[PATCH] D76917: [analyzer][MallocChecker] Fix that kfree only takes a single argument
Kristóf Umann via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Mar 27 04:50:12 PDT 2020
Szelethus created this revision.
Szelethus added reviewers: balazske, NoQ, martong, baloghadamsoftware.
Szelethus added a project: clang.
Herald added subscribers: cfe-commits, ASDenysPetrov, steakhal, Charusso, gamesh411, dkrupp, donat.nagy, mikhail.ramalho, a.sidorin, rnkovacs, szepet, xazax.hun, whisperity.
Exactly what it says on the tin!
https://www.kernel.org/doc/htmldocs/kernel-api/API-kfree.html
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D76917
Files:
clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
clang/test/Analysis/kmalloc-linux.c
Index: clang/test/Analysis/kmalloc-linux.c
===================================================================
--- clang/test/Analysis/kmalloc-linux.c
+++ clang/test/Analysis/kmalloc-linux.c
@@ -1,4 +1,7 @@
-// RUN: %clang_analyze_cc1 -triple x86_64-unknown-linux %s
+// RUN: %clang_analyze_cc1 -triple x86_64-unknown-linux %s -verify \
+// RUN: -Wno-incompatible-library-redeclaration \
+// RUN: -analyzer-checker=core \
+// RUN: -analyzer-checker=unix.Malloc
#define __GFP_ZERO 0x8000
#define NULL ((void *)0)
@@ -6,6 +9,7 @@
typedef __typeof(sizeof(int)) size_t;
void *kmalloc(size_t, int);
+void kfree(void *);
struct test {
};
@@ -61,6 +65,8 @@
struct malloc_type;
+// 3 parameter malloc:
+// https://www.freebsd.org/cgi/man.cgi?query=malloc&sektion=9
void *malloc(unsigned long size, struct malloc_type *mtp, int flags);
void test_3arg_malloc(struct malloc_type *mtp) {
@@ -97,7 +103,7 @@
struct test **list, *t;
int i;
- list = alloc(sizeof(*list) * 10, mtp, flags);
+ list = malloc(sizeof(*list) * 10, mtp, flags);
if (list == NULL)
return;
@@ -107,3 +113,11 @@
}
kfree(list);
}
+
+void test_3arg_malloc_leak(struct malloc_type *mtp, int flags) {
+ struct test **list;
+
+ list = malloc(sizeof(*list) * 10, mtp, flags);
+ if (list == NULL)
+ return;
+} // expected-warning{{Potential leak of memory pointed to by 'list'}}
Index: clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
===================================================================
--- clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
@@ -285,7 +285,7 @@
CD_strdup{{"strdup"}, 1}, CD_win_strdup{{"_strdup"}, 1},
CD_kmalloc{{"kmalloc"}, 2}, CD_if_nameindex{{"if_nameindex"}, 1},
CD_if_freenameindex{{"if_freenameindex"}, 1}, CD_wcsdup{{"wcsdup"}, 1},
- CD_win_wcsdup{{"_wcsdup"}, 1}, CD_kfree{{"kfree"}, 2},
+ CD_win_wcsdup{{"_wcsdup"}, 1}, CD_kfree{{"kfree"}, 1},
CD_g_malloc{{"g_malloc"}, 1}, CD_g_malloc0{{"g_malloc0"}, 1},
CD_g_realloc{{"g_realloc"}, 2}, CD_g_try_malloc{{"g_try_malloc"}, 1},
CD_g_try_malloc0{{"g_try_malloc0"}, 1},
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D76917.253085.patch
Type: text/x-patch
Size: 2182 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20200327/f972b0be/attachment-0001.bin>
More information about the cfe-commits
mailing list