[analyzer][solver] Prevent use of a null state

rdar://77686137 Differential Revision: https://reviews.llvm.org/D102240
2021-05-11 17:30:02 +03:00 · 2021-05-11 17:30:02 +03:00 · 45212dec01
parent 7f607ac6af
commit 45212dec01
2 changed files with 22 additions and 7 deletions
--- a/clang/lib/StaticAnalyzer/Core/RangeConstraintManager.cpp
+++ b/clang/lib/StaticAnalyzer/Core/RangeConstraintManager.cpp
@ -1487,15 +1487,18 @@ private:
      // This is an infeasible assumption.
      return nullptr;

-    ProgramStateRef NewState = setConstraint(State, Sym, NewConstraint);
-    if (auto Equality = EqualityInfo::extract(Sym, Int, Adjustment)) {
-      // If the original assumption is not Sym + Adjustment !=/</> Int,
-      // we should invert IsEquality flag.
-      Equality->IsEquality = Equality->IsEquality != EQ;
-      return track(NewState, *Equality);
+    if (ProgramStateRef NewState = setConstraint(State, Sym, NewConstraint)) {
+      if (auto Equality = EqualityInfo::extract(Sym, Int, Adjustment)) {
+        // If the original assumption is not Sym + Adjustment !=/</> Int,
+        // we should invert IsEquality flag.
+        Equality->IsEquality = Equality->IsEquality != EQ;
+        return track(NewState, *Equality);
+      }
+
+      return NewState;
    }

-    return NewState;
+    return nullptr;
  }

  ProgramStateRef track(ProgramStateRef State, EqualityInfo ToTrack) {
--- a/clang/test/Analysis/PR50268.c
+++ b/clang/test/Analysis/PR50268.c
@ -0,0 +1,12 @@
+// RUN: %clang_analyze_cc1 -w -analyzer-checker=core -verify %s \
+// RUN:    -analyzer-config eagerly-assume=true
+
+// expected-no-diagnostics
+
+
+int test(unsigned long a, unsigned long c, int b) {
+  c -= a;
+  if (0 >= b) {}
+  c == b;
+  return c ? 0 : 2; // no-crash
+}