AZS:分配零大小
内存泄漏
SMR:推测性未初始化内存读取
本节介绍可能的警告原因以及可能发生警告的代码示例。
示例:
#include <stdlib> int main() { int *p = malloc(); // Allocating zero size memory block }
可能的原因:分配了内存,但是在退出或终止函数之前未释放。
示例:
int foo() { int *p = (int*) malloc(sizeof(int)); if (x) { p = (int *) malloc(5*sizeof(int)); // will cause a leak of the 1st malloc } } // The 2nd malloc leaked here
示例:
int i; if (foo(&i) != 0) /* foo returns nonzero if it has initialized i */ printf("5d\n", i);
编译器可能会针对上面的源代码生成下面的等效代码:
int i; int t1, t2' t1 = foo(&i); t2 = i; /* value in i is loaded. So even if t1 is 0, we have uninitialized read due to speculative load */ if (t1 != 0) printf("%d\n", t2);