caio/clang-p2996
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1bf05fbc987dddebe94de7b33d810d8221eda1a5
clang-p2996/clang/test/Analysis/NewDeleteLeaks.cpp
Kristóf Umann 9d359f6c73 [analyzer] MallocChecker: Add notes from NoOwnershipChangeVisitor only when a function "intents", but doesn't change ownership, enable by default 
D105819 Added NoOwnershipChangeVisitor, but it is only registered when an
off-by-default, hidden checker option was enabled. The reason behind this was
that it grossly overestimated the set of functions that really needed a note:

std::string getTrainName(const Train *T) {
  return T->name;
} // note: Retuning without changing the ownership of or deallocating memory
// Umm... I mean duh? Nor would I expect this function to do anything like that...

void foo() {
  Train *T = new Train("Land Plane");
  print(getTrainName(T)); // note: calling getTrainName / returning from getTrainName
} // warn: Memory leak

This patch adds a heuristic that guesses that any function that has an explicit
operator delete call could have be responsible for deallocating the memory that
ended up leaking. This is waaaay too conservative (see the TODOs in the new
function), but it safer to err on the side of too little than too much, and
would allow us to enable the option by default *now*, and add refinements
one-by-one.

Differential Revision: https://reviews.llvm.org/D108753
2021-09-13 15:01:20 +02:00

141 lines
5.0 KiB
C++
Raw Blame History

// RUN: %clang_analyze_cc1 -verify -analyzer-output=text %s \
// RUN: -analyzer-checker=core \
// RUN: -analyzer-checker=cplusplus \
// RUN: -analyzer-checker=unix \
// RUN: -analyzer-config \
// RUN: unix.DynamicMemoryModeling:AddNoOwnershipChangeNotes=false
// RUN: %clang_analyze_cc1 -verify=expected,ownership -analyzer-output=text %s \
// RUN: -analyzer-checker=core \
// RUN: -analyzer-checker=cplusplus \
// RUN: -analyzer-checker=unix \
// RUN: -analyzer-config \
// RUN: unix.DynamicMemoryModeling:AddNoOwnershipChangeNotes=true
#include "Inputs/system-header-simulator-for-malloc.h"
//===----------------------------------------------------------------------===//
// Report for which we expect NoOwnershipChangeVisitor to add a new note.
//===----------------------------------------------------------------------===//
bool coin();
// TODO: AST analysis of sink would reveal that it doesn't intent to free the
// allocated memory, but in this instance, its also the only function with
// the ability to do so, we should see a note here.
namespace memory_allocated_in_fn_call {
void sink(int *P) {
}
void foo() {
sink(new int(5)); // expected-note {{Memory is allocated}}
} // expected-warning {{Potential memory leak [cplusplus.NewDeleteLeaks]}}
// expected-note@-1 {{Potential memory leak}}
} // namespace memory_allocated_in_fn_call
namespace memory_passed_to_fn_call {
void sink(int *P) {
if (coin()) // ownership-note {{Assuming the condition is false}}
// ownership-note@-1 {{Taking false branch}}
delete P;
} // ownership-note {{Returning without deallocating memory or storing the pointer for later deallocation}}
void foo() {
int *ptr = new int(5); // expected-note {{Memory is allocated}}
sink(ptr); // ownership-note {{Calling 'sink'}}
// ownership-note@-1 {{Returning from 'sink'}}
} // expected-warning {{Potential leak of memory pointed to by 'ptr' [cplusplus.NewDeleteLeaks]}}
// expected-note@-1 {{Potential leak}}
} // namespace memory_passed_to_fn_call
namespace memory_shared_with_ptr_of_shorter_lifetime {
void sink(int *P) {
int *Q = P;
if (coin()) // ownership-note {{Assuming the condition is false}}
// ownership-note@-1 {{Taking false branch}}
delete P;
(void)Q;
} // ownership-note {{Returning without deallocating memory or storing the pointer for later deallocation}}
void foo() {
int *ptr = new int(5); // expected-note {{Memory is allocated}}
sink(ptr); // ownership-note {{Calling 'sink'}}
// ownership-note@-1 {{Returning from 'sink'}}
} // expected-warning {{Potential leak of memory pointed to by 'ptr' [cplusplus.NewDeleteLeaks]}}
// expected-note@-1 {{Potential leak}}
} // namespace memory_shared_with_ptr_of_shorter_lifetime
//===----------------------------------------------------------------------===//
// Report for which we *do not* expect NoOwnershipChangeVisitor add a new note,
// nor do we want it to.
//===----------------------------------------------------------------------===//
namespace memory_not_passed_to_fn_call {
void sink(int *P) {
if (coin())
delete P;
}
void foo() {
int *ptr = new int(5); // expected-note {{Memory is allocated}}
int *q = nullptr;
sink(q);
(void)ptr;
} // expected-warning {{Potential leak of memory pointed to by 'ptr' [cplusplus.NewDeleteLeaks]}}
// expected-note@-1 {{Potential leak}}
} // namespace memory_not_passed_to_fn_call
namespace memory_shared_with_ptr_of_same_lifetime {
void sink(int *P, int **Q) {
// NOTE: Not a job of NoOwnershipChangeVisitor, but maybe this could be
// highlighted still?
*Q = P;
}
void foo() {
int *ptr = new int(5); // expected-note {{Memory is allocated}}
int *q = nullptr;
sink(ptr, &q);
} // expected-warning {{Potential leak of memory pointed to by 'q' [cplusplus.NewDeleteLeaks]}}
// expected-note@-1 {{Potential leak}}
} // namespace memory_shared_with_ptr_of_same_lifetime
namespace memory_passed_into_fn_that_doesnt_intend_to_free {
void sink(int *P) {
}
void foo() {
int *ptr = new int(5); // expected-note {{Memory is allocated}}
sink(ptr);
} // expected-warning {{Potential leak of memory pointed to by 'ptr' [cplusplus.NewDeleteLeaks]}}
// expected-note@-1 {{Potential leak}}
} // namespace memory_passed_into_fn_that_doesnt_intend_to_free
namespace refkind_from_unoallocated_to_allocated {
// RefKind of the symbol changed from nothing to Allocated. We don't want to
// emit notes when the RefKind changes in the stack frame.
static char *malloc_wrapper_ret() {
return (char *)malloc(12); // expected-note {{Memory is allocated}}
}
void use_ret() {
char *v;
v = malloc_wrapper_ret(); // expected-note {{Calling 'malloc_wrapper_ret'}}
// expected-note@-1 {{Returned allocated memory}}
} // expected-warning {{Potential leak of memory pointed to by 'v' [unix.Malloc]}}
// expected-note@-1 {{Potential leak of memory pointed to by 'v'}}
} // namespace refkind_from_unoallocated_to_allocated
Reference in New Issue View Git Blame Copy Permalink