Use-after-dtor false positive when delete operator overloaded #854
Description
A use-after-dtor is reported when a class has an overloaded delete operator that uses the class members. A real-world case where this happens is http://llvm.org/doxygen/User_8cpp_source.html#l00167.
A minimal example is:
#include <cstdio>
class foo {
public:
foo() : id(0) {}
~foo() {}
void operator delete(void *p) {
foo *obj = static_cast<foo *>(p);
if (obj->id != 0) { // <<<<<<<<<<< MSAN complains here
fprintf(stderr, "Error: id isn't 0");
}
::operator delete(p);
}
const int id;
};
int main() {
foo *fooA = new foo();
delete fooA;
return 0;
}
==43601==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x48b985 in foo::operator delete(void*) /usr/local/google/home/mascasa/code/test/minimal.cc:10:9
#1 0x48b3e0 in main /usr/local/google/home/mascasa/code/test/minimal.cc:21:3
#2 0x7f27a478df44 in __libc_start_main /build/eglibc-SvCtMH/eglibc-2.19/csu/libc-start.c:287
#3 0x41a81e in _start (/usr/local/google/home/mascasa/code/test/minimal.out+0x41a81e)
Memory was marked as uninitialized
#0 0x44274f in __sanitizer_dtor_callback /usr/local/google/home/mascasa/code/llvm/llvm-project/compiler-rt/lib/msan/msan_interceptors.cc:886:3
#1 0x48b6c3 in foo::~foo() /usr/local/google/home/mascasa/code/test/minimal.cc:6:11
#2 0x48b3bb in main /usr/local/google/home/mascasa/code/test/minimal.cc:21:3
#3 0x7f27a478df44 in __libc_start_main /build/eglibc-SvCtMH/eglibc-2.19/csu/libc-start.c:287
SUMMARY: MemorySanitizer: use-of-uninitialized-value /usr/local/google/home/mascasa/code/test/minimal.cc:10:9 in foo::operator delete(void*)
Metadata
Metadata
Assignees
Labels
No labels