[cfe-commits] r158875 - in /cfe/trunk: lib/StaticAnalyzer/Checkers/MallocChecker.cpp test/Analysis/malloc.c test/Analysis/system-header-simulator.h
Jordan Rose
jordan_rose at apple.com
Wed Jun 20 16:42:40 PDT 2012
A lot of this is overlapping CallOrObjCMessage's hasNonZeroCallbackArg. Should we be using that instead to pre-emptively strike these out?
(There are a couple cases that still matter, like the "NoCopy" ones, but other than that…)
On Jun 20, 2012, at 16:35 , Anna Zaks <ganna at apple.com> wrote:
> Author: zaks
> Date: Wed Jun 20 18:35:57 2012
> New Revision: 158875
>
> URL: http://llvm.org/viewvc/llvm-project?rev=158875&view=rev
> Log:
> [analyzer] Malloc leak false positive: Allow xpc context to escape.
>
> Modified:
> cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
> cfe/trunk/test/Analysis/malloc.c
> cfe/trunk/test/Analysis/system-header-simulator.h
>
> Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp?rev=158875&r1=158874&r2=158875&view=diff
> ==============================================================================
> --- cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp (original)
> +++ cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp Wed Jun 20 18:35:57 2012
> @@ -1298,6 +1298,12 @@
> if (FName.equals("pthread_setspecific"))
> return false;
>
> + // White list xpc connection context.
> + // TODO: Ensure that the deallocation actually happens, need to reason
> + // about "xpc_connection_set_finalizer_f".
> + if (FName.equals("xpc_connection_set_context"))
> + return false;
> +
> // White list the 'XXXNoCopy' ObjC functions.
> if (FName.endswith("NoCopy")) {
> // Look for the deallocator argument. We know that the memory ownership
>
> Modified: cfe/trunk/test/Analysis/malloc.c
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/malloc.c?rev=158875&r1=158874&r2=158875&view=diff
> ==============================================================================
> --- cfe/trunk/test/Analysis/malloc.c (original)
> +++ cfe/trunk/test/Analysis/malloc.c Wed Jun 20 18:35:57 2012
> @@ -974,3 +974,16 @@
> // object doesn't escape and it hasn't been freed in this function.
> }
>
> +// Allow xpc context to escape. radar://11635258
> +// TODO: Would be great if we checked that the finalize_connection_context actually releases it.
> +static void finalize_connection_context(void *ctx) {
> + int *context = ctx;
> + free(context);
> +}
> +void foo (xpc_connection_t peer) {
> + int *ctx = calloc(1, sizeof(int));
> + xpc_connection_set_context(peer, ctx);
> + xpc_connection_set_finalizer_f(peer, finalize_connection_context);
> + xpc_connection_resume(peer);
> +}
> +
>
> Modified: cfe/trunk/test/Analysis/system-header-simulator.h
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/system-header-simulator.h?rev=158875&r1=158874&r2=158875&view=diff
> ==============================================================================
> --- cfe/trunk/test/Analysis/system-header-simulator.h (original)
> +++ cfe/trunk/test/Analysis/system-header-simulator.h Wed Jun 20 18:35:57 2012
> @@ -53,3 +53,10 @@
> CGColorSpaceRef space,
> CGBitmapInfo bitmapInfo*/);
> void *CGBitmapContextGetData(CGContextRef context);
> +
> +// Include xpc.
> +typedef struct _xpc_connection_s * xpc_connection_t;
> +typedef void (*xpc_finalizer_t)(void *value);
> +void xpc_connection_set_context(xpc_connection_t connection, void *context);
> +void xpc_connection_set_finalizer_f(xpc_connection_t connection, xpc_finalizer_t finalizer);
> +void xpc_connection_resume(xpc_connection_t connection);
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
More information about the cfe-commits
mailing list