[llvm-bugs] [Bug 48207] New: [ObjC] C structures are not cleaned up correctly when passed as an argument in a method called on a nil receiver

via llvm-bugs llvm-bugs at lists.llvm.org
Tue Nov 17 09:33:01 PST 2020 

https://bugs.llvm.org/show_bug.cgi?id=48207

            Bug ID: 48207
           Summary: [ObjC] C structures are not cleaned up correctly when
                    passed as an argument in a method called on a nil
                    receiver
           Product: clang
           Version: trunk
          Hardware: PC
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: C
          Assignee: unassignedclangbugs at nondot.org
          Reporter: alxr at fb.com
                CC: blitzrakete at gmail.com, dgregor at apple.com,
                    erik.pilkington at gmail.com, llvm-bugs at lists.llvm.org,
                    richard-llvm at metafoo.co.uk

If a C structure is passed as an argument of an objective-c method called on a
nil receiver, this C structure is not cleaned up correctly (ie., weak pointers
in such C structure are not destroyed via objc_destroyWeak and strong pointers
are not released).

The same issue happens in C++ unless destructor is defined for a structure.

It looks like clang expects the callee (receiver) to clean up, but since
receiver is nil the cleanup never happens.
This change may be related: https://reviews.llvm.org/D44908

The following code demonstrates this issue.

$ cat ./main.m
#import <Foundation/Foundation.h>

struct FBStruct {
  __weak id<NSObject> weakPtr;
};

@protocol FBProtocol  <NSObject>
- (void)doSomething:(struct FBStruct)strct;
@end

static void test(NSObject *obj) {
  struct FBStruct strct;
  strct.weakPtr = obj;

  id<FBProtocol> nilReceiver = nil;
  [nilReceiver doSomething:strct]; // Temporary structure never cleaned up
}

int main(int argc, const char * argv[]) {
  test([NSObject new]);
  return 0;
}

$ clang++ -g -fobjc-arc -fobjc-link-runtime ./main.m
$ ./a.out
objc[28864]: __weak variable at 0x7ffeea0d4850 holds 0x7ffeea0d4870 instead of
0x7faa44409750. This is probably incorrect use of objc_storeWeak() and
objc_loadWeak(). Break on objc_weak_error to debug.


I'm able to reproduce this issue on x86_64 (Mac) and ARM (iPhone 11 Pro)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20201117/a1f7d112/attachment.html>

More information about the llvm-bugs mailing list