[splint-discuss] memory leak detection
David Evans
evans at cs.virginia.edu
Sun Nov 2 09:59:05 EST 2003
On Sun, 2 Nov 2003, Roland Illig wrote:
> On Sat, Nov 01, 2003 at 09:58:46PM -0500, David Evans wrote:
> >
> > Splint's analysis isn't sophisticated enough to figure this out. If you
> > do,
> >
> > free(this_string);
> > this_string = NULL;
> >
> > it will prevent the warning.
>
> I just checked the manual, and in clause 5.2.1#5 it states that
>
> "After the release obligation is transferred, the original reference
> is a dead pointer and the storage it points to may not be used."
>
> 5.2.1#3 says:
>
> * assign it to an external reference declared with an only annotation
>
> According to these statements, the following program should be ok,
> shouldn't it?
>
The warning isn't complaining directly about a memory leak here --- its
complaining about the state of this_string being different along two
paths. Along the true path, it does
last_string = this_string;
which makes this_string dependent (but live). On the false branch, it
does free(this_string) which makes this_string dead. As the warning
explains,
The state of a variable is different depending on which branch is taken.
This means no annotation can sensibly be applied to the storage. (Use
-branchstate to inhibit warning)
Splint's analysis avoids path explosion by merging states after multi-path
statements, but in this case the states are inconsistent so a warning is
produced. If splint had more path sensitive analyses, or dealt with local
variable assignments in a better way, it would be able to avoid producing
the spurious warning here.
--- Dave
More information about the splint-discuss
mailing list