Fix CFG crasher involving statement expressions reported in PR 6938.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@102576 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/Analysis/CFG.cpp b/lib/Analysis/CFG.cpp
index e447657e9ef6d3f4b87de2af7348c91607a49d4b..7c7504a1d82707448eea3990508f63f1b41398b7 100644 (file)
--- a/lib/Analysis/CFG.cpp
+++ b/lib/Analysis/CFG.cpp
@@ -498,8 +498,16 @@ CFGBlock *CFGBuilder::VisitBinaryOperator(BinaryOperator *B,
     Succ = ConfluenceBlock;
     Block = NULL;
     CFGBlock* RHSBlock = addStmt(B->getRHS());
-    if (!FinishBlock(RHSBlock))
-      return 0;
+
+    if (RHSBlock) {
+      if (!FinishBlock(RHSBlock))
+        return 0;
+    }
+    else {
+      // Create an empty block for cases where the RHS doesn't require
+      // any explicit statements in the CFG.
+      RHSBlock = createBlock();
+    }
 
     // See if this is a known constant.
     TryResult KnownVal = TryEvaluateBool(B->getLHS());

diff --git a/test/Analysis/misc-ps.m b/test/Analysis/misc-ps.m
index fa05f6f6030885fb12364bf7a0195793cf0e1388..2b21eec18cd7317d99631a60901e83f206d93579 100644 (file)
--- a/test/Analysis/misc-ps.m
+++ b/test/Analysis/misc-ps.m
@@ -933,3 +933,27 @@ void foo_rev95547_b(struct s_rev95547 w) {
   struct s_rev95547 w2 = w;
   w2.z1.x += 20.0; // no-warning
 }
+
+//===----------------------------------------------------------------------===//
+// Test handling statement expressions that don't populate a CFG block that
+// is used to represent the computation of the RHS of a logical operator.
+// This previously triggered a crash.
+//===----------------------------------------------------------------------===//
+
+void pr6938() {
+  if (1 && ({
+    while (0);
+    0;
+  }) == 0) {
+  }
+}
+
+void pr6938_b() {
+  if (1 && *({ // expected-warning{{Dereference of null pointer}}
+    while (0) {}
+    ({
+      (int *) 0;
+    });
+  }) == 0) {
+  }
+}