From: Jordy Rose <jediknil@belkadan.com>
Date: Mon, 21 Jun 2010 20:08:28 +0000 (+0000)
Subject: If a nonnull argument evaluates to UnknownVal, don't warn (and don't crash).
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9a126850968b0aa25f7c6f214e7309e33f2d800a;p=clang

If a nonnull argument evaluates to UnknownVal, don't warn (and don't crash).


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106456 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/Checker/AttrNonNullChecker.cpp b/lib/Checker/AttrNonNullChecker.cpp
index 471cf19717..d0bccb27b4 100644
--- a/lib/Checker/AttrNonNullChecker.cpp
+++ b/lib/Checker/AttrNonNullChecker.cpp
@@ -60,11 +60,16 @@ void AttrNonNullChecker::PreVisitCallExpr(CheckerContext &C,
     if (!Att->isNonNull(idx))
       continue;
 
-    const DefinedSVal &V = cast<DefinedSVal>(state->getSVal(*I));
+    SVal V = state->getSVal(*I);
+    DefinedSVal *DV = dyn_cast<DefinedSVal>(&V);
+
+    // If the value is unknown or undefined, we can't perform this check.
+    if (!DV)
+      continue;
 
     ConstraintManager &CM = C.getConstraintManager();
     const GRState *stateNotNull, *stateNull;
-    llvm::tie(stateNotNull, stateNull) = CM.AssumeDual(state, V);
+    llvm::tie(stateNotNull, stateNull) = CM.AssumeDual(state, *DV);
 
     if (stateNull && !stateNotNull) {
       // Generate an error node.  Check for a null node in case
diff --git a/test/Analysis/null-deref-ps.c b/test/Analysis/null-deref-ps.c
index 5a1049c7d7..eac7957fb9 100644
--- a/test/Analysis/null-deref-ps.c
+++ b/test/Analysis/null-deref-ps.c
@@ -118,6 +118,11 @@ void f6d(int *p) {
   }  
 }
 
+void f6e(int *p, int offset) {
+  // PR7406 - crash from treating an UnknownVal as defined, to see if it's 0.
+  bar((p+offset)+1, 0); // not crash
+}
+
 int* qux();
 
 int f7(int x) {