Hi. I'm new to splint, and I'm having a hard time interpreting some of its warnings. Even after reading the docs I remain confused. Here's a test program:
#include <stdlib.h> #include <assert.h> /*...@checkedstrict@*/ static int *somevar; static void init_ somevar(int n) /*...@globals some...@*/ /*...@modifies some...@*/ { int i; somevar = calloc((size_t) n, sizeof *(somevar)); assert((somevar) != NULL); for (i = 0; i < n; ++i) { somevar[i] = 42; } return; } int main(void) /*...@globals some...@*/ { init_ somevar(3); return 0; } When I run it through splint I get one warning: demo.c: (in function init_ somevar) demo.c:8:3: Only storage assigned to unqualified static: somevar = calloc((size_t)n, sizeof(*(somevar))) The only reference to this storage is transferred to another reference (e.g., by returning it) that does not have the only annotation. This may lead to a memory leak, since the new reference is not necessarily released. (Use -onlytrans to inhibit warning) In the original code where I first encountered this warning, all the following facts about somevar hold: 1. the storage that gets assigned to it never gets referred to by any other variable; 2. somevar and the storage it points to are never modified outside of init_somevar; 3. init_somevar is called exactly once, shortly after the start of execution; Therefore, as far as I can tell, there's no memory leak risk. How can I modify this code so that splint will know that init_somevar is safe? TIA! ~K P.S. BTW, if I add the -strict flag when I run splint on the above code, I trigger an Internal Bug in splint: demo.c: (in function init_somevar) demo.c:8:3: Only storage assigned to unqualified static: somevar = calloc((size_t)n, sizeof(*(somevar))) The only reference to this storage is transferred to another reference (e.g., by returning it) that does not have the only annotation. This may lead to a memory leak, since the new reference is not necessarily released. (Use -onlytrans to inhibit warning) constraintExpr.c:2499: at source point demo.c:12:2: *** Internal Bug at constraintExpr.c:2499: llassert failed: constraintTerm_canGetValue (ct) [errno: 25] *** Please report bug to sub...@bugs.debian.org (via reportbug) *** (attempting to continue, results may be incorrect) constraintTerm.c:403: at source point demo.c:12:2: *** Internal Bug at constraintTerm.c:403: llassert failed: constraintTerm_canGetValue (term) [errno: 25] *** Please report bug to sub...@bugs.debian.org (via reportbug) *** (attempting to continue, results may be incorrect) demo.c:12:2: *** Internal Bug at constraintTerm.c:424: constraintTerm.c:424: llassert failed: FALSE: Bad branch taken! [errno: 25] *** Please report bug to sub...@bugs.debian.org (via reportbug) *** (attempting to continue, results may be incorrect) demo.c:12:2: *** Internal Bug at constraintTerm.c:431: constraintTerm.c:431: llassert failed: FALSE: Reached dead code! [errno: 25] *** Please report bug to sub...@bugs.debian.org (via reportbug) *** demo.c:12:2: Cannot recover from last bug. (If you really want Splint to try to continue, use -bugslimit <n>.) *** Cannot continue. Compilation exited abnormally with code 1 at Fri Feb 19 12:40:06 Also, FWIW, this internal bug is NOT triggered if I comment out the for-loop inside of init_somevar.
_______________________________________________ splint-discuss mailing list splint-discuss@mail.cs.virginia.edu http://www.cs.virginia.edu/mailman/listinfo/splint-discuss