https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99042
David Malcolm <dmalcolm at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |ASSIGNED
Summary|file-leak is wrong |Another false
| |-Wanalyzer-malloc-leak on
| |code path involving unknown
| |function call
Ever confirmed|0 |1
Last reconfirmed| |2021-02-09
--- Comment #1 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
Thanks Antonio.
Confirmed with trunk. A minimal reproducer:
$ cat ../../src/gcc/testsuite/gcc.dg/analyzer/pr99042.c
#include <stdio.h>
struct foo {
FILE *file;
};
extern void unknown_fn ();
int open_next_file(struct foo *p)
{
if ((p->file = fopen("test.txt", "w")) == NULL)
return 1;
unknown_fn ();
return 0;
}
$ ./xgcc -B. -S ../../src/gcc/testsuite/gcc.dg/analyzer/pr99042.c -fanalyzer
In function ‘open_next_file’:
../../src/gcc/testsuite/gcc.dg/analyzer/pr99042.c:14:10: warning: leak of FILE
‘<unknown>’ [CWE-775] [-Wanalyzer-file-leak]
14 | return 0;
| ^
‘open_next_file’: events 1-5
|
| 11 | if ((p->file = fopen("test.txt", "w")) == NULL)
| | ~ ^~~~~~~~~~~~~~~~~~~~~~
| | | |
| | | (1) opened here
| | (2) assuming ‘*p.file’ is non-NULL
| | (3) following ‘false’ branch...
| 12 | return 1;
| 13 | unknown_fn ();
| | ~~~~~~~~~~~~~
| | |
| | (4) ...to here
| 14 | return 0;
| | ~
| | |
| | (5) ‘<unknown>’ leaks here; was opened at (1)
|
The call to the unknown_fn seems to be necessary to trigger the false positive,
which is similar to PR analyzer/98575 (but not fixed by my recent patches for
that); updating Summary field accordingly. In the git example, strbuf_release
is the unknown fn.
