On Mar 8, 2013, at 11:22 , Anna Zaks <[email protected]> wrote: > Anton, > > We've briefly discussed this with Jordan. Below are the cases we should > handle: > > Case 1: The selector starts with "dataWithBytesNoCopy" or > "initWithBytesNoCopy" or "initWithCharactersNoCopy" and "freeWhenDone" is not > set to "0". > We should assume that the call preforms hold action from malloc family. (So > the pointer should not escape and we should model this during ObjCMsgCall > processing)
To explain the rationalization here, Anna pointed out that while it's likely that methods with a "freeWhenDone:" or "...NoCopy:" selector piece all behave as ownership-holders, we can't actually prove it. In particular, if/when MallocChecker gains the ability to reason about custom allocators, someone could very well use "...NoCopy" to mean "I will free this using my custom deallocator", and we don't want to produce a bogus allocator mismatch bug in that case. By the way, by "the selector starts with __", we mean the existing logic of "the first selector piece is __", not "the first selector piece starts with __". Thanks for bearing with us. Jordan
_______________________________________________ cfe-commits mailing list [email protected] http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
