[cfe-dev] known issue? (using checker-232)
Ted Kremenek
kremenek at apple.com
Mon Jan 4 16:21:59 PST 2010
Hi Cristian,
Sorry for the delayed response. This is indeed expected behavior.
The path analysis in the static analyzer involves essentially unrolling loops a finite number of times. To ensure analysis termination, once a threshold is reached (3 iterations) the analysis of a given path is halted. Since the reference to 'array' is live within the loop body, no leak is reported since we do not reach a point in the path where that reference is no longer live.
Fixing this requires gradually improving the analysis of loops, e.g., by increasing the termination threshold for loops of a fixed bound. Changing the handling of loops in the analyzer, however, needs to be done with care as it can substantially effect analysis performance (with a tradeoff of bugs found/missed). It's something I think deserves more attention in the future.
Cheers,
Ted
On Dec 31, 2009, at 12:01 AM, Cristian Draghici wrote:
> Hi
>
> I've bumped into this recently and I can't find on http://llvm.org/bugs/
>
> leak detected:
>
> NSMutableArray *array = [[NSMutableArray alloc] init];
> [array addObject:@"W"];
> [array addObject:@"W"];
>
> leak not detected when more then two iterations:
> NSMutableArray *array = [[NSMutableArray alloc] init];
>
> int i=0;
> for(i=0;i<3;i++)
> [array addObject:@"W"];
>
> Is clang looking at a limited number of iterations and deciding defensively not to signal the leak?
>
> Thanks,
> Cristi
>
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20100104/064c1c48/attachment.html>
More information about the cfe-dev
mailing list