From 6a97d92ef57e934768c4867af8cf96d9cc72ec13 Mon Sep 17 00:00:00 2001
From: Jordan Rose <jordan_rose@apple.com>
Date: Tue, 31 Jul 2012 18:04:53 +0000
Subject: [PATCH] [analyzer] Don't try to inline if there's no region for a
 message receiver.

While usually we'd use a symbolic region rather than a straight-up Unknown,
we can still generate unknowns via array subscripts with symbolic indexes.
(And if this ever changes in the future, we still shouldn't crash.)

llvm-svn: 161059
---
 clang/lib/StaticAnalyzer/Core/CallEvent.cpp             | 3 +++
 clang/test/Analysis/inlining/InlineObjCInstanceMethod.m | 8 +++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/clang/lib/StaticAnalyzer/Core/CallEvent.cpp b/clang/lib/StaticAnalyzer/Core/CallEvent.cpp
index 3b9e1e1979a4..fb00a226a210 100644
--- a/clang/lib/StaticAnalyzer/Core/CallEvent.cpp
+++ b/clang/lib/StaticAnalyzer/Core/CallEvent.cpp
@@ -681,6 +681,9 @@ const Decl *ObjCMethodCall::getRuntimeDefinition() const {
       ReceiverT = cast<ObjCObjectPointerType>(SupersType.getTypePtr());
     } else {
       const MemRegion *Receiver = getReceiverSVal().getAsRegion();
+      if (!Receiver)
+        return 0;
+
       DynamicTypeInfo TI = getState()->getDynamicTypeInfo(Receiver);
       ReceiverT = dyn_cast<ObjCObjectPointerType>(TI.getType().getTypePtr());
     }
diff --git a/clang/test/Analysis/inlining/InlineObjCInstanceMethod.m b/clang/test/Analysis/inlining/InlineObjCInstanceMethod.m
index 682d02aa1545..8d8f28d923fe 100644
--- a/clang/test/Analysis/inlining/InlineObjCInstanceMethod.m
+++ b/clang/test/Analysis/inlining/InlineObjCInstanceMethod.m
@@ -77,4 +77,10 @@
 - (int) method2 {
   return 5/_attribute; // expected-warning {{Division by zero}}
 }
-@end
\ No newline at end of file
+@end
+
+
+// Don't crash if we don't know the receiver's region.
+void randomlyMessageAnObject(MyClass *arr[], int i) {
+  (void)[arr[i] getInt];
+}
\ No newline at end of file