[PATCH] [Review request][analyzer] Duplicate '0 size allocation' check from unix.API in unix.Malloc.
Anna Zaks
zaks.anna at gmail.com
Sun Dec 28 12:17:46 PST 2014
Hi Anton,
Thanks for the updated patch!
"Yes, but only with 'suppress-inlined-defensive-checks=false' given to analyzer."
Have you added a test to make sure that is the case? (If yes, what's the function name. I could not easily find it.) It would be similar to the path-sensitive check you've added but the check against '0' would be done in an inlined function.
Looks like you've removed the checks from the unix checker along with the tests. Can you add the tests back? I suggest adding your checker to the test file that contains the existing tests and check that it produces the same exact output. (If there are differences, I'd like to see what they are.) We can later remove the redundant tests as a separate commit.
/*
// TODO: Will be uncommented when 'realloc' is handled properly (see http://reviews.llvm.org/D6178 for
// details).
void testReallocZero(char *ptr) {
char *foo = realloc(ptr, 0); // TODO:expected-warning{{Call to 'realloc()' has an allocation size of 0 bytes}}
free(foo);
}
*/
1. We should not use "/*" for comments.
2. Why should we warn in this case? It is possible that someone is trying to free the memory by calling "realloc(ptr, 0)".. Or are you saying that if literal '0' is passed we should warn? This could potentially introduce false positives..
http://reviews.llvm.org/D6178
EMAIL PREFERENCES
http://reviews.llvm.org/settings/panel/emailpreferences/
More information about the cfe-commits
mailing list