diff options
| author | George Burgess IV <gbiv@google.com> | 2017-10-01 12:38:44 -0700 |
|---|---|---|
| committer | George Burgess IV <gbiv@google.com> | 2017-10-02 19:50:39 +0000 |
| commit | 6753bc4433eafab3ac805e233db14969c9242d14 (patch) | |
| tree | 7250904a5863e9a062cfceb76a18ef06f68ec40e /libutils/RefBase.cpp | |
| parent | 8b7feee38fe31eb40a50c55144a850cbc37e4089 (diff) | |
Silence a use-after-free warning from the analyzer
The analyzer is known to be very conservative in the face of atomic
operations (e.g. https://bugs.llvm.org/show_bug.cgi?id=34365); this case
is no different.
It's concerned that `delete this;` might read a different value for
`flags`, and proceed to delete `refs`. Since there are many comments
explaining why this won't happen (and it all looks sane to me), use a
NOLINT to silence this warning.
Analyzer warning:
system/core/libutils/RefBase.cpp:445:5: warning: Use of memory after it
is freed
Bug: 27101951
Test: mma. Use-after-free warning is gone.
Change-Id: Ic1623971bd1bad546fbb12a79439116c89a6762d
Diffstat (limited to 'libutils/RefBase.cpp')
| -rw-r--r-- | libutils/RefBase.cpp | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/libutils/RefBase.cpp b/libutils/RefBase.cpp index 24737b985..f5f881fcc 100644 --- a/libutils/RefBase.cpp +++ b/libutils/RefBase.cpp @@ -442,6 +442,11 @@ void RefBase::decStrong(const void* id) const // and all accesses to refs happen before its deletion in the final decWeak. // The destructor can safely access mRefs because either it's deleting // mRefs itself, or it's running entirely before the final mWeak decrement. + // + // Since we're doing atomic loads of `flags`, the static analyzer assumes + // they can change between `delete this;` and `refs->decWeak(id);`. This is + // not the case. The analyzer may become more okay with this patten when + // https://bugs.llvm.org/show_bug.cgi?id=34365 gets resolved. NOLINTNEXTLINE refs->decWeak(id); } |