Author: Samira Bazuzi Date: 2023-11-09T16:57:04+01:00 New Revision: 3001d6ddaa7809274e49b794cb7ec07d21da130e
URL: https://github.com/llvm/llvm-project/commit/3001d6ddaa7809274e49b794cb7ec07d21da130e DIFF: https://github.com/llvm/llvm-project/commit/3001d6ddaa7809274e49b794cb7ec07d21da130e.diff LOG: [clang][dataflow] Fix buggy assertion: Compare an unqualified type to an unqualified type. (#71573) Includes crash-reproducing test case. --------- Co-authored-by: martinboehme <mboe...@google.com> Added: Modified: clang/lib/Analysis/FlowSensitive/Transfer.cpp clang/unittests/Analysis/FlowSensitive/TransferTest.cpp Removed: ################################################################################ diff --git a/clang/lib/Analysis/FlowSensitive/Transfer.cpp b/clang/lib/Analysis/FlowSensitive/Transfer.cpp index 8b2f8ecc5027e8a..839c04c65e39e7c 100644 --- a/clang/lib/Analysis/FlowSensitive/Transfer.cpp +++ b/clang/lib/Analysis/FlowSensitive/Transfer.cpp @@ -683,11 +683,11 @@ class TransferVisitor : public ConstStmtVisitor<TransferVisitor> { assert( // The types are same, or Field->getType().getCanonicalType().getUnqualifiedType() == - Init->getType().getCanonicalType() || + Init->getType().getCanonicalType().getUnqualifiedType() || // The field's type is T&, and initializer is T (Field->getType()->isReferenceType() && - Field->getType().getCanonicalType()->getPointeeType() == - Init->getType().getCanonicalType())); + Field->getType().getCanonicalType()->getPointeeType() == + Init->getType().getCanonicalType())); auto& Loc = Env.createObject(Field->getType(), Init); FieldLocs.insert({Field, &Loc}); } diff --git a/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp b/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp index bd9b98178b5d4e3..ade0d202ced2f37 100644 --- a/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp +++ b/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp @@ -3197,6 +3197,26 @@ TEST(TransferTest, AggregateInitialization_NotExplicitlyInitializedField) { }); } +TEST(TransferTest, AggregateInitializationFunctionPointer) { + // This is a repro for an assertion failure. + // nullptr takes on the type of a const function pointer, but its type was + // asserted to be equal to the *unqualified* type of Field, which no longer + // included the const. + std::string Code = R"( + struct S { + void (*const Field)(); + }; + + void target() { + S s{nullptr}; + } + )"; + runDataflow( + Code, + [](const llvm::StringMap<DataflowAnalysisState<NoopLattice>> &Results, + ASTContext &ASTCtx) {}); +} + TEST(TransferTest, AssignToUnionMember) { std::string Code = R"( union A { _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
