[LLVMbugs] [Bug 21335] New: False positive scoping issues, deref pointer, dead init, uninit arg, val, etc.
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Tue Oct 21 17:45:51 PDT 2014
http://llvm.org/bugs/show_bug.cgi?id=21335
Bug ID: 21335
Summary: False positive scoping issues, deref pointer, dead
init, uninit arg, val, etc.
Product: clang
Version: unspecified
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: Static Analyzer
Assignee: kremenek at apple.com
Reporter: stevemac321 at live.com
CC: llvmbugs at cs.uiuc.edu
Classification: Unclassified
Could be related to active bugs, e.g. 11722?
The main case, simple (suspected)related repro follows:
Scan-build flagged the following in std::<locale>
libcxx/include/locale:3240:21: warning: Dereference of null pointer
*__nc++ = '-';
~~~~~~~~^~~~~
Code looks like this:
if (__wn - __wb.get() > __bz-2)
{
__h.reset((char*)malloc(static_cast<size_t>(__wn - __wb.get() +
2)));
if (__h.get() == 0)
__throw_bad_alloc();
__nc = __h.get();
}
if (__neg)
*__nc++ = '-';
I changed the code and rebuilt the lib like this and still got the warning
//after __h.reset...
__nc = __h.get();
if(__nc == nullptr)
throw..
Here is a stand-alone repro. I do not get the deref issue, but it does seem to
get thrown off by the if blocks
#include <exception>
#include <cstdlib>
#include <iostream>
int main() {
std::unique_ptr<char, void(*)(void*)> sp(0, std::free);
char buf[100];
char * p = buf;
if(true) {
sp.reset((char*)malloc(static_cast<size_t>(99)));
p = sp.get();
if(p == nullptr)
throw std::bad_alloc();
}
if(true)
*p++ = '-';
std::cout << *p;
}
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20141022/9e0fcdf8/attachment.html>
More information about the llvm-bugs
mailing list