[LLVMbugs] [Bug 20361] New: Improve diagnostics for zero-size alloc.

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Fri Jul 18 12:19:45 PDT 2014


            Bug ID: 20361
           Summary: Improve diagnostics for zero-size alloc.
           Product: clang
           Version: 3.4
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: splinterofchaos at gmail.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

In the fallowing use-case, scan-build's diagnostics do not help.


// alloc.h
#include <string.h>
#include <memory.h>
#include <stdlib.h>
#include <stdio.h>

void *xcalloc(size_t, size_t);
void *xmalloc(size_t);

// alloc.c
#include "alloc.h"

void *xcalloc(size_t count, size_t size)
  void *ret = calloc(count, size);

  if (!ret && (!count || !size))
    ret = calloc(1, 1);

  if (!ret) {
    ret = calloc(count, size); // warning here
    if (!ret && (!count || !size))
      ret = calloc(1, 1);
    if (!ret) {
      printf("Error: Out of memory.\n");

  return ret;

void *xmalloc(size_t size)
  void *ret = malloc(size);

  if (!ret && !size)
    ret = malloc(1);

  if (!ret) {
    ret = malloc(size); // no warning
    if (!ret && !size)
      ret = malloc( 1);
    if (!ret) {
      printf("Error: Out of memory.\n");

  return ret;

// main.c
#include "alloc.h"

int main() {
  void* p = xcalloc(0,0); // warning expected
  void* q = xmalloc(0);   // warning expected

  printf("int @ %lu = %i\n", (size_t)p, *(int*)p);
  printf("int @ %lu = %i\n", (size_t)q, *(int*)q);
  return 0;

// CMakeLists.txt
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --coverage")

add_library(Alloc alloc.c)
add_executable(Main, main.c) 
target_link_libraries(Main, Alloc)


Run with:
$ cmake -DCMAKE_C_COMPILER=/usr/share/clang/scan-build/ccc-analyzer   
-- Configuring done
-- Generating done
-- Build files have been written to: /home/admin/src/test
$ scan-build make -B 
scan-build: Using '/usr/bin/clang' for static analysis
[ 50%] Building C object CMakeFiles/Alloc.dir/alloc.c.o
/home/admin/src/test/alloc.c:14:11: warning: Call to 'calloc' has an allocation
size of 0 bytes
    ret = calloc(count, size);
1 warning generated.
Linking C static library libAlloc.a
[ 50%] Built target Alloc
[100%] Building C object CMakeFiles/Main,.dir/main.c.o
Linking C executable Main,
[100%] Built target Main,
scan-build: 1 bugs found.
scan-build: Run 'scan-view /tmp/scan-build-2014-07-18-144446-18799-1' to
examine bug reports.

xcalloc() and xmalloc() try never to return NULL unless there is no space left,
and expect the underlying implementation to do the same, but provide a
fall-back in case it doesn't.

scan-build produces a warning for xcalloc()'s definition in alloc.c, but not
the instance, xcalloc(0,0), in main.c. It neither produces a warning for
xmalloc(0), nor xmalloc()'s definition in alloc.c.

xcalloc() may invoke non-uniform behaviour across implementations, but the real
bugs in main.c. In order to help track down zero-sized allocation bugs, or even
implementation-dependent behaviour in legacy code bases, functions like
xcalloc() must be recognized as having the same, or similar, properties as
their underlying *alloc().

You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20140718/7ef754aa/attachment.html>

More information about the llvm-bugs mailing list