[llvm-bugs] [Bug 31458] New: False positive Use-after-free about partclone/srv/btrfs/volumes.c line 170
via llvm-bugs
llvm-bugs at lists.llvm.org
Thu Dec 22 23:28:22 PST 2016
https://llvm.org/bugs/show_bug.cgi?id=31458
Bug ID: 31458
Summary: False positive Use-after-free about
partclone/srv/btrfs/volumes.c line 170
Product: clang
Version: 3.9
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: Static Analyzer
Assignee: kremenek at apple.com
Reporter: xiangzhai83 at gmail.com
CC: llvm-bugs at lists.llvm.org
Classification: Unclassified
Hi clang developers,
After reviewed the code
https://github.com/Thomas-Tsai/partclone/blob/master/src/btrfs/volumes.c#L164
I argue that it is false positive Use-after-free for Clang Static Analyzer
https://pbs.twimg.com/media/C0WBcn6VEAAS1Rp.jpg
because device is reassgin!
while (!list_empty(&fs_devices->devices)) {
--- reassign ----> device = list_entry(fs_devices->devices.next,
struct btrfs_device, dev_list);
if (device->fd != -1) {
fsync(device->fd);
if (posix_fadvise(device->fd, 0, 0, POSIX_FADV_DONTNEED))
fprintf(stderr, "Warning, could not drop caches\n");
close(device->fd);
device->fd = -1;
}
device->writeable = 0;
list_del(&device->dev_list);
/* free the memory */
free(device->name);
free(device->label);
free(device);
}
Regards,
Leslie Zhai
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20161223/faffe172/attachment-0001.html>
More information about the llvm-bugs
mailing list