Nevermind. I found the answer to my question (I think): just add the
/*...@only@*/ annotation to the declaration of somevar.
But the bug report is still worth looking at.
Cheers,
~K
On Fri, Feb 19, 2010 at 12:44 PM, Kynn Jones <kyn...@gmail.com> wrote:
> Hi. I'm new to splint, and I'm having a hard time interpreting some of its
> warnings. Even after reading the docs I remain confused. Here's a test
> program:
>
> #include <stdlib.h>
> #include <assert.h>
>
> /*...@checkedstrict@*/ static int *somevar;
>
> static void init_ somevar(int n) /*...@globals some...@*/
> /*...@modifies some...@*/ {
> int i;
> somevar = calloc((size_t) n, sizeof *(somevar));
> assert((somevar) != NULL);
> for (i = 0; i < n; ++i) { somevar[i] = 42; }
> return;
> }
>
> int main(void) /*...@globals some...@*/ {
> init_ somevar(3);
> return 0;
> }
>
> When I run it through splint I get one warning:
>
> demo.c: (in function init_ somevar)
> demo.c:8:3: Only storage assigned to unqualified static:
> somevar = calloc((size_t)n, sizeof(*(somevar)))
> The only reference to this storage is transferred to another reference
> (e.g.,
> by returning it) that does not have the only annotation. This may lead to
> a
> memory leak, since the new reference is not necessarily released. (Use
> -onlytrans to inhibit warning)
>
>
> In the original code where I first encountered this warning, all the
> following facts about somevar hold:
>
> 1. the storage that gets assigned to it never gets referred to by any
> other variable;
> 2. somevar and the storage it points to are never modified outside of
> init_somevar;
> 3. init_somevar is called exactly once, shortly after the start of
> execution;
>
> Therefore, as far as I can tell, there's no memory leak risk. How can I
> modify this code so that splint will know that init_somevar is safe?
>
> TIA!
>
> ~K
>
> P.S. BTW, if I add the -strict flag when I run splint on the above code, I
> trigger an Internal Bug in splint:
>
> demo.c: (in function init_somevar)
> demo.c:8:3: Only storage assigned to unqualified static:
> somevar = calloc((size_t)n, sizeof(*(somevar)))
> The only reference to this storage is transferred to another reference
> (e.g.,
> by returning it) that does not have the only annotation. This may lead to
> a
> memory leak, since the new reference is not necessarily released. (Use
> -onlytrans to inhibit warning)
> constraintExpr.c:2499: at source point
> demo.c:12:2: *** Internal Bug at constraintExpr.c:2499: llassert failed:
> constraintTerm_canGetValue (ct) [errno: 25]
> *** Please report bug to sub...@bugs.debian.org (via reportbug) ***
> (attempting to continue, results may be incorrect)
> constraintTerm.c:403: at source point
> demo.c:12:2: *** Internal Bug at constraintTerm.c:403: llassert failed:
> constraintTerm_canGetValue (term) [errno: 25]
> *** Please report bug to sub...@bugs.debian.org (via reportbug) ***
> (attempting to continue, results may be incorrect)
> demo.c:12:2: *** Internal Bug at constraintTerm.c:424:
> constraintTerm.c:424:
> llassert failed: FALSE: Bad branch taken! [errno: 25]
> *** Please report bug to sub...@bugs.debian.org (via reportbug) ***
> (attempting to continue, results may be incorrect)
> demo.c:12:2: *** Internal Bug at constraintTerm.c:431:
> constraintTerm.c:431:
> llassert failed: FALSE: Reached dead code! [errno: 25]
> *** Please report bug to sub...@bugs.debian.org (via reportbug) ***
> demo.c:12:2: Cannot recover from last bug. (If you really want Splint to
> try to
> continue, use -bugslimit <n>.)
> *** Cannot continue.
>
> Compilation exited abnormally with code 1 at Fri Feb 19 12:40:06
>
>
> Also, FWIW, this internal bug is NOT triggered if I comment out the
> for-loop inside of init_somevar.
>
>
_______________________________________________
splint-discuss mailing list
splint-discuss@mail.cs.virginia.edu
http://www.cs.virginia.edu/mailman/listinfo/splint-discuss
