[llvm-bugs] [Bug 39356] New: False positive "use of memory after it is freed" after overwriting struct pointer
via llvm-bugs
llvm-bugs at lists.llvm.org
Fri Oct 19 10:03:45 PDT 2018
https://bugs.llvm.org/show_bug.cgi?id=39356
Bug ID: 39356
Summary: False positive "use of memory after it is freed" after
overwriting struct pointer
Product: clang
Version: 7.0
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: Static Analyzer
Assignee: dcoughlin at apple.com
Reporter: peter at lekensteyn.nl
CC: llvm-bugs at lists.llvm.org
The following minimal reproducer triggers a false positive:
#include <stdlib.h>
struct array {
int count; // first field must be present to trigger issue
int *nodes;
};
// arr must not be an automatic variable, but a parameter or global.
void array_insert(struct array *arr) {
struct array arr2;
arr2.nodes = calloc(1, sizeof(int));
free(arr->nodes);
*arr = arr2;
arr->nodes[0] = 1; // false-positive.c:14:19: warning: Use of memory after
it is freed
}
arr2.nodes is newly allocated and replaces the 'nodes' member of 'arr', but
somehow this is not recognized.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20181019/b8182db4/attachment.html>
More information about the llvm-bugs
mailing list