xazax.hun marked an inline comment as done.
xazax.hun added inline comments.
================
Comment at: clang/test/Analysis/fuchsia_handle.cpp:210
+ // Because of arrays, structs, the suggestion is to escape when whe no longer
+ // have any pointer to that symbolic region.
+ if (zx_channel_create(0, get_handle_address(), &sb))
----------------
NoQ wrote:
> NoQ wrote:
> > This has nothing to do with symbolic regions. We can run into this problem
> > even if it's a local variable in the current stack frame:
> > ```lang=c++
> > void foo() {
> > zx_handle_t sa, sb;
> > escape(&sb); // Escape *before* create!!
> >
> > zx_channel_create(0, &sa, &sb);
> > zx_handle_close(sa);
> > close_escaped();
> > }
> > ```
> >
> > The solution that'll obviously work would be to keep track of all regions
> > that escaped at least once, and then not even start tracking the handle if
> > it's getting placed into a region that causes an escape when written into
> > or has itself escaped before, but that sounds like a huge overkill.
> >
> > Lemme think. This sounds vaguely familiar but i can't immediately recall
> > what my thoughts were last time i thought about it.
> `$ cat test.c`
> ```lang=c++
> void manage(void **x);
> void free_managed();
>
> void foo() {
> void *x;
> manage(&x);
> x = malloc(1);
> free_managed();
> }
> ```
> `$ clang --analyze test.c`
> ```lang=c++
> test.c:8:3: warning: Potential leak of memory pointed to by 'x'
> free_managed();
> ^~~~~~~~~~~~~~
> 1 warning generated.
> ```
> Sigh.
Oh, I see. Yeah this one will be fun to deal with
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D71041/new/
https://reviews.llvm.org/D71041
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
