https://gcc.gnu.org/bugzilla/show_bug.cgi?id=119952
Bug ID: 119952
Summary: -Wanalyzer-malloc-leak false positive with
[[gnu::malloc(destructor)]]
Product: gcc
Version: 15.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: dories.spirits_0p at icloud dot com
Target Milestone: ---
This code:
#include <stddef.h>
void my_free(void *);
[[gnu::malloc, gnu::malloc(my_free)]] void * my_malloc(size_t) { return (void
*)3233; } // can be whatever value
void f() {
my_free(my_malloc(1));
}
Results in a malloc leak warning:
<source>: In function 'my_malloc':
<source>:5:73: warning: leak of 'my_malloc(1)' [CWE-401]
[-Wanalyzer-malloc-leak]
5 | [[...]] void * my_malloc(size_t) { return (void *)3233; }
| ^
'f': events 1-3
│
│ 8 | void f() {
│ | ^
│ | |
│ | (1) entry to 'f'
│ 9 | my_free(my_malloc(1));
│ | ~~~~~~~~~~~~~~~~~~~~~
│ | |
│ | (2) allocated here
│ | (3) calling 'my_malloc' from 'f'
│
└──> 'my_malloc': events 4-5
│
│ 5 | [[...]] void * my_malloc(size_t) { return (void *)3233; }
│ | ^~~~~~~~~ ~
│ | | |
│ | (4) entry to 'my_malloc' (5) ⚠️
'my_malloc(1)' leaks here; was allocated at (2)
Seems to happen when compiled at -O0/1/g on GCC 11.1+
https://godbolt.org/z/bcbb37d9W
Doesn't happen if my_malloc returns NULL, unless LTO is enabled
https://godbolt.org/z/qzTsoz3Wb
