[LLVMbugs] [Bug 20361] New: Improve diagnostics for zero-size alloc.
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Fri Jul 18 12:19:45 PDT 2014
http://llvm.org/bugs/show_bug.cgi?id=20361
Bug ID: 20361
Summary: Improve diagnostics for zero-size alloc.
Product: clang
Version: 3.4
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: Static Analyzer
Assignee: kremenek at apple.com
Reporter: splinterofchaos at gmail.com
CC: llvmbugs at cs.uiuc.edu
Classification: Unclassified
In the fallowing use-case, scan-build's diagnostics do not help.
==================
// alloc.h
#include <string.h>
#include <memory.h>
#include <stdlib.h>
#include <stdio.h>
void *xcalloc(size_t, size_t);
void *xmalloc(size_t);
// alloc.c
#include "alloc.h"
void *xcalloc(size_t count, size_t size)
{
void *ret = calloc(count, size);
if (!ret && (!count || !size))
ret = calloc(1, 1);
if (!ret) {
//try_to_free_memory();
ret = calloc(count, size); // warning here
if (!ret && (!count || !size))
ret = calloc(1, 1);
if (!ret) {
printf("Error: Out of memory.\n");
}
}
return ret;
}
void *xmalloc(size_t size)
{
void *ret = malloc(size);
if (!ret && !size)
ret = malloc(1);
if (!ret) {
//try_to_free_memory();
ret = malloc(size); // no warning
if (!ret && !size)
ret = malloc( 1);
if (!ret) {
printf("Error: Out of memory.\n");
}
}
return ret;
}
// main.c
#include "alloc.h"
int main() {
void* p = xcalloc(0,0); // warning expected
void* q = xmalloc(0); // warning expected
printf("int @ %lu = %i\n", (size_t)p, *(int*)p);
printf("int @ %lu = %i\n", (size_t)q, *(int*)q);
free(p);
free(q);
return 0;
}
// CMakeLists.txt
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --coverage")
set(CMAKE_EXE_LINKER_FLAGS "${SMAKE_EXE_LINKER_FLAGS} --coverage")
set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} --coverage")
add_library(Alloc alloc.c)
add_executable(Main, main.c)
target_link_libraries(Main, Alloc)
==================
Run with:
$ cmake -DCMAKE_C_COMPILER=/usr/share/clang/scan-build/ccc-analyzer
-- Configuring done
-- Generating done
-- Build files have been written to: /home/admin/src/test
$ scan-build make -B
scan-build: Using '/usr/bin/clang' for static analysis
[ 50%] Building C object CMakeFiles/Alloc.dir/alloc.c.o
/home/admin/src/test/alloc.c:14:11: warning: Call to 'calloc' has an allocation
size of 0 bytes
ret = calloc(count, size);
^~~~~~~~~~~~~~~~~~~
1 warning generated.
Linking C static library libAlloc.a
[ 50%] Built target Alloc
[100%] Building C object CMakeFiles/Main,.dir/main.c.o
Linking C executable Main,
[100%] Built target Main,
scan-build: 1 bugs found.
scan-build: Run 'scan-view /tmp/scan-build-2014-07-18-144446-18799-1' to
examine bug reports.
xcalloc() and xmalloc() try never to return NULL unless there is no space left,
and expect the underlying implementation to do the same, but provide a
fall-back in case it doesn't.
scan-build produces a warning for xcalloc()'s definition in alloc.c, but not
the instance, xcalloc(0,0), in main.c. It neither produces a warning for
xmalloc(0), nor xmalloc()'s definition in alloc.c.
xcalloc() may invoke non-uniform behaviour across implementations, but the real
bugs in main.c. In order to help track down zero-sized allocation bugs, or even
implementation-dependent behaviour in legacy code bases, functions like
xcalloc() must be recognized as having the same, or similar, properties as
their underlying *alloc().
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20140718/7ef754aa/attachment.html>
More information about the llvm-bugs
mailing list