[cfe-commits] [PATCH] 3 small static analyzer patches
Anna Zaks
ganna at apple.com
Mon Sep 24 11:28:15 PDT 2012
On Sep 24, 2012, at 11:22 AM, Jordan Rose <jordan_rose at apple.com> wrote:
>
> On Sep 22, 2012, at 21:00 , Sean McBride <sean at rogue-research.com> wrote:
>
>> On Fri, 21 Sep 2012 09:51:32 -0700, Jordan Rose said:
>>
>>> The reallocf change looks good. The place to add a test is unix-fns.c,
>>> which you probably already found. I'll let you come up with a test case
>>> just to practice. ;-) Welcome to the static analyzer!
>>
>> I did find that, and also tools/clang/test/Analysis/malloc.c which has functions named reallocSizeZero1, reallocSizeZero2, etc. Should I make reallocf() versions of those too?
>
> Hm. The two files are actually testing different checkers, and the change you're making won't change the behavior tested in malloc.c.
>
> Stepping back, those functions are intended to test Linux's realloc behavior, which frees the memory and may return NULL when the size is 0. Clearly there are problems there. :-) But the checker is trying to support that particular idiom on Linux, and people who depend on it may want to disable the UnixAPIChecker without disabling MallocChecker.
>
I think the long term solution should be to move the '0' size check from UnixAPI checker into the MallocChecker (use-after-free, memory leaks) and allow the Malloc Checker to assume that the allocation size is not '0' since the behavior is platform specific. (There is a TODO about this in the Unix API checker already.)
Cheers,
Anna.
> So I think just unix-fns.c is okay for this change. We do already have some independent reallocf tests in malloc.c.
>
> Thanks, Sean!
> Jordan
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
More information about the cfe-commits
mailing list