[analyzer] Fix a crash on tracking Objective-C 'self' as a control dependency.

'self' was previously never tracked, but now it can be tracked
because it may be part of a condition.

llvm-svn: 375328
This commit is contained in:
Artem Dergachev 2019-10-19 01:50:43 +00:00
parent d7cf99ae03
commit ab2cec8b85
2 changed files with 44 additions and 7 deletions

View File

@ -1418,14 +1418,19 @@ FindLastStoreBRVisitor::VisitNode(const ExplodedNode *Succ,
if (Optional<CallEnter> CE = Succ->getLocationAs<CallEnter>()) {
if (const auto *VR = dyn_cast<VarRegion>(R)) {
const auto *Param = cast<ParmVarDecl>(VR->getDecl());
if (const auto *Param = dyn_cast<ParmVarDecl>(VR->getDecl())) {
ProgramStateManager &StateMgr = BRC.getStateManager();
CallEventManager &CallMgr = StateMgr.getCallEventManager();
CallEventRef<> Call = CallMgr.getCaller(CE->getCalleeContext(),
Succ->getState());
InitE = Call->getArgExpr(Param->getFunctionScopeIndex());
} else {
// Handle Objective-C 'self'.
assert(isa<ImplicitParamDecl>(VR->getDecl()));
InitE = cast<ObjCMessageExpr>(CE->getCalleeContext()->getCallSite())
->getInstanceReceiver()->IgnoreParenCasts();
}
IsParam = true;
}
}

View File

@ -0,0 +1,32 @@
// RUN: %clang_analyze_cc1 -w -analyzer-checker=core,nullability -verify %s
// expected-no-diagnostics
@class C;
#pragma clang assume_nonnull begin
@interface I
- foo:(C *)c;
@end
#pragma clang assume_nonnull end
@interface J
@property C *c;
@end
J *conjure_J();
@implementation I
- (void)bar {
if (self) { // no-crash
J *j = conjure_J();
if (j.c)
[self bar];
// FIXME: Should warn.
[self foo:j.c]; // no-warning
}
}
@end
@implementation J
@end