vbvictor wrote: Thank you for your long and detailed answer! Indeed, the check can benefit a lot from path-sensitive analysis:
- Easier traversing with less boilerplate code. - Easier handling of edge-cases like struct fields and unions, support of local variables. - Fewer false-positives with more positives. So from my perspective, this check can live as a clang-tidy check. However, looking at all benefits of path-sensitive analysis of CSA, the check would look a _lot better_ as a CSA check. I understand that CSA checks might be harder to write since CSA itself has higher entry threshold than clang-tidy, but it's hard to give a thoughtful and careful review of such big clang-tidy check, especially that has non-trivial manual AST-visiting. https://github.com/llvm/llvm-project/pull/130421 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
