clang-analyzer-alpha.cplusplus.DeleteWithNonVirtualDtor does not handle indirection through base pointer

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.

http://llvm.org

Other

29.24k stars 12.07k forks source link

clang-analyzer-alpha.cplusplus.DeleteWithNonVirtualDtor does not handle indirection through base pointer #117230

Open tiagomacarios opened 1 day ago

tiagomacarios commented 1 day ago

The following code will trigger clang-analyzer-alpha.cplusplus.DeleteWithNonVirtualDtor https://godbolt.org/z/7jPa8dr5W

#include <cstdio>

struct A {};

struct B : A {
    virtual ~B() { std::puts("B dtor"); }
};

struct C : B {
    ~C() { std::puts("C dtor"); }
};

int main() {
    C* c1 = new C{};
    C* c2 = nullptr;

    A** pp = (A**)&c2; // note: Casting from 'C' to 'A' here
    *pp = c1;

    delete c2; // warning: Destruction of a polymorphic object with no virtual destructor [clang-analyzer-alpha.cplusplus.DeleteWithNonVirtualDtor]
}

llvmbot commented 1 day ago

@llvm/issue-subscribers-clang-static-analyzer

Author: Tiago (tiagomacarios)

The following code will trigger clang-analyzer-alpha.cplusplus.DeleteWithNonVirtualDtor https://godbolt.org/z/7jPa8dr5W ``` #include <cstdio> struct A {}; struct B : A { virtual ~B() { std::puts("B dtor"); } }; struct C : B { ~C() { std::puts("C dtor"); } }; int main() { C* c1 = new C{}; C* c2 = nullptr; A** pp = (A**)&c2; // note: Casting from 'C' to 'A' here *pp = c1; delete c2; // warning: Destruction of a polymorphic object with no virtual destructor [clang-analyzer-alpha.cplusplus.DeleteWithNonVirtualDtor] } ```

steakhal commented 1 day ago

Yea, the checker should have checked if the pointer is null and ignore it if its null. I guess, there are other reasons too why this checker is alpha (aka. experimental).

Thanks for the report.