[cfe-dev] How to fix this Clang report bug?

[凌欢]

hi, Jordan:
When I put JceFree(*this) to the function:
MTT_SoftInfoReq * MTT_SoftInfoReq_new()
16033 {
16034     Int32 ret=0;
16035     MTT_SoftInfoReq *this = (MTT_SoftInfoReq *)JceMalloc(sizeof(MTT_SoftInfoReq));
.........
The bug will not report yet. I think the conclusion from Clang scan-build is not accurately.
It reported Used of memory after it is freed, but according the fix steps ,it is not behaves like that.
 
BRs
Howard Ling
*****************************************************
 
E-mail:    linghuan713 at 126.com
 
*****************************************************
在 2013-08-03 09:12:56，"Jordan Rose" <jordan_rose at apple.com> 写道：


On Aug 2, 2013, at 4:08 , 凌欢 <linghuan713 at 126.com> wrote:


HI, all :
Our developers says that if set NULL to the pointer ,it can be used after released , is it right ? Following the the code which is
reported by scan-build and the type is used after release , can anyone tell me how to fix the bug ?
Or is it the false positive ?  please see the attathed .c file for the detail which is start line 896, end line 942.
 Thanks all .


The false positive comes from this line:


| if(JCE_SUCCESS != ret) { returnNULL; } |
|


For some reason, we think that ret == JCE_SUCCESS when the allocation fails, but the path clearly shows JCE_MALLOC_ERROR being returned.  So now the only question is, why does the analyzer think JCE_MALLOC_ERROR and JCE_SUCCESS can be the same thing? Are they defined as "extern Int32" instead of constants?


Jordan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20130806/188b9dfe/attachment.html>