<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - False positive coming from EXPECT_NEAR in googletest (aka gtest)."

   href="https://bugs.llvm.org/show_bug.cgi?id=44712">44712</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>False positive coming from EXPECT_NEAR in googletest (aka gtest).

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>9.0

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>enhancement

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>Static Analyzer

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>dcoughlin@apple.com

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>cassio.neri@gmail.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>dcoughlin@apple.com, llvm-bugs@lists.llvm.org

          </td>

        </tr></table>

      <p>

        <div>

        <pre>The static analyzer issues two false positives inside googletest in this code.

    #include <gtest/gtest.h>

    TEST(Foo, Test) {

        EXPECT_NEAR(1.0, 1.1, 0.2);

    }

$ scan-build clang++ -std=c++17 -g -c file.cpp

/usr/include/gtest/internal/gtest-port.h:1205:20: warning: Use of memory after

it is freed

  T* get() const { return ptr_; }

                   ^~~~~~~~~~~

/usr/include/gtest/internal/gtest-port.h:1216:16: warning: Attempt to delete

released memory

        delete ptr_;

               ^

The following short self-contained example reproduces the issue. (For easy of

reference, it uses the same names that appear inside googletest's code.)

    template <typename T>

    struct scoped_ptr {

        ~scoped_ptr() { delete ptr_; }

        T* ptr_;

    };

    struct AssertionResult {

        operator bool() const { return success_; }

        char* message() const { return message_.ptr_; }

        bool success_;

        scoped_ptr<char> message_;

    };

    AssertionResult DoubleNearPredFormat();

    void partial_expansion_of_EXPECT_NEAR() {

        if (const AssertionResult gtest_ar = (DoubleNearPredFormat()))

            gtest_ar.message();

    }

FWIW: Any of the following changes make the problem to go away:

1) Removing the extra parentheses around the call to DoubleNearPredFormat().

(This is very surprising to me. Indeed, the need to add those parentheses to

reproduce the issue was quite hard to find!)

2) Replacing scoped_ptr with std::unique_ptr. (Although not identical, these

classes are similar.)

3) Making scoped_ptr a non template and substituting T by char.

I've seen this behavior with clang 7.1 and 9.0.</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>