check for double delete

Hi all,

is there some way to instruct the static analyzer to check for double deleted objects?

void foo(my_object_t obj)
{
  delete obj;
}

main()
{
  my_object_t *obj = new my_object_t;
  
  if (!obj)
    return -1;

  foo(obj);

  delete obj;
}

I just found something like that in my code and the static analyzer hadn't detected it.

Thanks,
Bernd

Bernd,

The latest analyzer should warn about double frees.

The code you provided does not compile, but the analyzer warns on this fixed code snippet:

class my_object_t {};
void foo(my_object_t *obj) {
delete obj;
}
int foo2() {
my_object_t *obj = new my_object_t;
if (!obj)
return -1;
foo(obj);
delete obj;
}

/Users/zaks/tmp/ex.cpp:10:2: warning: Attempt to free released memory
delete obj;

Cheers,
Anna.

Thanks Anna,

and sorry, it was just some pseudo code I quickly wrote down. Hmm,
indeed it does report it, but it didn't for the actual code I was using.
Ah, the actual code has foo() in a different file. Is it possible to use
the analyzer with link time optimization?

Thanks,
Bernd

Thanks Anna,

and sorry, it was just some pseudo code I quickly wrote down. Hmm,
indeed it does report it, but it didn’t for the actual code I was using.
Ah, the actual code has foo() in a different file. Is it possible to use
the analyzer with link time optimization?

That must be it. The analyzer can only “see” functions which have definitions in the same translation unit - same source file or one of the included headers.

Thanks Anna,

and sorry, it was just some pseudo code I quickly wrote down. Hmm,
indeed it does report it, but it didn’t for the actual code I was using.
Ah, the actual code has foo() in a different file. Is it possible to use
the analyzer with link time optimization?

Technical point: the static analyzer acts on ASTs, so lto is too late as it acts on llvm ir.

Practical point: no, theatres no cross-TU support in the static analyzer at the moment