[analyzer] Fix handling of labels in getLValueElement

In getLValueElement Base may represent the address of a label
(as in the newly-added test case), in this case it's not a loc::MemRegionVal
and Base.castAs<loc::MemRegionVal>() triggers an assert, this diff makes
getLValueElement return UnknownVal instead.

Differential revision: https://reviews.llvm.org/D39174

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@316399 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/StaticAnalyzer/Core/Store.cpp b/lib/StaticAnalyzer/Core/Store.cpp
index 1af49f68cc05508174e21d9b65aefc34b927c36c..173fdd8d0056b2bb5e4e7bb43890e5e523ec3977 100644 (file)
--- a/lib/StaticAnalyzer/Core/Store.cpp
+++ b/lib/StaticAnalyzer/Core/Store.cpp
@@ -440,7 +440,10 @@ SVal StoreManager::getLValueElement(QualType elementType, NonLoc Offset,
   //  value. See also the similar FIXME in getLValueFieldOrIvar().
   if (Base.isUnknownOrUndef() || Base.getAs<loc::ConcreteInt>())
     return Base;
-
+  
+  if (Base.getAs<loc::GotoLabel>())
+    return UnknownVal();
+  
   const SubRegion *BaseRegion =
       Base.castAs<loc::MemRegionVal>().getRegionAs<SubRegion>();
 

diff --git a/test/Analysis/ptr-arith.c b/test/Analysis/ptr-arith.c
index b78ec503a1ca648769a1be4ebbdfb93f3c0ac1a2..93cb4ee9a66a1de91c613381ad1eee7100eea18e 100644 (file)
--- a/test/Analysis/ptr-arith.c
+++ b/test/Analysis/ptr-arith.c
@@ -342,3 +342,8 @@ void negativeIndex(char *str) {
   clang_analyzer_eval(*ptr3 == 'a'); // expected-warning{{UNKNOWN}}
 }
 
+void test_no_crash_on_pointer_to_label() {
+  char *a = &&label;
+  a[0] = 0;
+label:;
+}