[PATCH] [StaticAnalyzer]Handle Destructor call generated by C++ delete expr
Anna Zaks
zaks.anna at gmail.com
Mon Sep 16 09:54:25 PDT 2013
> When i checked it was being reported at the ending curly brace of the function.
What is the callback that triggers it?
If we skip the first time the use-after-free happens, we report the error in the destructor. However, that destructor is called when processing the second delete, so if we report on the first occurrence of use-after-free, the location should be before we called the destructor, not after.
Can you investigate why that is not the case?
I assume we talk about this example:
void testDoubleDeleteClassInstance() {
DerefClass *foo = new DerefClass();
delete foo;
delete foo; // FIXME: We should ideally report warning here instead of inside the destructor.
}
http://llvm-reviews.chandlerc.com/D1594
More information about the cfe-commits
mailing list