[cfe-dev] Ownership attribute for malloc etc. checking

[Andrew McGregor]

This is a second try at some attributes that presently only enable the
malloc checker to be smarter.  Syntactically, however, the attributes are
intended to be more generally useful.

The attributes are currently used like this:

void __attribute((ownership_takes(malloc, 1))) bar(char * it) {
  free(it);
}

char * __attribute((ownership_returns(malloc, 1))) bar2(size_t i) {
  return (char *) malloc(i);
}

There is a third called ownership_holds.  The distinction is that
ownership_takes does not allow the resource to be used after passing it in,
while ownership_holds does.

The first argument is intended to be the name of a type of resource, in this
case memory allocated through malloc.  This is the only value currently
checked, any other value is silently ignored.

The second argument is an index into the function's argument list, for
ownership_returns it is the size of the malloc region, for the others it is
the pointer to check.

In this patch, only one argument per function can be annotated, that still
has to be fixed.

Andrew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20100624/7e79aa85/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: clang-ownership.patch
Type: text/x-patch
Size: 23500 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20100624/7e79aa85/attachment.bin>