public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "dmalcolm at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug analyzer/108648] New: -Wanalyzer-fd-leak false positives seen on haproxy's proto_tcp.c Date: Thu, 02 Feb 2023 22:36:37 +0000 [thread overview] Message-ID: <bug-108648-4@http.gcc.gnu.org/bugzilla/> (raw) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108648 Bug ID: 108648 Summary: -Wanalyzer-fd-leak false positives seen on haproxy's proto_tcp.c Product: gcc Version: 13.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: dmalcolm at gcc dot gnu.org Target Milestone: --- Created attachment 54394 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=54394&action=edit Reproducer The attached reproducer currently emits 3 -Wanalyzer-fd-leak diagnostics with -fanalyzer on trunk, all of which seem to be false positives: https://godbolt.org/z/j3xWjoE5T <source>: In function 'fd_want_recv': <source>:56:11: warning: leak of file descriptor [CWE-775] [-Wanalyzer-fd-leak] 56 | asm volatile("lock btsl %2, %0\n" | ^~~ 'tcp_resume_receiver': events 1-8 | | 117 | int tcp_resume_receiver(struct receiver *rx) { | | ^~~~~~~~~~~~~~~~~~~ | | | | | (1) entry to 'tcp_resume_receiver' |...... | 122 | if (rx->fd < 0) | | ~ | | | | | (2) following 'false' branch... |...... | 125 | if (listen(rx->fd, listener_backlog(l)) == 0) { | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | | || | | |(3) ...to here | | |(4) stream socket marked as passive here via 'listen' | | |(5) when 'listen' succeeds | | (6) following 'true' branch... | 126 | fd_want_recv(l->rx.fd); | | ~~~~~~~~~~~~~~~~~~~~~~ | | | | | (7) ...to here | | (8) calling 'fd_want_recv' from 'tcp_resume_receiver' | +--> 'fd_want_recv': events 9-12 | | 47 | static inline void fd_want_recv(int fd) { | | ^~~~~~~~~~~~ | | | | | (9) entry to 'fd_want_recv' | 48 | if ((fdtab[fd].state & (1U << 0)) || ({ | | ~ | | | | | (10) following 'false' branch... |...... | 56 | asm volatile("lock btsl %2, %0\n" | | ~~~ | | | | | (12) leaks here | 57 | : "+m"(*(&fdtab[fd].state)), "=@ccc"(__ret) | | ~ | | | | | (11) ...to here | <source>: In function 'tcp_suspend_receiver': <source>:97:6: warning: leak of file descriptor '*rx.fd' [CWE-775] [-Wanalyzer-fd-leak] 97 | if (connect(rx->fd, &sa, sizeof(sa)) < 0) | ^ 'tcp_suspend_receiver': events 1-3 | | 94 | if (rx->flags & 0x00000002) | | ^ | | | | | (1) following 'false' branch... |...... | 97 | if (connect(rx->fd, &sa, sizeof(sa)) < 0) | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | | || | | |(2) ...to here | | (3) '*rx.fd' leaks here | <source>: In function 'tcp_resume_receiver': <source>:125:6: warning: leak of file descriptor '*rx.fd' [CWE-775] [-Wanalyzer-fd-leak] 125 | if (listen(rx->fd, listener_backlog(l)) == 0) { | ^ 'tcp_resume_receiver': events 1-3 | | 122 | if (rx->fd < 0) | | ^ | | | | | (1) following 'false' branch... |...... | 125 | if (listen(rx->fd, listener_backlog(l)) == 0) { | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | | || | | |(2) ...to here | | (3) '*rx.fd' leaks here |
reply other threads:[~2023-02-02 22:36 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-108648-4@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).