AZS:分配零大小
内存泄漏
SMR:推测性未初始化内存读取
本节介绍可能的警告原因以及可能发生警告的代码示例。
示例:
#include <stdlib>
int main()
{
int *p = malloc(); // Allocating zero size memory block
}
可能的原因:分配了内存,但是在退出或终止函数之前未释放。
示例:
int foo()
{
int *p = (int*) malloc(sizeof(int));
if (x) {
p = (int *) malloc(5*sizeof(int)); // will cause a leak of the 1st malloc
}
} // The 2nd malloc leaked here
示例:
int i;
if (foo(&i) != 0) /* foo returns nonzero if it has initialized i */
printf("5d\n", i);
编译器可能会针对上面的源代码生成下面的等效代码:
int i;
int t1, t2'
t1 = foo(&i);
t2 = i; /* value in i is loaded. So even if t1 is 0, we have uninitialized read due to speculative load */
if (t1 != 0)
printf("%d\n", t2);