Here's another splint warning pattern which occurs very frequently in the code I'm reviewing:
struct_type s; member_type m; s = << ... >> s.m = &m; f(..., ..., &s, ..., ...); Storage m.s reachable from passed parameter is stack (should be implicitly only): &s Storage derivable from a parameter does not match the alias kind expected for the formal parameter. (Use -compmempass to inhibit warning) Enclosing the function call in /[EMAIL PROTECTED]@*/ ... /[EMAIL PROTECTED]@*/ would once again not be a great option since we actually want the other parameters checked. So what to do? What I'd really like is to tell lint that yes, this storage is on the stack, but since the function f will neither deallocate it nor keep it, this is quite okay. I've tried to annotate the parameter corresponding to the structure (&s) as /[EMAIL PROTECTED]@*/, and I've even tried to annotate the structure member (s.m) as /[EMAIL PROTECTED]@*/ too, but the warning against stack storage continues. Of course, an easy way out is: s.m = (member_type *) malloc(sizeof(member_type)); f(..., ..., &s, ..., ...); free(s.m); ... but while it actually works, it is not satisfactory - the first construction seems perfectly all right from a memory management perspective, so I'd like a way to tell splint it's okay. Any suggestions, TIA & br Carsten _______________________________________________ splint-discuss mailing list splint-discuss@mail.cs.virginia.edu http://www.cs.virginia.edu/mailman/listinfo/splint-discuss
