[cfe-commits] r158875 - in /cfe/trunk: lib/StaticAnalyzer/Checkers/MallocChecker.cpp test/Analysis/malloc.c test/Analysis/system-header-simulator.h

Anna Zaks ganna at apple.com
Wed Jun 20 16:50:54 PDT 2012 

On Jun 20, 2012, at 4:42 PM, Jordan Rose wrote:

> A lot of this is overlapping CallOrObjCMessage's hasNonZeroCallbackArg. Should we be using that instead to pre-emptively strike these out?
> 

hasNonZeroCallbackArg helps in cases when we pass the pointer to a function which also takes a callback as a parameter. This is not the case here (Otherwise, it should have just worked since malloc checker uses the function) - we pass the pointer to one API and set the callback using another one. 

> (There are a couple cases that still matter, like the "NoCopy" ones, but other than that…)
> 
> 
> On Jun 20, 2012, at 16:35 , Anna Zaks <ganna at apple.com> wrote:
> 
>> Author: zaks
>> Date: Wed Jun 20 18:35:57 2012
>> New Revision: 158875
>> 
>> URL: http://llvm.org/viewvc/llvm-project?rev=158875&view=rev
>> Log:
>> [analyzer] Malloc leak false positive: Allow xpc context to escape.
>> 
>> Modified:
>>   cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
>>   cfe/trunk/test/Analysis/malloc.c
>>   cfe/trunk/test/Analysis/system-header-simulator.h
>> 
>> Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp?rev=158875&r1=158874&r2=158875&view=diff
>> ==============================================================================
>> --- cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp (original)
>> +++ cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp Wed Jun 20 18:35:57 2012
>> @@ -1298,6 +1298,12 @@
>>    if (FName.equals("pthread_setspecific"))
>>      return false;
>> 
>> +    // White list xpc connection context.
>> +    // TODO: Ensure that the deallocation actually happens, need to reason
>> +    // about "xpc_connection_set_finalizer_f".
>> +    if (FName.equals("xpc_connection_set_context"))
>> +      return false;
>> +
>>    // White list the 'XXXNoCopy' ObjC functions.
>>    if (FName.endswith("NoCopy")) {
>>      // Look for the deallocator argument. We know that the memory ownership
>> 
>> Modified: cfe/trunk/test/Analysis/malloc.c
>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/malloc.c?rev=158875&r1=158874&r2=158875&view=diff
>> ==============================================================================
>> --- cfe/trunk/test/Analysis/malloc.c (original)
>> +++ cfe/trunk/test/Analysis/malloc.c Wed Jun 20 18:35:57 2012
>> @@ -974,3 +974,16 @@
>>  // object doesn't escape and it hasn't been freed in this function.
>> }
>> 
>> +// Allow xpc context to escape. radar://11635258
>> +// TODO: Would be great if we checked that the finalize_connection_context actually releases it.
>> +static void finalize_connection_context(void *ctx) {
>> +  int *context = ctx;
>> +  free(context);
>> +}
>> +void foo (xpc_connection_t peer) {
>> +  int *ctx = calloc(1, sizeof(int));
>> +  xpc_connection_set_context(peer, ctx);
>> +  xpc_connection_set_finalizer_f(peer, finalize_connection_context);
>> +  xpc_connection_resume(peer);
>> +}
>> +
>> 
>> Modified: cfe/trunk/test/Analysis/system-header-simulator.h
>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/system-header-simulator.h?rev=158875&r1=158874&r2=158875&view=diff
>> ==============================================================================
>> --- cfe/trunk/test/Analysis/system-header-simulator.h (original)
>> +++ cfe/trunk/test/Analysis/system-header-simulator.h Wed Jun 20 18:35:57 2012
>> @@ -53,3 +53,10 @@
>>                                   CGColorSpaceRef space,
>>                                   CGBitmapInfo bitmapInfo*/);
>> void *CGBitmapContextGetData(CGContextRef context);
>> +
>> +// Include xpc.
>> +typedef struct _xpc_connection_s * xpc_connection_t;
>> +typedef void (*xpc_finalizer_t)(void *value);
>> +void xpc_connection_set_context(xpc_connection_t connection, void *context);
>> +void xpc_connection_set_finalizer_f(xpc_connection_t connection, xpc_finalizer_t finalizer);
>> +void xpc_connection_resume(xpc_connection_t connection);
>> 
>> 
>> _______________________________________________
>> cfe-commits mailing list
>> cfe-commits at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
>

More information about the cfe-commits mailing list