search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
27.64k stars 11.37k forks source link

scan-build reports false-positive with boost signals #51886

Open 197f5eff-fce7-4a1b-93ff-9ee37368297e opened 2 years ago

197f5eff-fce7-4a1b-93ff-9ee37368297e commented 2 years ago
Bugzilla Link 52544
Version 13.0
OS Linux
Attachments HTML output of scan-build
CC @devincoughlin,@apollo13

Extended Description

Hi there,

I have scan-build reporting a false positive. I am not 100% sure though, since this code is a bit over my head and my analysis might have been wrong.

What I did so far:

Looking through the report I think it might indeed be a bug in scan-build (although it might not be easily fixable and might have to be reported to boost signals2/smart_ptr instead).

I have attached the generated html output, the cpp in question is:

#include <boost/signals2.hpp>
#include <boost/bind/bind.hpp>
#include <iostream>

using namespace boost;
using namespace boost::signals2;
using namespace std;

signal<void ()> SigA;

struct ClassB
{
    void PrintFoo() { cout << "Foo" << endl; }
};

int main()
{
    ClassB b;
    SigA.connect(bind(&ClassB::PrintFoo, &b));
}

and scan-build reports:

scan-build: Using '/usr/bin/clang-13' for static analysis
In file included from test.cpp:1:
In file included from /usr/include/boost/signals2.hpp:15:
In file included from /usr/include/boost/signals2/deconstruct.hpp:28:
In file included from /usr/include/boost/shared_ptr.hpp:17:
In file included from /usr/include/boost/smart_ptr/shared_ptr.hpp:17:
/usr/include/boost/smart_ptr/detail/shared_count.hpp:586:22: warning: Use of memory after it is freed [cplusplus.NewDelete]
        if(pi_ != 0) pi_->weak_release();
                     ^~~~~~~~~~~~~~~~~~~
1 warning generated.
scan-build: Analysis run complete.
scan-build: 1 bug found.
scan-build: Run 'scan-view /tmp/scan-build-2021-11-18-124707-36387-1' to examine bug reports.

Please let me know what you need and whether I should report this to boost instead.

197f5eff-fce7-4a1b-93ff-9ee37368297e commented 2 years ago

assigned to @devincoughlin