search

Quuxplusone / LLVMBugzillaTest

0 stars 0 forks source link

false positive on optional<string> usage #38117

Open Quuxplusone opened 6 years ago

Quuxplusone commented 6 years ago
Bugzilla Link PR39144
Status NEW
Importance P normal
Reported by Matt Godbolt (matt@godbolt.org)
Reported on 2018-10-01 11:48:10 -0700
Last modified on 2018-10-05 19:37:11 -0700
Version 7.0
Hardware PC Linux
CC alexfh@google.com, development@jonas-toth.eu, djasper@google.com, klimek@google.com, llvm-bugs@lists.llvm.org, matt@godbolt.org, noqnoqneo@gmail.com
Fixed by commit(s)
Attachments clang-tidy-bug.tar.gz (441 bytes, application/gzip)
Blocks
Blocked by
See also 
Created attachment 20950
Code as described in the bug

clang-tidy 7.0.0, using GCC 7.2.0 libstdc++

The following code:

--cut-here--
#include <optional>
#include <string>

std::optional<std::string> makeResponse();
void func(const char *, size_t);

void test() {
  auto response = makeResponse();
  if (!response) return;
  func(response->c_str(), response->length());
}
--end-cut-here

when compiled with clang-tidy 7.0.0 using a compilation like:

--cut
[
    {
        "directory": "/home/mattgodbolt/dev/clang-tidy-bug",
        "command": "/usr/bin/g++ -std=gnu++1z -c repro.cc -o repro.o",
        "file": "/home/mattgodbolt/dev/clang-tidy-bug/repro.cc"
    }
]
--end-cut

Yields the following apparently bogus error:

~/clang-7.0.0/bin/clang-tidy repro.cc

1 warning generated.
repro.cc:10:3: warning: Use of memory after it is freed [clang-analyzer-
cplusplus.NewDelete]
  func(response->c_str(), response->length());
  ^
repro.cc:9:7: note: Assuming the condition is false
  if (!response) return;
      ^
repro.cc:9:3: note: Taking false branch
  if (!response) return;
  ^
repro.cc:10:8: note: Dangling inner pointer obtained here
  func(response->c_str(), response->length());
       ^
repro.cc:10:27: note: Calling 'optional::operator->'
  func(response->c_str(), response->length());
                          ^
/usr/bin/../lib/gcc/x86_64-linux-
gnu/7.3.0/../../../../include/c++/7.3.0/optional:697:16: note: Inner pointer
invalidated by call to '__addressof'
      { return std::__addressof(this->_M_get()); }
               ^
repro.cc:10:27: note: Returning; memory was released
  func(response->c_str(), response->length());
                          ^
repro.cc:10:3: note: Use of memory after it is freed
  func(response->c_str(), response->length());
  ^
Quuxplusone commented 6 years ago

Attached clang-tidy-bug.tar.gz (441 bytes, application/gzip): Code as described in the bug

Quuxplusone commented 6 years ago

Correction: I'm using GCC 7.3.0 libstdc++

Quuxplusone commented 6 years ago

Hi Matt,

thank you for reporting the bug. Because this comes from the Static Analyzer and not clang-tidy (as it only calls the CSA) I moved this bug to the other component.

Best Jonas

Quuxplusone commented 6 years ago

Hmm, right, std::addressof() does take the object by a non-const reference, but it certainly doesn't invalidate the object's contents.