[LLVMbugs] [Bug 12101] New: Add support for source to inform the malloc/free checker that ownership is being transferred

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Mon Feb 27 09:50:37 PST 2012 

http://llvm.org/bugs/show_bug.cgi?id=12101

             Bug #: 12101
           Summary: Add support for source to inform the malloc/free
                    checker that ownership is being transferred
           Product: clang
           Version: trunk
          Platform: Macintosh
        OS/Version: MacOS X
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Static Analyzer
        AssignedTo: kremenek at apple.com
        ReportedBy: tjw at me.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified


The new malloc/free checker warns spuriously in cases were are making a context
structure and passing it off to system API to be handed back to us later. In
this particular case, we are making a CFDataRef-backed stdio stream.

The proximate code is:


static int _CFData_closefn(void *_ctx)
{
    //fprintf(stderr, "close(ctx:%p)\n", _ctx);
    CFDataFileContext *ctx = (CFDataFileContext *)_ctx;
    CFRelease(ctx->data);
    free(ctx);

    return 0;
}

FILE *OFDataCreateReadOnlyStandardIOFile(CFDataRef data, CFErrorRef *outError)
{
    CFDataFileContext *ctx = calloc(1, sizeof(CFDataFileContext));
    ctx->data = CFRetain(data);
    ctx->bytes = (void *)CFDataGetBytePtr(data);
    ctx->length = CFDataGetLength(data);
    //fprintf(stderr, "open read -> ctx:%p\n", ctx);

    FILE *f = funopen(ctx, _CFData_readfn, NULL/*writefn*/, _CFData_seekfn,
_CFData_closefn);
    if (f == NULL) {
        if (outError)
            *outError = CFErrorCreate(kCFAllocatorDefault, kCFErrorDomainPOSIX,
errno, NULL);
        CFRelease(data);
        free(ctx);
    }

    return f;
}

More details can be found in our github repo at
<https://github.com/omnigroup/OmniGroup/blob/master/Frameworks/OmniFoundation/CoreFoundationExtensions/CFData-OFFileIO.m>

In this case it seems like clang-sa shouldn't assume that the funopen() is a
sink for a malloc'd block since this isn't required by stdio.

-- 
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the llvm-bugs mailing list