incorrect modeling of std::optional in cplusplus.NewDelete leads to incorrect warnings · Issue #119415 · llvm/llvm-project (original) (raw)
The clang-analyzer incorrectly models the default ~ function for a union object (it calls ~ on some of the options, in contradiction to the C++ standard and actual implementation which does not call ~ on any fields). This results in declaration of double-frees (or lost memory) which don't actually occur at runtime for sample code like this.cat dtor-test.cpp
#include #include
class C { int *once; public: C(int) { std::cout << "C Ctor" << std::endl; once = new int[3]; } C(C&&) = delete; ~C() { std::cout << "C Dtor" << std::endl; delete[] once; } };
int main() { std::optional S{1}; return 0; }
$ clang++ -fPIE -std=c++20 dtor-test.cpp && ./a.out # demo that clang++ runs correctly C Ctor C Dtor $ g++ -fPIE -std=c++20 dtor-test.cpp && ./a.out # demo that g++ runs correctly C Ctor C Dtor $ clang++ --analyze -analyzer-output=text -std=c++20 dtor-test.cpp # demo that clang-analyzer is wrong dtor-test.cpp:14:5: warning: Attempt to free released memory [cplusplus.NewDelete] 14 | delete[] once; | ^