Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6753bc44 authored by George Burgess IV's avatar George Burgess IV
Browse files

Silence a use-after-free warning from the analyzer 

The analyzer is known to be very conservative in the face of atomic
operations (e.g. https://bugs.llvm.org/show_bug.cgi?id=34365); this case
is no different.

It's concerned that `delete this;` might read a different value for
`flags`, and proceed to delete `refs`. Since there are many comments
explaining why this won't happen (and it all looks sane to me), use a
NOLINT to silence this warning.

Analyzer warning:
system/core/libutils/RefBase.cpp:445:5: warning: Use of memory after it
is freed

Bug: 27101951
Test: mma. Use-after-free warning is gone.
Change-Id: Ic1623971bd1bad546fbb12a79439116c89a6762d
parent 8b7feee3

libutils/RefBase.cpp

+5 −0
Original line number Original line Diff line number Diff line
@@ -442,6 +442,11 @@ void RefBase::decStrong(const void* id) const 
    // and all accesses to refs happen before its deletion in the final decWeak.

    // and all accesses to refs happen before its deletion in the final decWeak.

    // The destructor can safely access mRefs because either it's deleting

    // The destructor can safely access mRefs because either it's deleting

    // mRefs itself, or it's running entirely before the final mWeak decrement.

    // mRefs itself, or it's running entirely before the final mWeak decrement.

    //

    // Since we're doing atomic loads of `flags`, the static analyzer assumes

    // they can change between `delete this;` and `refs->decWeak(id);`. This is

    // not the case. The analyzer may become more okay with this patten when

    // https://bugs.llvm.org/show_bug.cgi?id=34365 gets resolved. NOLINTNEXTLINE

    refs->decWeak(id);

    refs->decWeak(id);

}

}