<html>

    <head>

      <base href="http://llvm.org/bugs/" />

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW --- - Warn/static-analysis diagnostic on passing reference to objects that may be invalidated"

   href="http://llvm.org/bugs/show_bug.cgi?id=21102">21102</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>Warn/static-analysis diagnostic on passing reference to objects that may be invalidated

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>trunk

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>All

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>All

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>enhancement

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>Static Analyzer

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>kremenek@apple.com

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>seth.cantrell@gmail.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>llvmbugs@cs.uiuc.edu

          </td>

        </tr>

        <tr>

          <th>Classification</th>

          <td>Unclassified

          </td>

        </tr></table>

      <p>

        <div>

        <pre>In his presentation 'Back to the Basics! Essentials of Modern C++ Style'[1]

Herb Sutter calls out one case of using smart pointers that can cause object

lifetime errors:

    #include <memory>

    #include <cassert>

    #include <vector>

    struct widget { std::vector<int> v {1,2,3}; };

    std::shared_ptr<widget> g_p = std::make_shared<widget>();

    void g() {

      g_p = nullptr;

    }

    void use(widget &w) {

      assert(w.v.size() == 3);

    }

    void f(widget &w) {

      g();

      use(w);

    }

    int main() {

      f(*g_p);

    }

The above program invokes undefined behavior by accessing an object through an

invalidated reference.

Herb argues that the code `f(*g_p)` should not pass code reviews and that this

problem should be statically detectable (at 25 to 27 minutes into his

presentation [2]). It would be nice to have this automated check, as a compiler

warning if possible, but at least as a static analyzer check.

Furthermore, the same error can happen with non-smart-pointer managed objects.

Here's an example that the analyzer doesn't currently catch but which might be

usefully caught:

    #include <cassert>

    int *p;

    void g() {

      *p = 0;

      delete p;

      p = nullptr;

    }

    void use(int &i) {

      assert(i == 10);

    }

    void f(int &i) {

      g();

      use(i);

    }

    int main() {

      p = new int{10}

      f(*p);

    }

[1]:

<a href="https://github.com/CppCon/CppCon2014/tree/master/Presentations/Back%20to%20the%20Basics!%20Essentials%20of%20Modern%20C%2B%2B%20Style">https://github.com/CppCon/CppCon2014/tree/master/Presentations/Back%20to%20the%20Basics!%20Essentials%20of%20Modern%20C%2B%2B%20Style</a>

[2]: <a href="https://www.youtube.com/watch?v=xnqTKD8uD64">https://www.youtube.com/watch?v=xnqTKD8uD64</a></pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>