[clang] 45212de - [analyzer][solver] Prevent use of a null state

Valeriy Savchenko via cfe-commits cfe-commits at lists.llvm.org
Thu May 13 10:17:03 PDT 2021 

Author: Valeriy Savchenko
Date: 2021-05-13T20:16:29+03:00
New Revision: 45212dec01b9be90596d8d6fa7586ce8c84e2622

URL: https://github.com/llvm/llvm-project/commit/45212dec01b9be90596d8d6fa7586ce8c84e2622
DIFF: https://github.com/llvm/llvm-project/commit/45212dec01b9be90596d8d6fa7586ce8c84e2622.diff

LOG: [analyzer][solver] Prevent use of a null state

rdar://77686137

Differential Revision: https://reviews.llvm.org/D102240

Added: 
    clang/test/Analysis/PR50268.c

Modified: 
    clang/lib/StaticAnalyzer/Core/RangeConstraintManager.cpp

Removed: 
    


################################################################################
diff  --git a/clang/lib/StaticAnalyzer/Core/RangeConstraintManager.cpp b/clang/lib/StaticAnalyzer/Core/RangeConstraintManager.cpp
index 974535952d0f0..e54b9c13b9355 100644
--- a/clang/lib/StaticAnalyzer/Core/RangeConstraintManager.cpp
+++ b/clang/lib/StaticAnalyzer/Core/RangeConstraintManager.cpp
@@ -1487,15 +1487,18 @@ class RangeConstraintManager : public RangedConstraintManager {
       // This is an infeasible assumption.
       return nullptr;
 
-    ProgramStateRef NewState = setConstraint(State, Sym, NewConstraint);
-    if (auto Equality = EqualityInfo::extract(Sym, Int, Adjustment)) {
-      // If the original assumption is not Sym + Adjustment !=/</> Int,
-      // we should invert IsEquality flag.
-      Equality->IsEquality = Equality->IsEquality != EQ;
-      return track(NewState, *Equality);
+    if (ProgramStateRef NewState = setConstraint(State, Sym, NewConstraint)) {
+      if (auto Equality = EqualityInfo::extract(Sym, Int, Adjustment)) {
+        // If the original assumption is not Sym + Adjustment !=/</> Int,
+        // we should invert IsEquality flag.
+        Equality->IsEquality = Equality->IsEquality != EQ;
+        return track(NewState, *Equality);
+      }
+
+      return NewState;
     }
 
-    return NewState;
+    return nullptr;
   }
 
   ProgramStateRef track(ProgramStateRef State, EqualityInfo ToTrack) {

diff  --git a/clang/test/Analysis/PR50268.c b/clang/test/Analysis/PR50268.c
new file mode 100644
index 0000000000000..6e3536b7c23c5
--- /dev/null
+++ b/clang/test/Analysis/PR50268.c
@@ -0,0 +1,12 @@
+// RUN: %clang_analyze_cc1 -w -analyzer-checker=core -verify %s \
+// RUN:    -analyzer-config eagerly-assume=true
+
+// expected-no-diagnostics
+
+
+int test(unsigned long a, unsigned long c, int b) {
+  c -= a;
+  if (0 >= b) {}
+  c == b;
+  return c ? 0 : 2; // no-crash
+}

More information about the cfe-commits mailing list