False positive: autovarInvalidDeallocation

[CHR]

Cppcheck 2.3 does not like the Array class being instantiated with std::array. Other types are fine though.

#include <array>

template <class T> class Array {
public:
  ~Array() { delete m_Arr; } // error: Deallocation of an auto-variable results in undefined behaviour.
  T* m_Arr = nullptr;
};

void testArray() {
  Array<std::array<long, 256>> arr;
  Array<double> arrD;
}

[CHR]

bump
Also happy new year!

[Robert Reif]

This reduced version:

#include <array>

class Array {
public:
  ~Array() { delete m_Arr; } // error: Deallocation of an auto-variable results in undefined behaviour.
  std::array<long, 256> * m_Arr = nullptr;
};

void testArray() {
  Array arr;
}

has the same problem:

$ ./cppcheck --debug array1.cpp
Checking array1.cpp ...


##file array1.cpp
3: class Array {
4: public:
5: ~ Array ( ) { delete m_Arr@var1 ; }
6: std :: array < long , 256 > * m_Arr@var1 ; m_Arr@var1 = nullptr ;
7: } ;
8:
9: void testArray ( ) {
10: Array arr@var2 ;
11: }



##Value flow
Line 6
  256 always 256
  nullptr always 0
array1.cpp:5:21: error: Deallocation of an auto-variable results in undefined behaviour. [autovarInvalidDeallocation]
  ~Array() { delete m_Arr; } // error: Deallocation of an auto-variable results in undefined behaviour.

[CHR]

cough Ticket?

Anyway,I have been looking at some related tickets. This old FP no longer reproduces for me:
https://trac.cppcheck.net/ticket/8703

This FN still isn't detected:
https://trac.cppcheck.net/ticket/8174
Reduced code:

struct node
{
};

void test()
{
    node n;
    free(&n); // warning
    node * pn = &n;
    free(pn); // no warning
}

[Daniel Marjamäki]

Anyway,I have been looking at some related tickets. This old FP no longer reproduces for me:

Can you reproduce with an old version.. but not with latest cppcheck? I'd like to know a version you can reproduce the problem with.. then I can close the ticket

[Daniel Marjamäki]

Thanks! I have created ticket https://trac.cppcheck.net/ticket/10097

[CHR]

Thanks!
It seems the FP was fixed between 1.87 and 1.89:

"C:\Program Files\Cppcheck\cppcheck.exe" --version
Cppcheck 1.87

"C:\Program Files\Cppcheck\cppcheck.exe" --enable=all --inconclusive CPPCheckFree.c --library=Custom.cfg
Checking CPPCheckFree.c ...
[CPPCheckFree.c:26]: (error) Deallocation of an auto-variable results in undefined behaviour.
[CPPCheckFree.c:20]: (style) The function 'Main' is never used.

1..88 reports [CPPCheckFree.c:27]: (error) Memory leak: String, 1.89 is clean.

[CHR]

I see that https://trac.cppcheck.net/ticket/8703 has been closed.
Would it be useful to look at old tickets and check if they have been fixed in the meantime?

[Daniel Marjamäki]

Would it be useful to look at old tickets and check if they have been fixed in the meantime?

Yes! If anybody would do that it sounds very useful.