r286901 - [analyzer] Fix crash in NullabilityChecker calling block with too few arguments
Devin Coughlin via cfe-commits
cfe-commits at lists.llvm.org
Mon Nov 14 14:46:02 PST 2016
Author: dcoughlin
Date: Mon Nov 14 16:46:02 2016
New Revision: 286901
URL: http://llvm.org/viewvc/llvm-project?rev=286901&view=rev
Log:
[analyzer] Fix crash in NullabilityChecker calling block with too few arguments
Fix a crash when checking parameter nullability on a block invocation
with fewer arguments than the block declaration requires.
rdar://problem/29237566
Added:
cfe/trunk/test/Analysis/nullability.c
Modified:
cfe/trunk/lib/StaticAnalyzer/Checkers/NullabilityChecker.cpp
Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/NullabilityChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/NullabilityChecker.cpp?rev=286901&r1=286900&r2=286901&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/NullabilityChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/NullabilityChecker.cpp Mon Nov 14 16:46:02 2016
@@ -679,9 +679,10 @@ void NullabilityChecker::checkPreCall(co
if (Param->isParameterPack())
break;
- const Expr *ArgExpr = nullptr;
- if (Idx < Call.getNumArgs())
- ArgExpr = Call.getArgExpr(Idx);
+ if (Idx >= Call.getNumArgs())
+ break;
+
+ const Expr *ArgExpr = Call.getArgExpr(Idx);
auto ArgSVal = Call.getArgSVal(Idx++).getAs<DefinedOrUnknownSVal>();
if (!ArgSVal)
continue;
Added: cfe/trunk/test/Analysis/nullability.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/nullability.c?rev=286901&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/nullability.c (added)
+++ cfe/trunk/test/Analysis/nullability.c Mon Nov 14 16:46:02 2016
@@ -0,0 +1,12 @@
+// RUN: %clang_cc1 -fblocks -analyze -analyzer-checker=core,nullability -verify %s
+
+void it_takes_two(int a, int b);
+void function_pointer_arity_mismatch() {
+ void(*fptr)() = it_takes_two;
+ fptr(1); // no-crash expected-warning {{Function taking 2 arguments is called with less (1)}}
+}
+
+void block_arity_mismatch() {
+ void(^b)() = ^(int a, int b) { }; // no-crash
+ b(1);
+}
More information about the cfe-commits
mailing list