[Bug analyzer/95240] New: calloc() false positives

gcc.gnu.org at andred dot net gcc-bugzilla@gcc.gnu.org
Wed May 20 16:05:12 GMT 2020


            Bug ID: 95240
           Summary: calloc() false positives
           Product: gcc
           Version: 10.1.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: analyzer
          Assignee: dmalcolm at gcc dot gnu.org
          Reporter: gcc.gnu.org at andred dot net
  Target Milestone: ---
              Host: x86_64-linux-gnu
            Target: x86_64-linux-gnu
             Build: x86_64-linux-gnu

Created attachment 48574
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=48574&action=edit

Test with: gcc-10 (Debian 10.1.0-2) 10.1.0
(same behaviour with gcc 10.0)

With the attached, I get a false positive:

gcc-10 -Os -fanalyzer -fdiagnostics-path-format=separate-events t.c -o t
t.c: In function ‘initActiveTroubleArray’:
t.c:13:35: warning: leak of ‘<unknown>’ [CWE-401] [-Wanalyzer-malloc-leak]
   13 |     return activeTroubleArray ? 0 : 1;
      |            ~~~~~~~~~~~~~~~~~~~~~~~^~~
t.c:12:26: note: (1) allocated here
   12 |     activeTroubleArray = calloc (1, 1);
      |                          ^~~~~~~~~~~~~
t.c:13:35: note: (2) ‘<unknown>’ leaks here; was allocated at (1)
   13 |     return activeTroubleArray ? 0 : 1;
      |            ~~~~~~~~~~~~~~~~~~~~~~~^~~

The warning goes away in either of the following cases:
* use malloc() instead of calloc() and change nothing else
* remove the test in initActiveTroubleArray() and change nothing else
* declare activeTroubleArray as void * and change nothing else (note that the
warning is triggered when using anything but void * - standard types like char,
long, etc, but also when using struct, enum etc.)

More information about the Gcc-bugs mailing list