Space));
return "stack";
- }(Referrer->getMemorySpace());
-
- // We should really only have VarRegions here.
- // Anything else is really surprising, and we should get notified if such
- // ever happens.
- const auto *ReferrerVar = dyn_cast<VarRegion>(Referrer);
- if (!ReferrerVar) {
- assert(false && "We should have a VarRegion here");
- return std::nullopt; // Defensively skip this one.
+ }(getStackOrGlobalSpaceRegion(Referrer));
+
+ while (!Referrer->canPrintPretty()) {
+ if (const auto *SymReg = dyn_cast<SymbolicRegion>(Referrer)) {
+ Referrer = SymReg->getSymbol()->getOriginRegion()->getBaseRegion();
----------------
NagyDonat wrote:
> a region containing a conjured symbol with no origin region associated would
> also have no known memory space so it would not reach this point because I
> discard such region
> [here](https://github.com/necto/llvm-project/blob/az/CPP-4734-stack-leak-output-arg/clang/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp#L302)
You're right that you wouldn't reach this point with a conjured symbol that has
no origin region, because the immediately invoked lambda that defines
`ReferrerMemorySpace` triggers the assertion
`assert(isa<StackSpaceRegion>(Space));` if it cannot trace back the value to
either the static globals, the globals or the stack.
However, that's still a hard assertion in a situation that is reachable during
normal operation of the analyzer, so you need to replace it with a no-op early
return or something. (That would probably involve eliminating the immediately
invoked lambda, because it cannot `return` from the function that surrounds it.)
https://github.com/llvm/llvm-project/pull/105653
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
