From 5d3eb81ee5b6730fb1cd18b240907822932b838b Mon Sep 17 00:00:00 2001 From: George Karpenkov Date: Fri, 2 Mar 2018 00:55:59 +0000 Subject: [PATCH] [analyzer] Prevent crashing in NonNullParamChecker https://bugs.llvm.org/show_bug.cgi?id=36381 rdar://37543426 Turns out, the type passed for the lambda capture was incorrect. One more argument to abandon the getSVal overload which does not require the type information. Differential Revision: https://reviews.llvm.org/D43925 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@326520 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/StaticAnalyzer/Core/RegionStore.cpp | 2 ++ test/Analysis/nonnullparamchecker-crash.cpp | 11 +++++++++++ 2 files changed, 13 insertions(+) create mode 100644 test/Analysis/nonnullparamchecker-crash.cpp diff --git a/lib/StaticAnalyzer/Core/RegionStore.cpp b/lib/StaticAnalyzer/Core/RegionStore.cpp index 0181299189..b752da4437 100644 --- a/lib/StaticAnalyzer/Core/RegionStore.cpp +++ b/lib/StaticAnalyzer/Core/RegionStore.cpp @@ -1405,6 +1405,8 @@ SVal RegionStoreManager::getBinding(RegionBindingsConstRef B, Loc L, QualType T) assert(!T.isNull() && "Unable to auto-detect binding type!"); assert(!T->isVoidType() && "Attempting to dereference a void pointer!"); MR = GetElementZeroRegion(cast(MR), T); + } else { + T = cast(MR)->getValueType(); } // FIXME: Perhaps this method should just take a 'const MemRegion*' argument diff --git a/test/Analysis/nonnullparamchecker-crash.cpp b/test/Analysis/nonnullparamchecker-crash.cpp new file mode 100644 index 0000000000..96e7f21705 --- /dev/null +++ b/test/Analysis/nonnullparamchecker-crash.cpp @@ -0,0 +1,11 @@ +// RUN: %clang_analyze_cc1 -analyzer-checker=core -verify %s +class C {}; + +// expected-no-diagnostics +void f(C i) { + auto lambda = [&] { f(i); }; + typedef decltype(lambda) T; + T* blah = new T(lambda); + (*blah)(); + delete blah; +} -- 2.40.0