[cfe-dev] static analysis inlining varargs functions
Anna Zaks
ganna at apple.com
Wed Apr 1 11:50:27 PDT 2015
> On Mar 17, 2015, at 1:21 PM, Bob Kuo <Bob.Kuo at riverbed.com> wrote:
>
> Hello clang developers,
>
> We recently found a memory leak at work we were not freeing allocated memory returned by the standard C string strdup() function. I ran the static analyzer against a version of the code with the defect and it didn't detect a memory leak. When I reduced the code to a simpler test case the static analyzer correctly identified the leak. After a few iterations I found that the culprit was a varargs function where the variable that held a reference to the allocated memory was a parameter. With the call to the varargs function commented out, the static analyzer identified the leak. With the call to the varargs function no warning was produced.
>
> Is this a design decision or inherent limit in the static analyzer? Is this a known issue? I didn't see any bugs in the tracker. Should I file a bug?
>
I am not sure if it is related to the function being varargs or just passing the reference to a function the analyzer does not see. Can you check that?
When a pointer to allocated memory is passed to a function that the analyzer does not see, the analyzer assumes that that function could free it. (This is by design to reduce the number of false positives.)
> Thanks,
>
> Bob Kuo
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20150401/201a3ebc/attachment.html>
More information about the cfe-dev
mailing list