[ccan] [PATCH 1/3] configurator: avoid leaks that LeakSanitizer doesn't like and hide type punning

[Cody P Schafer]

Try turning on optimizations:

x at gun /home/x % cat foo2.c
#include <string.h>
int main(int argc, char *argv[]) {
        (void)argc;
        char pad[sizeof(int *) * 1];
        strncpy(pad, argv[0], sizeof(pad));
#if 1
        return *(int *)(pad) == *(int *)(pad + 1);
#else
        int *x = (int *)pad, *y = (int *)(pad + 1);
        return *x == *y;
#endif
}
x at gun /home/x % gcc foo2.c -Wall -Wextra
x at gun /home/x % gcc foo2.c -Wall -Wextra -O2
foo2.c: In function ‘main’:
foo2.c:7:2: warning: dereferencing type-punned pointer will break
strict-aliasing rules [-Wstrict-aliasing]
  return *(int *)(pad) == *(int *)(pad + 1);
  ^
x at gun /home/x % gcc --version
gcc (GCC) 5.2.0



On Sun, Aug 16, 2015 at 10:30 PM, Rusty Russell <rusty at rustcorp.com.au> wrote:
> Cody P Schafer <dev at codyps.com> writes:
>> These leaks aren't really an issue since they are completely bounded,
>> but if one is building with leak sanitizer enabled (as
>> -fsanitize=address does in gcc-5.1), it kills the configurator, which
>> isn't very useful for us. Add the few free() calls it's looking for.
>
> No problem, I've applied this part.
>
>> As for the type punning: gcc-5.1 (at least) warns about type punning in
>> the previous example. The new usage should be exactly equivalent to the
>> old, but just seperates the cast and deref into 2 statements. Frankly,
>> I'm suprised gcc's type-punning analysis is so limited.
>
> AFAICT you're always allowed to cast char, it's special.
>
> Hmm, gcc-5 here doesn't give a warning:
>
> $ gcc-5 -std=gnu11 -Wall -c /tmp/foo.c
> $ gcc-5 --version
> gcc-5 (Ubuntu 5.1.1-4ubuntu12) 5.1.1 20150504
>
> Confused,
> Rusty.