diff options
| author | Jordan Rose <jordan_rose@apple.com> | 2012-06-16 00:09:20 +0000 |
|---|---|---|
| committer | Jordan Rose <jordan_rose@apple.com> | 2012-06-16 00:09:20 +0000 |
| commit | 1bf908df57cc43f3bc7296f4e51f5708bd323c6b (patch) | |
| tree | 6168abf1a59d940bcbbc9c711f288e7b889afab7 /lib/StaticAnalyzer/Checkers/MallocChecker.cpp | |
| parent | 32f498a675df990901e6659d610dc740f9423228 (diff) | |
[analyzer] Buffers passed to CGBitmapContextCreate can escape.
Specifically, although the bitmap context does not take ownership of the
buffer (unlike CGBitmapContextCreateWithData), the data buffer can be extracted
out of the created CGContextRef. Thus the buffer is not leaked even if its
original pointer goes out of scope, as long as
- the context escapes, or
- it is retrieved via CGBitmapContextGetData and freed.
Actually implementing that logic is beyond the current scope of MallocChecker,
so for now CGBitmapContextCreate goes on our system function exception list.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158579 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/StaticAnalyzer/Checkers/MallocChecker.cpp')
| -rw-r--r-- | lib/StaticAnalyzer/Checkers/MallocChecker.cpp | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/lib/StaticAnalyzer/Checkers/MallocChecker.cpp b/lib/StaticAnalyzer/Checkers/MallocChecker.cpp index c22c6a2687..1adcca03fd 100644 --- a/lib/StaticAnalyzer/Checkers/MallocChecker.cpp +++ b/lib/StaticAnalyzer/Checkers/MallocChecker.cpp @@ -1334,12 +1334,14 @@ bool MallocChecker::doesNotFreeMemory(const CallOrObjCMessage *Call, return false; } - // A bunch of other functions, which take ownership of a pointer (See retain - // release checker). Not all the parameters here are invalidated, but the - // Malloc checker cannot differentiate between them. The right way of doing - // this would be to implement a pointer escapes callback. - if (FName == "CVPixelBufferCreateWithBytes" || + // A bunch of other functions which either take ownership of a pointer or + // wrap the result up in a struct or object, meaning it can be freed later. + // (See RetainCountChecker.) Not all the parameters here are invalidated, + // but the Malloc checker cannot differentiate between them. The right way + // of doing this would be to implement a pointer escapes callback. + if (FName == "CGBitmapContextCreate" || FName == "CGBitmapContextCreateWithData" || + FName == "CVPixelBufferCreateWithBytes" || FName == "CVPixelBufferCreateWithPlanarBytes" || FName == "OSAtomicEnqueue") { return false; |