[PATCH] D105819: [analyzer] MallocChecker: Add a visitor to leave a note on functions that could have, but did not change ownership on leaked memory

Kristóf Umann via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Thu Jul 29 12:10:10 PDT 2021 

Szelethus added a comment.

Thanks! Here are some results:

All runs can be found here: https://codechecker-demo.eastus.cloudapp.azure.com/Default/runs

Protobuf, Bitcoin, Xerces, TinyXML, PostgreSQL, FFMPEG, OpenSSL, Vim, Redis, Twin, curl:
----------------------------------------------------------------------------------------

Nothing changed.

libWebM:
--------

Ignoring the fact that at both places where memory was allocated there is a `// NOLINT` comment, I think these bug reports have improved greatly. A function is highlighted where each of those memory region could have been added to a container, but were not. Not that I wrote any code to look for this, this is purely luck ;)

No1. <https://codechecker-demo.eastus.cloudapp.azure.com/Default/report-detail?review-status=Unreviewed&review-status=Confirmed%20bug&detection-status=New&detection-status=Reopened&detection-status=Unresolved&run=libWebM_libwebm-1.0.0.27_newdeleteleaksunprune-changed&is-unique=off&diff-type=New&checker-name=cplusplus.NewDeleteLeaks&report-hash=ccc2389911f95446d545137b5b1cd356&report-id=11743&report-filepath=%2Fvar%2Fjenkins_home%2Fworkspace%2Fcsa-measurements%2Fcsa_output%2FlibWebM%2Fmkvmuxer.cpp>, No2. <https://codechecker-demo.eastus.cloudapp.azure.com/Default/report-detail?review-status=Unreviewed&review-status=Confirmed%20bug&detection-status=New&detection-status=Reopened&detection-status=Unresolved&run=libWebM_libwebm-1.0.0.27_newdeleteleaksunprune-changed&is-unique=off&diff-type=New&checker-name=cplusplus.NewDeleteLeaks&report-hash=84fc8b3dd3c5a9ea6cd57a31baa7bf42&report-id=11744&report-filepath=%2Fvar%2Fjenkins_home%2Fworkspace%2Fcsa-measurements%2Fcsa_output%2FlibWebM%2Fmkvmuxer.cpp>

SQLite:
-------

This one isn't as great. I wouldn't expect a function called `buildshifts` to do any sort of dynamic memory management, and its contents support this claim. `stp` is only referencing to retrieve one of its members. More worrying is the fact that `State_insert` seems like the function (or macro, as they are not always capitalized in this project) to deal with this, yet it isn't noted at all in the bug report.

No1. <https://codechecker-demo.eastus.cloudapp.azure.com/Default/report-detail?review-status=Unreviewed&review-status=Confirmed%20bug&detection-status=New&detection-status=Reopened&detection-status=Unresolved&run=SQLite_version-3.33.0_newdeleteleaksunprune-changed&is-unique=off&diff-type=New&checker-name=unix.Malloc&report-hash=fbcbda24375e3336a3ca7ebc0cf8294c&report-id=9357&report-filepath=%2Fvar%2Fjenkins_home%2Fworkspace%2Fcsa-measurements%2Fcsa_output%2FSQLite%2Ftool%2Flemon.c>


CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D105819/new/

https://reviews.llvm.org/D105819

More information about the cfe-commits mailing list