Author: Martin Braenne Date: 2023-07-27T12:46:13Z New Revision: e6e83cbcc748a55a7eddce67b228298820cb9315
URL: https://github.com/llvm/llvm-project/commit/e6e83cbcc748a55a7eddce67b228298820cb9315 DIFF: https://github.com/llvm/llvm-project/commit/e6e83cbcc748a55a7eddce67b228298820cb9315.diff LOG: [clang][dataflow] Don't crash when constructing an array of records. When I wrote https://reviews.llvm.org/D155446, I assumed that a `CXXConstructExpr` would always have record type, but this isn't true: It can have array type when constructing an array of records. The code would crash in this situation because `createValue()` would return null. This patch includes a test that reproduces the crash without the other changes in the patch. Reviewed By: sammccall Differential Revision: https://reviews.llvm.org/D156402 Added: Modified: clang/lib/Analysis/FlowSensitive/Transfer.cpp clang/unittests/Analysis/FlowSensitive/TransferTest.cpp Removed: ################################################################################ diff --git a/clang/lib/Analysis/FlowSensitive/Transfer.cpp b/clang/lib/Analysis/FlowSensitive/Transfer.cpp index 0b7c22fe24e301..8f8f807a3a4b22 100644 --- a/clang/lib/Analysis/FlowSensitive/Transfer.cpp +++ b/clang/lib/Analysis/FlowSensitive/Transfer.cpp @@ -500,9 +500,14 @@ class TransferVisitor : public ConstStmtVisitor<TransferVisitor> { return; } - auto &InitialVal = *cast<StructValue>(Env.createValue(S->getType())); - copyRecord(InitialVal.getAggregateLoc(), Env.getResultObjectLocation(*S), - Env); + // `CXXConstructExpr` can have array type if default-initializing an array + // of records, and we currently can't create values for arrays. So check if + // we've got a record type. + if (S->getType()->isRecordType()) { + auto &InitialVal = *cast<StructValue>(Env.createValue(S->getType())); + copyRecord(InitialVal.getAggregateLoc(), Env.getResultObjectLocation(*S), + Env); + } transferInlineCall(S, ConstructorDecl); } diff --git a/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp b/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp index 5acb28bd87abff..57c8a5f3589bc4 100644 --- a/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp +++ b/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp @@ -310,6 +310,28 @@ TEST(TransferTest, StructVarDeclWithInit) { }); } +TEST(TransferTest, StructArrayVarDecl) { + std::string Code = R"( + struct A {}; + + void target() { + A Array[2]; + // [[p]] + } + )"; + runDataflow( + Code, + [](const llvm::StringMap<DataflowAnalysisState<NoopLattice>> &Results, + ASTContext &ASTCtx) { + const Environment &Env = getEnvironmentAtAnnotation(Results, "p"); + + const ValueDecl *ArrayDecl = findValueDecl(ASTCtx, "Array"); + + // We currently don't create values for arrays. + ASSERT_THAT(Env.getValue(*ArrayDecl), IsNull()); + }); +} + TEST(TransferTest, ClassVarDecl) { std::string Code = R"( class A { _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
