r338918 - [analyzer] Add test for a crash fixed in r338775.

Reka Kovacs via cfe-commits cfe-commits at lists.llvm.org
Fri Aug 3 13:42:02 PDT 2018 

Author: rkovacs
Date: Fri Aug  3 13:42:02 2018
New Revision: 338918

URL: http://llvm.org/viewvc/llvm-project?rev=338918&view=rev
Log:
[analyzer] Add test for a crash fixed in r338775.

Do not crash if a CXXRecordDecl cannot be obtained for an object.

Special thanks for the reproduction to Alexander Kornienko.

Modified:
    cfe/trunk/lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp
    cfe/trunk/test/Analysis/inner-pointer.cpp

Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp?rev=338918&r1=338917&r2=338918&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp Fri Aug  3 13:42:02 2018
@@ -133,10 +133,7 @@ bool InnerPointerChecker::isCalledOnStri
     return false;
 
   CXXRecordDecl *Decl = ObjTy->getAsCXXRecordDecl();
-  if (!Decl || Decl->getName() != "basic_string")
-    return false;
-
-  return true;
+  return Decl && Decl->getName() == "basic_string";
 }
 
 bool InnerPointerChecker::isInvalidatingMemberFunction(

Modified: cfe/trunk/test/Analysis/inner-pointer.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/inner-pointer.cpp?rev=338918&r1=338917&r2=338918&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/inner-pointer.cpp (original)
+++ cfe/trunk/test/Analysis/inner-pointer.cpp Fri Aug  3 13:42:02 2018
@@ -382,3 +382,13 @@ const char *escape_via_return_local() {
                     // expected-note at -1 {{Inner pointer invalidated by call to destructor}}
 } // expected-warning {{Use of memory after it is freed}}
 // expected-note at -1 {{Use of memory after it is freed}}
+
+
+char *c();
+class A {};
+
+void no_CXXRecordDecl() {
+  A a, *b;
+  *(void **)&b = c() + 1;
+  *b = a; // no-crash
+}

More information about the cfe-commits mailing list