From e4224cc9f74fd0ab633f664579efe1952d426c9c Mon Sep 17 00:00:00 2001 From: Devin Coughlin Date: Mon, 14 Nov 2016 22:46:02 +0000 Subject: [PATCH] [analyzer] Fix crash in NullabilityChecker calling block with too few arguments Fix a crash when checking parameter nullability on a block invocation with fewer arguments than the block declaration requires. rdar://problem/29237566 llvm-svn: 286901 --- clang/lib/StaticAnalyzer/Checkers/NullabilityChecker.cpp | 7 ++++--- clang/test/Analysis/nullability.c | 12 ++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) create mode 100644 clang/test/Analysis/nullability.c diff --git a/clang/lib/StaticAnalyzer/Checkers/NullabilityChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/NullabilityChecker.cpp index d642356..eaeed59 100644 --- a/clang/lib/StaticAnalyzer/Checkers/NullabilityChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/NullabilityChecker.cpp @@ -679,9 +679,10 @@ void NullabilityChecker::checkPreCall(const CallEvent &Call, if (Param->isParameterPack()) break; - const Expr *ArgExpr = nullptr; - if (Idx < Call.getNumArgs()) - ArgExpr = Call.getArgExpr(Idx); + if (Idx >= Call.getNumArgs()) + break; + + const Expr *ArgExpr = Call.getArgExpr(Idx); auto ArgSVal = Call.getArgSVal(Idx++).getAs(); if (!ArgSVal) continue; diff --git a/clang/test/Analysis/nullability.c b/clang/test/Analysis/nullability.c new file mode 100644 index 0000000..e165879 --- /dev/null +++ b/clang/test/Analysis/nullability.c @@ -0,0 +1,12 @@ +// RUN: %clang_cc1 -fblocks -analyze -analyzer-checker=core,nullability -verify %s + +void it_takes_two(int a, int b); +void function_pointer_arity_mismatch() { + void(*fptr)() = it_takes_two; + fptr(1); // no-crash expected-warning {{Function taking 2 arguments is called with less (1)}} +} + +void block_arity_mismatch() { + void(^b)() = ^(int a, int b) { }; // no-crash + b(1); +} -- 2.7.4