[cfe-dev] static analysis inlining varargs functions

Anna Zaks ganna at apple.com
Wed Apr 1 11:50:27 PDT 2015


> On Mar 17, 2015, at 1:21 PM, Bob Kuo <Bob.Kuo at riverbed.com> wrote:
> 
> Hello clang developers,
> 
> We recently found a memory leak at work we were not freeing allocated memory returned by the standard C string strdup() function.  I ran the static analyzer against a version of the code with the defect and it didn't detect a memory leak.  When I reduced the code to a simpler test case the static analyzer correctly identified the leak.  After a few iterations I found that the culprit was a varargs function where the variable that held a reference to the allocated memory was a parameter.  With the call to the varargs function commented out, the static analyzer identified the leak.  With the call to the varargs function no warning was produced. 
> 
> Is this a design decision or inherent limit in the static analyzer?  Is this a known issue?  I didn't see any bugs in the tracker.  Should I file a bug?
> 

I am not sure if it is related to the function being varargs or just passing the reference to a function the analyzer does not see. Can you check that?

When a pointer to allocated memory is passed to a function that the analyzer does not see, the analyzer assumes that that function could free it. (This is by design to reduce the number of false positives.)

> Thanks,
> 
> Bob Kuo
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20150401/201a3ebc/attachment.html>


More information about the cfe-dev mailing list