| Issue |
114201
|
| Summary |
Dangling false positive if the the owner is also moved in the initializer.
|
| Labels |
clang:diagnostics,
clang:memory-safety
|
| Assignees |
|
| Reporter |
hokein
|
This issue is identified in #112751.
```cpp
// case1
namespace std {
template<typename T>
struct unique_ptr {
T &operator*();
T *get() const [[clang::lifetimebound]];
};
} // namespace std
struct X {
X(std::unique_ptr<int> up) :
pointer(up.get()), owner(std::move(up)) {}
int *pointer;
std::unique_ptr<int> owner;
};
```
When we add the `clang::lifetimebound` annotation to `unique_ptr::get()`, clang emits a dangling-field warning for the `pointer(up.get())` member initializer. This warning is a false positive in this context, as the `owner` member is moved as part of the initialization, retaining ownership.
Another example occurs in designated-initializer cases:
```cpp
// case2
struct X {
int *pointer;
std::unique_ptr<int> owner;
};
X func(std::unique_ptr<int> up) {
return {
.pointer = up.get(),
.owner = std::move(up)
};
}
```
Fixing these false positives is hard because it would require tracking dependencies between expressions, which is beyond the capabilities of the current statement-local analysis.
![]()
_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
