Hopefully :) Thanks, Dmitry
2013/8/15 Jordan Rose <[email protected]>: > Hopefully we'll get a generalized ownership checker for that -- see > http://clang-analyzer.llvm.org/open_projects.html. > > Jordan > > > On Aug 15, 2013, at 10:54 , Дмитрий Дьяченко <[email protected]> wrote: > >> Nice! >> >> time to revisit http://llvm.org/bugs/show_bug.cgi?id=8395#c3 ? >> >> Dmitry >> >> 2013/8/15 Jordan Rose <[email protected]>: >>> Author: jrose >>> Date: Thu Aug 15 12:22:06 2013 >>> New Revision: 188468 >>> >>> URL: http://llvm.org/viewvc/llvm-project?rev=188468&view=rev >>> Log: >>> [analyzer] If realloc fails on an escaped region, that region doesn't leak. >>> >>> When a region is realloc()ed, MallocChecker records whether it was known >>> to be allocated or not. If it is, and the reallocation fails, the original >>> region has to be freed. Previously, when an allocated region escaped, >>> MallocChecker completely stopped tracking it, so a failed reallocation >>> still (correctly) wouldn't require freeing the original region. Recently, >>> however, MallocChecker started tracking escaped symbols, so that if it were >>> freed we could check that the deallocator matched the allocator. This >>> broke the reallocation model for whether or not a symbol was allocated. >>> >>> Now, MallocChecker will actually check if a symbol is owned, and only >>> require freeing after a failed reallocation if it was owned before. >>> >>> PR16730 >>> >>> Modified: >>> cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp >>> cfe/trunk/test/Analysis/malloc.c >>> >>> Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp >>> URL: >>> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp?rev=188468&r1=188467&r2=188468&view=diff >>> ============================================================================== >>> --- cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp (original) >>> +++ cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp Thu Aug 15 >>> 12:22:06 2013 >>> @@ -1060,7 +1060,7 @@ ProgramStateRef MallocChecker::FreeMemAu >>> } >>> } >>> >>> - ReleasedAllocated = (RsBase != 0); >>> + ReleasedAllocated = (RsBase != 0) && RsBase->isAllocated(); >>> >>> // Clean out the info on previous call to free return info. >>> State = State->remove<FreeReturnValue>(SymBase); >>> >>> Modified: cfe/trunk/test/Analysis/malloc.c >>> URL: >>> http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/malloc.c?rev=188468&r1=188467&r2=188468&view=diff >>> ============================================================================== >>> --- cfe/trunk/test/Analysis/malloc.c (original) >>> +++ cfe/trunk/test/Analysis/malloc.c Thu Aug 15 12:22:06 2013 >>> @@ -1207,6 +1207,16 @@ void freeMemory() { >>> } >>> } >>> >>> +// PR16730 >>> +void testReallocEscaped(void **memory) { >>> + *memory = malloc(47); >>> + char *new_memory = realloc(*memory, 47); >>> + if (new_memory != 0) { >>> + *memory = new_memory; >>> + } >>> +} >>> + >>> + >>> // >>> ---------------------------------------------------------------------------- >>> // False negatives. >>> >>> >>> >>> _______________________________________________ >>> cfe-commits mailing list >>> [email protected] >>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits > _______________________________________________ cfe-commits mailing list [email protected] http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
