[analyzer] Fix null deref in AnyFunctionCall::getRuntimeDefinition
Patch by: Rafael Stahl! Differential Revision: https://reviews.llvm.org/D45564 llvm-svn: 330009
This commit is contained in:
parent
e1ae337cd5
commit
ca7923ab00
|
@ -389,9 +389,11 @@ ArrayRef<ParmVarDecl*> AnyFunctionCall::parameters() const {
|
|||
|
||||
RuntimeDefinition AnyFunctionCall::getRuntimeDefinition() const {
|
||||
const FunctionDecl *FD = getDecl();
|
||||
if (!FD)
|
||||
return {};
|
||||
|
||||
// Note that the AnalysisDeclContext will have the FunctionDecl with
|
||||
// the definition (if one exists).
|
||||
if (FD) {
|
||||
AnalysisDeclContext *AD =
|
||||
getLocationContext()->getAnalysisDeclContext()->
|
||||
getManager()->getContext(FD);
|
||||
|
@ -406,14 +408,13 @@ RuntimeDefinition AnyFunctionCall::getRuntimeDefinition() const {
|
|||
const Decl* Decl = AD->getDecl();
|
||||
return RuntimeDefinition(Decl);
|
||||
}
|
||||
}
|
||||
|
||||
SubEngine *Engine = getState()->getStateManager().getOwningEngine();
|
||||
AnalyzerOptions &Opts = Engine->getAnalysisManager().options;
|
||||
|
||||
// Try to get CTU definition only if CTUDir is provided.
|
||||
if (!Opts.naiveCTUEnabled())
|
||||
return RuntimeDefinition();
|
||||
return {};
|
||||
|
||||
cross_tu::CrossTranslationUnitContext &CTUCtx =
|
||||
*Engine->getCrossTranslationUnitContext();
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
// RUN: %clang_cc1 -fsyntax-only -analyze -analyzer-checker=debug.ExprInspection -analyzer-config experimental-enable-naive-ctu-analysis=true -analyzer-config ctu-dir=%T/ctudir -verify %s
|
||||
// expected-no-diagnostics
|
||||
|
||||
struct S {
|
||||
void (*fp)();
|
||||
};
|
||||
|
||||
int main() {
|
||||
struct S s;
|
||||
// This will cause the analyzer to look for a function definition that has
|
||||
// no FunctionDecl. It used to cause a crash in AnyFunctionCall::getRuntimeDefinition.
|
||||
// It would only occur when CTU analysis is enabled.
|
||||
s.fp();
|
||||
}
|
Loading…
Reference in New Issue