We have a wrapper around malloc (that usually calls abort if malloc
fails). That's easy: I can just add
__attribute((ownership_returns(malloc,1))).
We also have a wrapper around realloc. How can I annotate that? I tried
__attribute((ownership_returns(malloc,2)))
__attribute((ownership_takes(malloc,1)))
but that gives the error Memory allocated by wrap_malloc() should be
deallocated by free(), not wrap_realloc().
Interesting. I don’t think we’ve ever tried to stack ownership attributes, but this makes plenty of sense. Please file a bug with a standalone test case, though I can’t promise we’ll get to it any time soon. Meanwhile, you can disable the “unix.MismatchedDeallocator” checker until this is fixed.
(CCing Anton, who wrote most of unix.MismatchedDeallocator)
Jordan
OK, I've done that. As Anna noted, actually this produces too many false
positives anyway.
I think what I hoped is that the annotations would let me tie in to the
existing malloc warnings (which
would allow me to usefully annotate other functions which I know return
allocated memory which
ought to be freed) but in fact it's using a quite different checker which
(for our codebase) is too noisy to
be useful.