On Mon, Nov 11, 2019 at 11:38 PM Martin Sebor <mse...@gmail.com> wrote: > > The conditional in default_ref_may_alias_errno has the function > return true even for local variables, implying that locals must > be assumed not to have been changed across calls to errno-setting > functions like malloc. This leads to both worse code and also > false negatives in the strlen pass' detection of buffer overflow > across such calls. > > The attached patch constrains the conditional to only consider > external declarations. > > Tested on x86_64-linux.
OK. This means a tentative definition for 'errno' is non-conforming? (besides not working well in practice, of course) Thanks, Richard. > > Martin
