CFGBuilder: Fix crash when visiting a range-based for over a dependent type

Summary:
CFG generation is expected to fail in this case, but it should not crash.

Also added a test that reproduces the crash.

Reviewers: klimek

Subscribers: cfe-commits

Patch by Martin Boehme!

Differential Revision: http://reviews.llvm.org/D21895

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@274834 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/Analysis/CFG.cpp b/lib/Analysis/CFG.cpp
index d9349fc4092d5da02071800a74f63b03715c50f9..2c502cdcf4e074788258552495cdd54f36a87fa3 100644 (file)
--- a/lib/Analysis/CFG.cpp
+++ b/lib/Analysis/CFG.cpp
@@ -3457,6 +3457,8 @@ CFGBlock *CFGBuilder::VisitCXXForRangeStmt(CXXForRangeStmt *S) {
     // continue statements.
     Block = nullptr;
     Succ = addStmt(S->getInc());
+    if (badCFG)
+      return nullptr;
     ContinueJumpTarget = JumpTarget(Succ, ContinueScopePos);
 
     // The starting block for the loop increment is the block that should

diff --git a/unittests/Analysis/CFGTest.cpp b/unittests/Analysis/CFGTest.cpp
new file mode 100644 (file)
index 0000000..715fdcb
--- /dev/null
+++ b/unittests/Analysis/CFGTest.cpp
@@ -0,0 +1,58 @@
+//===- unittests/Analysis/CFGTest.cpp - CFG tests -------------------------===//
+//
+//                     The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===----------------------------------------------------------------------===//
+
+#include "clang/ASTMatchers/ASTMatchFinder.h"
+#include "clang/Analysis/CFG.h"
+#include "clang/Tooling/Tooling.h"
+#include "gtest/gtest.h"
+#include <string>
+#include <vector>
+
+namespace clang {
+namespace analysis {
+namespace {
+
+// Constructing a CFG for a range-based for over a dependent type fails (but
+// should not crash).
+TEST(CFG, RangeBasedForOverDependentType) {
+  const char *Code = "class Foo;\n"
+                     "template <typename T>\n"
+                     "void f(const T &Range) {\n"
+                     "  for (const Foo *TheFoo : Range) {\n"
+                     "  }\n"
+                     "}\n";
+
+  class CFGCallback : public ast_matchers::MatchFinder::MatchCallback {
+  public:
+    bool SawFunctionBody = false;
+
+    void run(const ast_matchers::MatchFinder::MatchResult &Result) override {
+      const auto *Func = Result.Nodes.getNodeAs<FunctionDecl>("func");
+      Stmt *Body = Func->getBody();
+      if (!Body)
+        return;
+      SawFunctionBody = true;
+      std::unique_ptr<CFG> cfg =
+          CFG::buildCFG(nullptr, Body, Result.Context, CFG::BuildOptions());
+      EXPECT_EQ(nullptr, cfg);
+    }
+  } Callback;
+
+  ast_matchers::MatchFinder Finder;
+  Finder.addMatcher(ast_matchers::functionDecl().bind("func"), &Callback);
+  std::unique_ptr<tooling::FrontendActionFactory> Factory(
+      tooling::newFrontendActionFactory(&Finder));
+  std::vector<std::string> Args = {"-std=c++11"};
+  ASSERT_TRUE(tooling::runToolOnCodeWithArgs(Factory->create(), Code, Args));
+  EXPECT_TRUE(Callback.SawFunctionBody);
+}
+
+} // namespace
+} // namespace analysis
+} // namespace clang

diff --git a/unittests/Analysis/CMakeLists.txt b/unittests/Analysis/CMakeLists.txt
new file mode 100644 (file)
index 0000000..e31447c
--- /dev/null
+++ b/unittests/Analysis/CMakeLists.txt
@@ -0,0 +1,13 @@
+set(LLVM_LINK_COMPONENTS
+  Support
+  )
+
+add_clang_unittest(CFGTests
+  CFGTest.cpp
+  )
+
+target_link_libraries(CFGTests
+  clangAnalysis
+  clangASTMatchers
+  clangTooling
+  )

diff --git a/unittests/CMakeLists.txt b/unittests/CMakeLists.txt
index b85ec7e6dfa098c0a13194783fddb0c77c4a0920..7d407ce3f649422a4e7d7769daff9b5231d819f0 100644 (file)
--- a/unittests/CMakeLists.txt
+++ b/unittests/CMakeLists.txt
@@ -13,6 +13,7 @@ add_subdirectory(Basic)
 add_subdirectory(Lex)
 add_subdirectory(Driver)
 if(CLANG_ENABLE_STATIC_ANALYZER)
+  add_subdirectory(Analysis)
   add_subdirectory(StaticAnalyzer)
   add_subdirectory(Frontend)
 endif()