<html>

    <head>

      <base href="https://llvm.org/bugs/" />

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW --- - False positive Use-after-free about partclone/srv/btrfs/volumes.c line 170"

   href="https://llvm.org/bugs/show_bug.cgi?id=31458">31458</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>False positive Use-after-free about partclone/srv/btrfs/volumes.c line 170

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>3.9

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>Static Analyzer

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>kremenek@apple.com

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>xiangzhai83@gmail.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>llvm-bugs@lists.llvm.org

          </td>

        </tr>

        <tr>

          <th>Classification</th>

          <td>Unclassified

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Hi clang developers,

After reviewed the code

<a href="https://github.com/Thomas-Tsai/partclone/blob/master/src/btrfs/volumes.c#L164">https://github.com/Thomas-Tsai/partclone/blob/master/src/btrfs/volumes.c#L164</a>

I argue that it is false positive Use-after-free for Clang Static Analyzer

<a href="https://pbs.twimg.com/media/C0WBcn6VEAAS1Rp.jpg">https://pbs.twimg.com/media/C0WBcn6VEAAS1Rp.jpg</a>

because device is reassgin!

    while (!list_empty(&fs_devices->devices)) {

--- reassign ----> device = list_entry(fs_devices->devices.next,

                    struct btrfs_device, dev_list);

        if (device->fd != -1) {

            fsync(device->fd);

            if (posix_fadvise(device->fd, 0, 0, POSIX_FADV_DONTNEED))

                fprintf(stderr, "Warning, could not drop caches\n");

            close(device->fd);

            device->fd = -1;

        }

        device->writeable = 0;

        list_del(&device->dev_list);

        /* free the memory */

        free(device->name);

        free(device->label);

        free(device);

    }

Regards,

Leslie Zhai</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>