r343735 - [analyzer] Do not crash if the assumption added in TrustNonNullChecker is enough to make the state unfeasible
George Karpenkov via cfe-commits
cfe-commits at lists.llvm.org
Wed Oct 3 15:31:09 PDT 2018
Author: george.karpenkov
Date: Wed Oct 3 15:31:09 2018
New Revision: 343735
URL: http://llvm.org/viewvc/llvm-project?rev=343735&view=rev
Log:
[analyzer] Do not crash if the assumption added in TrustNonNullChecker is enough to make the state unfeasible
rdar://43541814
Differential Revision: https://reviews.llvm.org/D52848
Modified:
cfe/trunk/lib/StaticAnalyzer/Checkers/TrustNonnullChecker.cpp
cfe/trunk/test/Analysis/trustnonnullchecker_test.m
Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/TrustNonnullChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/TrustNonnullChecker.cpp?rev=343735&r1=343734&r2=343735&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/TrustNonnullChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/TrustNonnullChecker.cpp Wed Oct 3 15:31:09 2018
@@ -212,20 +212,26 @@ private:
/// the negation of \p Antecedent.
/// Checks NonNullImplicationMap and assumes \p Antecedent otherwise.
ProgramStateRef addImplication(SymbolRef Antecedent,
- ProgramStateRef State,
+ ProgramStateRef InputState,
bool Negated) const {
- SValBuilder &SVB = State->getStateManager().getSValBuilder();
+ if (!InputState)
+ return nullptr;
+ SValBuilder &SVB = InputState->getStateManager().getSValBuilder();
const SymbolRef *Consequent =
- Negated ? State->get<NonNullImplicationMap>(Antecedent)
- : State->get<NullImplicationMap>(Antecedent);
+ Negated ? InputState->get<NonNullImplicationMap>(Antecedent)
+ : InputState->get<NullImplicationMap>(Antecedent);
if (!Consequent)
- return State;
+ return InputState;
SVal AntecedentV = SVB.makeSymbolVal(Antecedent);
- if ((Negated && State->isNonNull(AntecedentV).isConstrainedTrue())
- || (!Negated && State->isNull(AntecedentV).isConstrainedTrue())) {
+ ProgramStateRef State = InputState;
+
+ if ((Negated && InputState->isNonNull(AntecedentV).isConstrainedTrue())
+ || (!Negated && InputState->isNull(AntecedentV).isConstrainedTrue())) {
SVal ConsequentS = SVB.makeSymbolVal(*Consequent);
- State = State->assume(ConsequentS.castAs<DefinedSVal>(), Negated);
+ State = InputState->assume(ConsequentS.castAs<DefinedSVal>(), Negated);
+ if (!State)
+ return nullptr;
// Drop implications from the map.
if (Negated) {
Modified: cfe/trunk/test/Analysis/trustnonnullchecker_test.m
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/trustnonnullchecker_test.m?rev=343735&r1=343734&r2=343735&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/trustnonnullchecker_test.m (original)
+++ cfe/trunk/test/Analysis/trustnonnullchecker_test.m Wed Oct 3 15:31:09 2018
@@ -170,3 +170,25 @@ NSString *_Nonnull checkAssumeOnMutableD
if (k) {}
return k; // no-warning
}
+
+// Check that we don't crash when the added assumption is enough
+// to make the state unfeasible.
+ at class DummyClass;
+ at interface DictionarySubclass : NSDictionary {
+ DummyClass *g;
+ DictionarySubclass *d;
+}
+ at end
+ at implementation DictionarySubclass
+- (id) objectForKey:(id)e {
+ if (e) {}
+ return d;
+}
+- (void) coder {
+ for (id e in g) {
+ id f = [self objectForKey:e];
+ if (f)
+ (void)e;
+ }
+}
+ at end
More information about the cfe-commits
mailing list