https://bugs.llvm.org/show_bug.cgi?id=39356
Bug ID: 39356
Summary: False positive "use of memory after it is freed" after
overwriting struct pointer
Product: clang
Version: 7.0
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: Static Analyzer
Assignee: dcough...@apple.com
Reporter: pe...@lekensteyn.nl
CC: llvm-bugs@lists.llvm.org
The following minimal reproducer triggers a false positive:
#include <stdlib.h>
struct array {
int count; // first field must be present to trigger issue
int *nodes;
};
// arr must not be an automatic variable, but a parameter or global.
void array_insert(struct array *arr) {
struct array arr2;
arr2.nodes = calloc(1, sizeof(int));
free(arr->nodes);
*arr = arr2;
arr->nodes[0] = 1; // false-positive.c:14:19: warning: Use of memory after
it is freed
}
arr2.nodes is newly allocated and replaces the 'nodes' member of 'arr', but
somehow this is not recognized.
--
You are receiving this mail because:
You are on the CC list for the bug._______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
