diff options
| -rw-r--r-- | lib/Analysis/RegionStore.cpp | 10 | ||||
| -rw-r--r-- | test/Analysis/rdar-7168531.m | 19 |
2 files changed, 27 insertions, 2 deletions
diff --git a/lib/Analysis/RegionStore.cpp b/lib/Analysis/RegionStore.cpp index 9225bfbaae..4c8610734e 100644 --- a/lib/Analysis/RegionStore.cpp +++ b/lib/Analysis/RegionStore.cpp @@ -750,8 +750,14 @@ SVal RegionStoreManager::EvalBinOp(const GRState *state, case MemRegion::SymbolicRegionKind: { const SymbolicRegion *SR = cast<SymbolicRegion>(MR); SymbolRef Sym = SR->getSymbol(); - QualType T = Sym->getType(getContext()); - QualType EleTy = T->getAs<PointerType>()->getPointeeType(); + QualType T = Sym->getType(getContext()); + QualType EleTy; + + if (const PointerType *PT = T->getAs<PointerType>()) + EleTy = PT->getPointeeType(); + else + EleTy = T->getAsObjCObjectPointerType()->getPointeeType(); + SVal ZeroIdx = ValMgr.makeZeroArrayIndex(); ER = MRMgr.getElementRegion(EleTy, ZeroIdx, SR, getContext()); break; diff --git a/test/Analysis/rdar-7168531.m b/test/Analysis/rdar-7168531.m new file mode 100644 index 0000000000..bdbd22d24e --- /dev/null +++ b/test/Analysis/rdar-7168531.m @@ -0,0 +1,19 @@ +// RUN: clang-cc -analyze -checker-cfref -triple i386-apple-darwin10 -analyzer-store=region && +// RUN: clang-cc -analyze -checker-cfref -triple i386-apple-darwin10 -analyzer-store=basic + +// Note that the target triple is important for this test case. It specifies that we use the +// fragile Objective-C ABI. + +@interface Foo { + int x; +} +@end + +@implementation Foo +static Foo* bar(Foo *p) { + if (p->x) + return ++p; // This is only valid for the fragile ABI. + + return p; +} +@end |