[splint-discuss] Passed storage is stack
Michael Wojcik
Michael.Wojcik at MicroFocus.com
Wed Apr 23 08:26:46 PDT 2008
> From: splint-discuss-bounces at cs.virginia.edu
> [mailto:splint-discuss-bounces at cs.virginia.edu] On Behalf Of
> Carsten.Agger at tietoenator.com
> Sent: Wednesday, 23 April, 2008 10:22
>
> Here's another splint warning pattern which occurs very
> frequently in the code I'm reviewing:
>
> struct_type s;
> member_type m;
>
> s = << ... >>
>
> s.m = &m;
>
> f(..., ..., &s, ..., ...);
>
>
> Storage m.s reachable from passed parameter is stack (should
> be implicitly only): &s
> Storage derivable from a parameter does not match the alias
> kind expected for
> the formal parameter. (Use -compmempass to inhibit warning)
I believe this is a bug (or more precisely a missing feature): there's
no annotation currently supported by Splint to tell it that this
parameter to f can point to stack-allocated storage. That's what should
be annotated, IMO - the formal parameter in the declaration of f.
That is, what we want is something like:
int f(/*@notkept@*/ int *p);
to tell Splint that the storage allocated by p is not kept by f, so it
doesn't matter if it's stack. But there is no such annotation.
That's what happens when you use a free, open-source code analyzer
that's been largely unmaintained for years: you find bugs. Static code
analysis is a hard problem, which is why there are fancy commercial
products. I'm afraid your choices are basically to put up with the error
(or with a less-satisfactory solution such as disabling compmempass
around the offending line), fix Splint yourself, or use another code
analyzer.
(After several years of hibernation, there *is* renewed work on Splint,
with the 3.1.2 release last year and occasional fixes in the CVS sources
since. The developers certainly deserve credit for that - quite a few
bugs were fixed in 3.1.2. But there aren't many active developers and
complex problems are not likely to be fixed quickly; the most recent
change was two months ago, I think.)
--
Michael Wojcik
Principal Software Systems Developer, Micro Focus
More information about the splint-discuss
mailing list