[clang] [analyzer] Prevent crash due to missing EventDispatch in corner case (PR #107294)

Thu Sep 5 07:17:19 PDT 2024

https://github.com/vabridgers updated https://github.com/llvm/llvm-project/pull/107294

>From b7ab0f7d0320de69eea1edf66574c10b88dc881d Mon Sep 17 00:00:00 2001
From: Vince Bridgers <vince.a.bridgers at ericsson.com>
Date: Wed, 4 Sep 2024 20:36:06 +0200
Subject: [PATCH] [analyzer] Remove assert from CheckerManager for registered
 Events

Random testing revealed it's possible to crash the analyzer through a rare
command line invocation:

clang -cc1 -analyze -analyzer-checker=nullability empty.c

The assert in CheckerManager.cpp was deemed to be too strict so is removed.

clang: <root>/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:56:
   void clang::ento::CheckerManager::finishedCheckerRegistration():
     Assertion `Event.second.HasDispatcher && "No dispatcher registered for an event"' failed.

PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/

Stack dump:
0.      Program arguments: clang -cc1 -analyze -analyzer-checker=nullability nullability-nocrash.c
 #0 ...
 ...
 #7 <addr> clang::ento::CheckerManager::finishedCheckerRegistration()
 #8 <addr> clang::ento::CheckerManager::CheckerManager(clang::ASTContext&,
             clang::AnalyzerOptions&, clang::Preprocessor const&,
             llvm::ArrayRef<std::__cxx11::basic_string<char, std::char_traits<char>,
             std::allocator<char>>>, llvm::ArrayRef<std::function<void (clang::ento::CheckerRegistry&)>>)
---
 clang/lib/StaticAnalyzer/Core/CheckerManager.cpp | 10 +---------
 clang/test/Analysis/nullability-nocrash.c        | 10 ++++++++++
 2 files changed, 11 insertions(+), 9 deletions(-)
 create mode 100644 clang/test/Analysis/nullability-nocrash.c

diff --git a/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp b/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp
index 6fc16223ea8287..a1cabaa4364b0b 100644
--- a/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp
+++ b/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp
@@ -48,15 +48,7 @@ bool CheckerManager::hasPathSensitiveCheckers() const {
       EvalCallCheckers, EndOfTranslationUnitCheckers);
 }
 
-void CheckerManager::finishedCheckerRegistration() {
-#ifndef NDEBUG
-  // Make sure that for every event that has listeners, there is at least
-  // one dispatcher registered for it.
-  for (const auto &Event : Events)
-    assert(Event.second.HasDispatcher &&
-           "No dispatcher registered for an event");
-#endif
-}
+void CheckerManager::finishedCheckerRegistration() {}
 
 void CheckerManager::reportInvalidCheckerOptionValue(
     const CheckerBase *C, StringRef OptionName,
diff --git a/clang/test/Analysis/nullability-nocrash.c b/clang/test/Analysis/nullability-nocrash.c
new file mode 100644
index 00000000000000..59cdcde4018cc1
--- /dev/null
+++ b/clang/test/Analysis/nullability-nocrash.c
@@ -0,0 +1,10 @@
+// RUN: %clang_analyze_cc1 -w -analyzer-checker=nullability \
+// RUN:                       -analyzer-output=text -verify %s
+//
+// expected-no-diagnostics
+//
+// This case previously crashed because of an assert in CheckerManager.cpp,
+// checking for registered event dispatchers. This check is too strict so
+// was removed by this commit. This test case covers the previous crash,
+// and is expected to simply not crash. The source file can be anything,
+// and does not need to be empty.

