Nevermind. I found the answer to my question (I think): just add the /*...@only@*/ annotation to the declaration of somevar.
But the bug report is still worth looking at. Cheers, ~K On Fri, Feb 19, 2010 at 12:44 PM, Kynn Jones <kyn...@gmail.com> wrote: > Hi. I'm new to splint, and I'm having a hard time interpreting some of its > warnings. Even after reading the docs I remain confused. Here's a test > program: > > #include <stdlib.h> > #include <assert.h> > > /*...@checkedstrict@*/ static int *somevar; > > static void init_ somevar(int n) /*...@globals some...@*/ > /*...@modifies some...@*/ { > int i; > somevar = calloc((size_t) n, sizeof *(somevar)); > assert((somevar) != NULL); > for (i = 0; i < n; ++i) { somevar[i] = 42; } > return; > } > > int main(void) /*...@globals some...@*/ { > init_ somevar(3); > return 0; > } > > When I run it through splint I get one warning: > > demo.c: (in function init_ somevar) > demo.c:8:3: Only storage assigned to unqualified static: > somevar = calloc((size_t)n, sizeof(*(somevar))) > The only reference to this storage is transferred to another reference > (e.g., > by returning it) that does not have the only annotation. This may lead to > a > memory leak, since the new reference is not necessarily released. (Use > -onlytrans to inhibit warning) > > > In the original code where I first encountered this warning, all the > following facts about somevar hold: > > 1. the storage that gets assigned to it never gets referred to by any > other variable; > 2. somevar and the storage it points to are never modified outside of > init_somevar; > 3. init_somevar is called exactly once, shortly after the start of > execution; > > Therefore, as far as I can tell, there's no memory leak risk. How can I > modify this code so that splint will know that init_somevar is safe? > > TIA! > > ~K > > P.S. BTW, if I add the -strict flag when I run splint on the above code, I > trigger an Internal Bug in splint: > > demo.c: (in function init_somevar) > demo.c:8:3: Only storage assigned to unqualified static: > somevar = calloc((size_t)n, sizeof(*(somevar))) > The only reference to this storage is transferred to another reference > (e.g., > by returning it) that does not have the only annotation. This may lead to > a > memory leak, since the new reference is not necessarily released. (Use > -onlytrans to inhibit warning) > constraintExpr.c:2499: at source point > demo.c:12:2: *** Internal Bug at constraintExpr.c:2499: llassert failed: > constraintTerm_canGetValue (ct) [errno: 25] > *** Please report bug to sub...@bugs.debian.org (via reportbug) *** > (attempting to continue, results may be incorrect) > constraintTerm.c:403: at source point > demo.c:12:2: *** Internal Bug at constraintTerm.c:403: llassert failed: > constraintTerm_canGetValue (term) [errno: 25] > *** Please report bug to sub...@bugs.debian.org (via reportbug) *** > (attempting to continue, results may be incorrect) > demo.c:12:2: *** Internal Bug at constraintTerm.c:424: > constraintTerm.c:424: > llassert failed: FALSE: Bad branch taken! [errno: 25] > *** Please report bug to sub...@bugs.debian.org (via reportbug) *** > (attempting to continue, results may be incorrect) > demo.c:12:2: *** Internal Bug at constraintTerm.c:431: > constraintTerm.c:431: > llassert failed: FALSE: Reached dead code! [errno: 25] > *** Please report bug to sub...@bugs.debian.org (via reportbug) *** > demo.c:12:2: Cannot recover from last bug. (If you really want Splint to > try to > continue, use -bugslimit <n>.) > *** Cannot continue. > > Compilation exited abnormally with code 1 at Fri Feb 19 12:40:06 > > > Also, FWIW, this internal bug is NOT triggered if I comment out the > for-loop inside of init_somevar. > >
_______________________________________________ splint-discuss mailing list splint-discuss@mail.cs.virginia.edu http://www.cs.virginia.edu/mailman/listinfo/splint-discuss