[PATCH] D60281: [analyzer] Add docs for cplusplus.InnerPointer
Kristóf Umann via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Wed Aug 14 16:30:01 PDT 2019
Szelethus updated this revision to Diff 215281.
Szelethus changed the repository for this revision from rC Clang to rG LLVM Github Monorepo.
Szelethus added a comment.
Revised the documentation according to @NoQ's comments. By literally copy pasting it. Like any good programmer should do :^)
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D60281/new/
https://reviews.llvm.org/D60281
Files:
clang/docs/analyzer/checkers.rst
Index: clang/docs/analyzer/checkers.rst
===================================================================
--- clang/docs/analyzer/checkers.rst
+++ clang/docs/analyzer/checkers.rst
@@ -242,10 +242,38 @@
.. _cplusplus-InnerPointer:
-cplusplus.InnerPointer
-""""""""""""""""""""""
+cplusplus.InnerPointer (C++)
+""""""""""""""""""""""""""""
Check for inner pointers of C++ containers used after re/deallocation.
+Many container methods in the C++ standard library are known to invalidate
+"references" (including actual references, iterators and raw pointers) to
+elements of the container. Using such references after they are invalidated
+causes undefined behavior, which is a common source of memory errors in C++ that
+this checker is capable of finding.
+
+The checker is currently limited to ``std::string`` objects and doesn't
+recognize some of the more sophisticated approaches to passing unowned pointers
+around, such as ``std::string_view``.
+
+.. code-block:: cpp
+
+ void consume(const char *);
+
+ void _deref_after_equals() {
+ std::string s = "llvm";
+ const char *c = s.data(); // note: pointer to inner buffer of 'std::string' obtained here
+ s = "clang"; // note: inner buffer of 'std::string' reallocated by call to 'operator='
+ consume(c); // warn: inner pointer of container used after re/deallocation
+ }
+
+ const char *return_temp() {
+ int x;
+ return std::to_string(x).c_str(); // warn: inner pointer of container used after re/deallocation
+ // note: pointer to inner buffer of 'std::string' obtained here
+ // note: inner buffer of 'std::string' deallocated by call to destructor
+ }
+
.. _cplusplus-NewDelete:
cplusplus.NewDelete (C++)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D60281.215281.patch
Type: text/x-patch
Size: 1695 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20190814/3e4ee246/attachment-0001.bin>
More information about the cfe-commits
mailing list