[LLVMbugs] [Bug 18262] New: False positive: malloced pointers wrapped in NSValues

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Mon Dec 16 10:17:42 PST 2013 

http://llvm.org/bugs/show_bug.cgi?id=18262

            Bug ID: 18262
           Summary: False positive: malloced pointers wrapped in NSValues
           Product: clang
           Version: unspecified
          Hardware: Macintosh
                OS: MacOS X
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: razielim at gmail.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

This one's perhaps a bit mean - I'd be seriously impressed with the SA if it
saw through this. Anyway, there may be a way to fix it as an enhancement.

This is happening inside a subclass which is created at runtime, so we need to
store the memory pointer inside an associated object; new ivars are not
available.

- (void)createInstanceMutex {
    // Create the instance release mutex

    pthread_mutex_t * instanceMutex = calloc( sizeof( pthread_mutex_t ), 1 );
    pthread_mutex_init( instanceMutex, &mutexAttributes );

    // Hold an associated object with the mutex

    objc_setAssociatedObject( self, @selector( releaseLock ), [NSValue
valueWithPointer: instanceMutex], OBJC_ASSOCIATION_RETAIN_NONATOMIC );
}

then elsewhere:

- (void)destroyInstanceMutex {

    pthread_mutex_t * instanceMutex = [self releaseLock];
    if( NULL != instanceMutex )
    {
        pthread_mutex_destroy( instanceMutex );
        free( instanceMutex );
        objc_setAssociatedObject( self, @selector( releaseLock ), Nil,
OBJC_ASSOCIATION_ASSIGN );
    }
}

The SA warns that there is a potential leak of memory at the line:

objc_setAssociatedObject( self, @selector( releaseLock ), [NSValue
valueWithPointer: instanceMutex], OBJC_ASSOCIATION_RETAIN_NONATOMIC );

Presumably because that's the last reference to 'instanceMutex', but the SA
should perhaps suppress the warning if the pointer is being wrapped in an
NSValue and that NSValue kept referencable.

For extra credit, it could check if that NSValue is ever read and its pointer
value freed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20131216/42c9dab4/attachment.html>

More information about the llvm-bugs mailing list