From: Artem Dergachev <artem.dergachev@gmail.com>
Date: Wed, 10 Aug 2016 16:25:16 +0000 (+0000)
Subject: [analyzer] Fix a crash in CloneDetector when calling functions by pointers.
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a7e2299971866bedeaa99cc989b04134c2bde18a;p=clang

[analyzer] Fix a crash in CloneDetector when calling functions by pointers.

CallExpr may have a null direct callee when the callee function is not
known in compile-time. Do not try to take callee name in this case.

Patch by Raphael Isemann!

Differential Revision: https://reviews.llvm.org/D23320


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@278238 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/Analysis/CloneDetection.cpp b/lib/Analysis/CloneDetection.cpp
index 038f9eb87c..27815f30ae 100644
--- a/lib/Analysis/CloneDetection.cpp
+++ b/lib/Analysis/CloneDetection.cpp
@@ -249,8 +249,11 @@ public:
   })
 
   //--- Calls --------------------------------------------------------------//
-  DEF_ADD_DATA(CallExpr,
-               { addData(S->getDirectCallee()->getQualifiedNameAsString()); })
+  DEF_ADD_DATA(CallExpr, {
+    // Function pointers don't have a callee and we just skip hashing it.
+    if (S->getDirectCallee())
+      addData(S->getDirectCallee()->getQualifiedNameAsString());
+  })
 
   //--- Exceptions ---------------------------------------------------------//
   DEF_ADD_DATA(CXXCatchStmt, { addData(S->getCaughtType()); })
diff --git a/test/Analysis/copypaste/call.cpp b/test/Analysis/copypaste/call.cpp
index 06aa633fe9..0c10262a31 100644
--- a/test/Analysis/copypaste/call.cpp
+++ b/test/Analysis/copypaste/call.cpp
@@ -22,3 +22,15 @@ bool foo2(int x) {
     return b();
   return true;
 }
+
+// Test that we don't crash on function pointer calls
+
+bool (*funcPtr)(int);
+
+bool fooPtr1(int x) {
+  if (x > 0)
+    return false;
+  else if (x < 0)
+    return funcPtr(1);
+  return true;
+}