<div dir="ltr">This breaks tests: <a href="http://45.33.8.238/linux/18215/step_7.txt">http://45.33.8.238/linux/18215/step_7.txt</a></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, May 20, 2020 at 7:05 PM Kirstóf Umann via cfe-commits <<a href="mailto:cfe-commits@lists.llvm.org">cfe-commits@lists.llvm.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
Author: Kirstóf Umann<br>
Date: 2020-05-21T01:05:15+02:00<br>
New Revision: 1d393eac8f6907074138612e18d5d1da803b4ad0<br>
<br>
URL: <a href="https://github.com/llvm/llvm-project/commit/1d393eac8f6907074138612e18d5d1da803b4ad0" rel="noreferrer" target="_blank">https://github.com/llvm/llvm-project/commit/1d393eac8f6907074138612e18d5d1da803b4ad0</a><br>
DIFF: <a href="https://github.com/llvm/llvm-project/commit/1d393eac8f6907074138612e18d5d1da803b4ad0.diff" rel="noreferrer" target="_blank">https://github.com/llvm/llvm-project/commit/1d393eac8f6907074138612e18d5d1da803b4ad0.diff</a><br>
<br>
LOG: [analyzer] Fix a null FunctionDecl dereference bug after D75432<br>
<br>
Added: <br>
<br>
<br>
Modified: <br>
    clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp<br>
    clang/test/Analysis/malloc.c<br>
<br>
Removed: <br>
<br>
<br>
<br>
################################################################################<br>
diff  --git a/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp<br>
index f5f4dd0eaea5..7fae3a62211d 100644<br>
--- a/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp<br>
+++ b/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp<br>
@@ -1204,6 +1204,8 @@ void MallocChecker::checkOwnershipAttr(const CallEvent &Call,<br>
   if (!CE)<br>
     return;<br>
   const FunctionDecl *FD = C.getCalleeDecl(CE);<br>
+  if (!FD)<br>
+    return;<br>
   if (ShouldIncludeOwnershipAnnotatedFunctions ||<br>
       ChecksEnabled[CK_MismatchedDeallocatorChecker]) {<br>
     // Check all the attributes, if there are any.<br>
<br>
diff  --git a/clang/test/Analysis/malloc.c b/clang/test/Analysis/malloc.c<br>
index b7a29db274b4..2cd9d2845877 100644<br>
--- a/clang/test/Analysis/malloc.c<br>
+++ b/clang/test/Analysis/malloc.c<br>
@@ -2,7 +2,7 @@<br>
 // RUN:   -analyzer-checker=core \<br>
 // RUN:   -analyzer-checker=alpha.deadcode.UnreachableCode \<br>
 // RUN:   -analyzer-checker=alpha.core.CastSize \<br>
-// RUN:   -analyzer-checker=unix.Malloc \<br>
+// RUN:   -analyzer-checker=unix \<br>
 // RUN:   -analyzer-checker=debug.ExprInspection<br>
<br>
 #include "Inputs/system-header-simulator.h"<br>
@@ -1843,6 +1843,10 @@ variable 'buf', which is not memory allocated by malloc() [unix.Malloc]}}<br>
   }<br>
 }<br>
<br>
+(*crash_a)();<br>
+// A CallEvent without a corresponding FunctionDecl.<br>
+crash_b() { crash_a(); } // no-crash<br>
+<br>
 // ----------------------------------------------------------------------------<br>
 // False negatives.<br>
<br>
<br>
<br>
<br>
_______________________________________________<br>
cfe-commits mailing list<br>
<a href="mailto:cfe-commits@lists.llvm.org" target="_blank">cfe-commits@lists.llvm.org</a><br>
<a href="https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits" rel="noreferrer" target="_blank">https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits</a><br>
</blockquote></div>