aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/Checker/AttrNonNullChecker.cpp9
-rw-r--r--test/Analysis/null-deref-ps.c5
2 files changed, 12 insertions, 2 deletions
diff --git a/lib/Checker/AttrNonNullChecker.cpp b/lib/Checker/AttrNonNullChecker.cpp
index 471cf19717..d0bccb27b4 100644
--- a/lib/Checker/AttrNonNullChecker.cpp
+++ b/lib/Checker/AttrNonNullChecker.cpp
@@ -60,11 +60,16 @@ void AttrNonNullChecker::PreVisitCallExpr(CheckerContext &C,
if (!Att->isNonNull(idx))
continue;
- const DefinedSVal &V = cast<DefinedSVal>(state->getSVal(*I));
+ SVal V = state->getSVal(*I);
+ DefinedSVal *DV = dyn_cast<DefinedSVal>(&V);
+
+ // If the value is unknown or undefined, we can't perform this check.
+ if (!DV)
+ continue;
ConstraintManager &CM = C.getConstraintManager();
const GRState *stateNotNull, *stateNull;
- llvm::tie(stateNotNull, stateNull) = CM.AssumeDual(state, V);
+ llvm::tie(stateNotNull, stateNull) = CM.AssumeDual(state, *DV);
if (stateNull && !stateNotNull) {
// Generate an error node. Check for a null node in case
diff --git a/test/Analysis/null-deref-ps.c b/test/Analysis/null-deref-ps.c
index 5a1049c7d7..eac7957fb9 100644
--- a/test/Analysis/null-deref-ps.c
+++ b/test/Analysis/null-deref-ps.c
@@ -118,6 +118,11 @@ void f6d(int *p) {
}
}
+void f6e(int *p, int offset) {
+ // PR7406 - crash from treating an UnknownVal as defined, to see if it's 0.
+ bar((p+offset)+1, 0); // not crash
+}
+
int* qux();
int f7(int x) {
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-25 18:24:31 +0000