Author: jrose Date: Fri Jul 10 16:41:59 2015 New Revision: 241944 URL: http://llvm.org/viewvc/llvm-project?rev=241944&view=rev Log: [analyzer] When forced to fake a block type, do it correctly.
BlockDecl has a poor AST representation because it doesn't carry its type with it. Instead, the containing BlockExpr has the full type. This almost never matters for the analyzer, but if the block decl contains static local variables we need to synthesize a region to put them in, and this region will necessarily not have the right type. Even /that/ doesn't matter, unless (1) the block calls the function or method containing the block, and (2) the value of the block expr is used in some interesting way. In this case, we actually end up needing the type of the block region, and it will be set to our synthesized type. It turns out we've been doing a terrible job faking that type -- it wasn't a block pointer type at all. This commit fixes that to at least guarantee a block pointer type, using the signature written by the user if there is one. This is not really a correct answer because the block region's type will /still/ be wrong, but further efforts to make this right in the analyzer would probably be silly. We should just change the AST. rdar://problem/21698099 Modified: cfe/trunk/lib/StaticAnalyzer/Core/MemRegion.cpp cfe/trunk/test/Analysis/blocks.m Modified: cfe/trunk/lib/StaticAnalyzer/Core/MemRegion.cpp URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/MemRegion.cpp?rev=241944&r1=241943&r2=241944&view=diff ============================================================================== --- cfe/trunk/lib/StaticAnalyzer/Core/MemRegion.cpp (original) +++ cfe/trunk/lib/StaticAnalyzer/Core/MemRegion.cpp Fri Jul 10 16:41:59 2015 @@ -824,9 +824,12 @@ const VarRegion* MemRegionManager::getVa QualType T; if (const TypeSourceInfo *TSI = BD->getSignatureAsWritten()) T = TSI->getType(); - else - T = getContext().getFunctionNoProtoType(getContext().VoidTy); - + if (T.isNull()) + T = getContext().VoidTy; + if (!T->getAs<FunctionType>()) + T = getContext().getFunctionNoProtoType(T); + T = getContext().getBlockPointerType(T); + const BlockTextRegion *BTR = getBlockTextRegion(BD, C.getCanonicalType(T), STC->getAnalysisDeclContext()); Modified: cfe/trunk/test/Analysis/blocks.m URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/blocks.m?rev=241944&r1=241943&r2=241944&view=diff ============================================================================== --- cfe/trunk/test/Analysis/blocks.m (original) +++ cfe/trunk/test/Analysis/blocks.m Fri Jul 10 16:41:59 2015 @@ -162,3 +162,51 @@ void blockCapturesItselfInTheLoop(int x, } assignData(x); } + +// Blocks that called the function they were contained in that also have +// static locals caused crashes. +// rdar://problem/21698099 +void takeNonnullBlock(void (^)(void)) __attribute__((nonnull)); +void takeNonnullIntBlock(int (^)(void)) __attribute__((nonnull)); + +void testCallContainingWithSignature1() +{ + takeNonnullBlock(^{ + static const char str[] = "Lost connection to sharingd"; + testCallContainingWithSignature1(); + }); +} + +void testCallContainingWithSignature2() +{ + takeNonnullBlock(^void{ + static const char str[] = "Lost connection to sharingd"; + testCallContainingWithSignature2(); + }); +} + +void testCallContainingWithSignature3() +{ + takeNonnullBlock(^void(){ + static const char str[] = "Lost connection to sharingd"; + testCallContainingWithSignature3(); + }); +} + +void testCallContainingWithSignature4() +{ + takeNonnullBlock(^void(void){ + static const char str[] = "Lost connection to sharingd"; + testCallContainingWithSignature4(); + }); +} + +void testCallContainingWithSignature5() +{ + takeNonnullIntBlock(^{ + static const char str[] = "Lost connection to sharingd"; + testCallContainingWithSignature5(); + return 0; + }); +} + _______________________________________________ cfe-commits mailing list cfe-commits@cs.uiuc.edu http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits