[cfe-commits] r160427 - in /cfe/trunk: lib/StaticAnalyzer/Core/RegionStore.cpp test/Analysis/misc-ps-cxx0x.cpp

Ted Kremenek kremenek at apple.com
Tue Jul 17 22:57:34 PDT 2012 

Author: kremenek
Date: Wed Jul 18 00:57:33 2012
New Revision: 160427

URL: http://llvm.org/viewvc/llvm-project?rev=160427&view=rev
Log:
Fix crash in RegionStoreManager::evalDerivedToBase() due to not handling references
(in uses of dynamic_cast<>).

Fixes <rdar://problem/11817693>.

Modified:
    cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp
    cfe/trunk/test/Analysis/misc-ps-cxx0x.cpp

Modified: cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp?rev=160427&r1=160426&r2=160427&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp Wed Jul 18 00:57:33 2012
@@ -877,10 +877,22 @@
   return loc::MemRegionVal(MRMgr.getElementRegion(T, ZeroIdx, ArrayR, Ctx));
 }
 
+// This mirrors Type::getCXXRecordDeclForPointerType(), but there doesn't
+// appear to be another need for this in the rest of the codebase.
+static const CXXRecordDecl *GetCXXRecordDeclForReferenceType(QualType Ty) {
+  if (const ReferenceType *RT = Ty->getAs<ReferenceType>())
+    if (const RecordType *RCT = RT->getPointeeType()->getAs<RecordType>())
+      return dyn_cast<CXXRecordDecl>(RCT->getDecl());
+  return 0;
+}
+
 SVal RegionStoreManager::evalDerivedToBase(SVal derived, QualType baseType) {
   const CXXRecordDecl *baseDecl;
+  
   if (baseType->isPointerType())
     baseDecl = baseType->getCXXRecordDeclForPointerType();
+  else if (baseType->isReferenceType())
+    baseDecl = GetCXXRecordDeclForReferenceType(baseType);
   else
     baseDecl = baseType->getAsCXXRecordDecl();
 

Modified: cfe/trunk/test/Analysis/misc-ps-cxx0x.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/misc-ps-cxx0x.cpp?rev=160427&r1=160426&r2=160427&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/misc-ps-cxx0x.cpp (original)
+++ cfe/trunk/test/Analysis/misc-ps-cxx0x.cpp Wed Jul 18 00:57:33 2012
@@ -73,3 +73,18 @@
 struct RDar11178609 {
   ~RDar11178609() = delete;
 };
+
+// Tests that dynamic_cast handles references to C++ classes.  Previously
+// this crashed.
+class rdar11817693_BaseBase {};
+class rdar11817693_BaseInterface {};
+class rdar11817693_Base : public rdar11817693_BaseBase, public rdar11817693_BaseInterface {};
+class rdar11817693 : public rdar11817693_Base {
+  virtual void operator=(const rdar11817693_BaseBase& src);
+  void operator=(const rdar11817693& src);
+};
+void rdar11817693::operator=(const rdar11817693& src) {
+  operator=(dynamic_cast<const rdar11817693_BaseBase&>(src));
+}
+
+

More information about the cfe-commits mailing list