From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 88274385E010; Sat, 28 Mar 2020 03:08:26 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 88274385E010 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1585364906; bh=J2aj5HkSpFYlA4WnuUtr3Szi0HkS4CwHIfvNHfaR/L4=; h=From:To:Subject:Date:From; b=k9Y3JEIxkl1lfxarPLWqqXIbcw15RQ9ObmN+aD7tuz145A7b1tWBPJgXSpzn32L+D 3FwJolls8ikB86T6YfSkOoVBHfWHKsSi44vME1tPiK8xrbkicdo7wczL6GSmUdnHT1 vGh7A3imtBtn3Q8wB0H6Sd2o1RB9CmYySBukvAMw= From: "simon.marchi at polymtl dot ca" To: gcc-bugs@gcc.gnu.org Subject: [Bug analyzer/94378] New: -Wanalyzer-malloc-leak false positive when returning a struct by value holding a heap-allocated pointer Date: Sat, 28 Mar 2020 03:08:26 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: analyzer X-Bugzilla-Version: unknown X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: simon.marchi at polymtl dot ca X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: dmalcolm at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: gcc-bugs@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-bugs mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Mar 2020 03:08:26 -0000 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D94378 Bug ID: 94378 Summary: -Wanalyzer-malloc-leak false positive when returning a struct by value holding a heap-allocated pointer Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: simon.marchi at polymtl dot ca Target Milestone: --- I tried the analyzer, and I believe it outputs a false positive on this snippet: ----- #include struct ret { int *mem; }; struct ret do_stuff(void) { struct ret r; r.mem =3D malloc(10); return r; } ----- $ /opt/gcc/git/bin/gcc -c a.c -fanalyzer a.c: In function =E2=80=98do_stuff=E2=80=99: a.c:14:10: warning: leak of =E2=80=98=E2=80=99 [CWE-401] [-Wanalyz= er-malloc-leak] 14 | return r; | ^ =E2=80=98do_stuff=E2=80=99: events 1-2 | | 12 | r.mem =3D malloc(10); | | ^~~~~~~~~~ | | | | | (1) allocated here | 13 |=20 | 14 | return r; | | ~=20 | | | | | (2) =E2=80=98=E2=80=99 leaks here; was alloc= ated at (1) | a.c:14:10: warning: leak of =E2=80=98r.mem=E2=80=99 [CWE-401] [-Wanalyzer-m= alloc-leak] 14 | return r; | ^ =E2=80=98do_stuff=E2=80=99: events 1-3 | | 12 | r.mem =3D malloc(10); | | ~~~~~~~~^~~~~~~~~~ | | | | | | | (1) allocated here | | (2) allocated here | 13 |=20 | 14 | return r; | | ~=20 | | | | | (3) =E2=80=98r.mem=E2=80=99 leaks here; was allocated= at (2) | ----- The caller receives the `struct ret` struct by value, and is expected to fr= ee the `mem` field. I believe the analyzer should not conclude that this is a leak. I am on commit 52f24a9e989300506f812bacb8cc302a8bf03a06 (a commit from earl= ier today).=