search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
29.15k stars 12.03k forks source link

Analyzer fails to recognize C-style union struct initialization #39231

Open ea7d95e0-10ff-42d2-9b8e-f875ad2084fd opened 5 years ago

ea7d95e0-10ff-42d2-9b8e-f875ad2084fd commented 5 years ago
Bugzilla Link 39884
Version 7.0
OS Linux
CC @devincoughlin

Extended Description

Hi All, I run analysis on a piece of code with:

$ clang-tidy tidy-minimal.c -checks=* --

Code:

include

include

struct a { union { struct { void *b; }; }; };

void something(); void something_else(struct a param);

void myfunction() { struct a c = { .b = malloc(256) }; something_else(&c); }

int main() { myfunction(); }

I get: /.../tidy-minimal.c:18:1: warning: Potential memory leak [clang-analyzer-unix.Malloc] } ^ /.../tidy-minimal.c:21:3: note: Calling 'myfunction' myfunction(); ^ /.../tidy-minimal.c:16:23: note: Memory is allocated struct a c = { .b = malloc(256) }; ^ /.../tidy-minimal.c:18:1: note: Potential memory leak } ^

It looks like it is not handling struct initialization properly because if I remove union -- it produces no warnings

The issue could be related to llvm/llvm-project#35230 but in my case giving union a name does not resolve it.

Thanks!

llvmbot commented 5 years ago

I'm able to reproduce this on a further minimalized source file that might better illustrate issue:

BEGIN

renat>% clang-tidy --version LLVM (http://llvm.org/): LLVM version 7.0.1 Optimized build. Default target: x86_64-unknown-linux-gnu Host CPU: broadwell renat>% clang-tidy -version LLVM (http://llvm.org/): LLVM version 7.0.1 Optimized build. Default target: x86_64-unknown-linux-gnu Host CPU: broadwell renat>% cat tidy-minimaler.c

include

struct a {

ifdef WITH_UNION

union {

endif / WITH_UNION /

        void *b;

ifdef WITH_UNION

};

endif / WITH_UNION /

};

void something_else(struct a *param);

void myfunction() { struct a c = { .b = malloc(256) }; something_else(&c); } renat>% clang-tidy tidy-minimaler.c -- renat>% clang-tidy tidy-minimaler.c -- -DWITH_UNION 1 warning generated. /home/penryu/code/Eden/renat/tidy-minimaler.c:18:1: warning: Potential memory leak [clang-analyzer-unix.Malloc] } ^ /home/penryu/code/Eden/renat/tidy-minimaler.c:16:25: note: Memory is allocated struct a c = { .b = malloc(256) }; ^ /home/penryu/code/Eden/renat/tidy-minimaler.c:18:1: note: Potential memory leak } ^

END

The analyzer is warning of a memory leak when the struct contains a union, but not when the union is absent. The union should have no relevance to the leak.

ea7d95e0-10ff-42d2-9b8e-f875ad2084fd commented 5 years ago

Oh, I see we understand "removing the union" differently, what I mean is the following code:

include

include

struct a { void *b; };

void something(); void something_else(struct a param);

void myfunction() { struct a c = { .b = malloc(256) }; something_else(&c); }

int main() { myfunction(); }

all the same, but no union, this code does not produce any warning:

$ clang-tidy tidy-minimal-no-union.c -checks= -- 445 warnings generated. Suppressed 445 warnings (445 in non-user code). Use -header-filter=. to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. $

llvmbot commented 5 years ago

My misunderstanding comes from what is "removing the union and produces no warning" means?

llvmbot commented 5 years ago

According to your statement "It looks like it is not handling struct initialization properly because if I remove union -- it produces no warnings", but I have removed the union "--" (as shown in command line) and it still show warnings - exactly the opposite of what you have said. Sorry, is that correct, or did I did something wrong?

Thanks.

ea7d95e0-10ff-42d2-9b8e-f875ad2084fd commented 5 years ago

Hi Peter, I am not sure I understand you comment, from the output you provided it looks like it is reproduced, but you say it is not, I am confused, if your output is the same why is it not reproduced?

llvmbot commented 5 years ago

I tried it on 7.0svn but does not seemed to reproduce?

root@877aa7b58ab3:~/test# clang-tidy tidy-minimal.c -checks= Error while trying to load a compilation database: Could not auto-detect compilation database for file "tidy-minimal.c" No compilation database found in /root/test or any parent directory fixed-compilation-database: Error while opening fixed database: No such file or directory json-compilation-database: Error while opening JSON database: No such file or directory Running without flags. 18 warnings generated. /root/test/tidy-minimal.c:20:1: warning: Potential memory leak [clang-analyzer-unix.Malloc] } ^ /root/test/tidy-minimal.c:23:3: note: Calling 'myfunction' myfunction(); ^ /root/test/tidy-minimal.c:18:23: note: Memory is allocated struct a c = { .b = malloc(256) }; ^ /root/test/tidy-minimal.c:20:1: note: Potential memory leak } ^ Suppressed 17 warnings (17 in non-user code). Use -header-filter=. to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.

ea7d95e0-10ff-42d2-9b8e-f875ad2084fd commented 5 years ago

assigned to @devincoughlin