r188468 - [analyzer] If realloc fails on an escaped region, that region doesn't leak.
Дмитрий Дьяченко
dimhen at gmail.com
Thu Aug 15 10:54:23 PDT 2013
Nice!
time to revisit http://llvm.org/bugs/show_bug.cgi?id=8395#c3 ?
Dmitry
2013/8/15 Jordan Rose <jordan_rose at apple.com>:
> Author: jrose
> Date: Thu Aug 15 12:22:06 2013
> New Revision: 188468
>
> URL: http://llvm.org/viewvc/llvm-project?rev=188468&view=rev
> Log:
> [analyzer] If realloc fails on an escaped region, that region doesn't leak.
>
> When a region is realloc()ed, MallocChecker records whether it was known
> to be allocated or not. If it is, and the reallocation fails, the original
> region has to be freed. Previously, when an allocated region escaped,
> MallocChecker completely stopped tracking it, so a failed reallocation
> still (correctly) wouldn't require freeing the original region. Recently,
> however, MallocChecker started tracking escaped symbols, so that if it were
> freed we could check that the deallocator matched the allocator. This
> broke the reallocation model for whether or not a symbol was allocated.
>
> Now, MallocChecker will actually check if a symbol is owned, and only
> require freeing after a failed reallocation if it was owned before.
>
> PR16730
>
> Modified:
> cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
> cfe/trunk/test/Analysis/malloc.c
>
> Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp?rev=188468&r1=188467&r2=188468&view=diff
> ==============================================================================
> --- cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp (original)
> +++ cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp Thu Aug 15 12:22:06 2013
> @@ -1060,7 +1060,7 @@ ProgramStateRef MallocChecker::FreeMemAu
> }
> }
>
> - ReleasedAllocated = (RsBase != 0);
> + ReleasedAllocated = (RsBase != 0) && RsBase->isAllocated();
>
> // Clean out the info on previous call to free return info.
> State = State->remove<FreeReturnValue>(SymBase);
>
> Modified: cfe/trunk/test/Analysis/malloc.c
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/malloc.c?rev=188468&r1=188467&r2=188468&view=diff
> ==============================================================================
> --- cfe/trunk/test/Analysis/malloc.c (original)
> +++ cfe/trunk/test/Analysis/malloc.c Thu Aug 15 12:22:06 2013
> @@ -1207,6 +1207,16 @@ void freeMemory() {
> }
> }
>
> +// PR16730
> +void testReallocEscaped(void **memory) {
> + *memory = malloc(47);
> + char *new_memory = realloc(*memory, 47);
> + if (new_memory != 0) {
> + *memory = new_memory;
> + }
> +}
> +
> +
> // ----------------------------------------------------------------------------
> // False negatives.
>
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
More information about the cfe-commits
mailing list