llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT--> @llvm/pr-subscribers-clang-analysis Author: Samira Bazuzi (bazuzi) <details> <summary>Changes</summary> We previously would assume these were inside a method definition and end up crashing. --- Full diff: https://github.com/llvm/llvm-project/pull/99519.diff 2 Files Affected: - (modified) clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp (+15-6) - (modified) clang/unittests/Analysis/FlowSensitive/DataflowEnvironmentTest.cpp (+28) ``````````diff diff --git a/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp b/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp index 7c88917faf9c6..6c0e2f44cd5ae 100644 --- a/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp +++ b/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp @@ -518,12 +518,21 @@ void Environment::initialize() { assert(VarDecl != nullptr); setStorageLocation(*VarDecl, createObject(*VarDecl, nullptr)); } else if (Capture.capturesThis()) { - const auto *SurroundingMethodDecl = - cast<CXXMethodDecl>(InitialTargetFunc->getNonClosureAncestor()); - QualType ThisPointeeType = - SurroundingMethodDecl->getFunctionObjectParameterType(); - setThisPointeeStorageLocation( - cast<RecordStorageLocation>(createObject(ThisPointeeType))); + if (auto *Ancestor = InitialTargetFunc->getNonClosureAncestor()) { + const auto *SurroundingMethodDecl = cast<CXXMethodDecl>(Ancestor); + QualType ThisPointeeType = + SurroundingMethodDecl->getFunctionObjectParameterType(); + setThisPointeeStorageLocation( + cast<RecordStorageLocation>(createObject(ThisPointeeType))); + } else if (auto *FieldBeingInitialized = + dyn_cast<FieldDecl>(Parent->getLambdaContextDecl())) { + // This is in a field initializer, rather than a method. + setThisPointeeStorageLocation( + cast<RecordStorageLocation>(createObject(QualType( + FieldBeingInitialized->getParent()->getTypeForDecl(), 0)))); + } else { + assert(false && "Unexpected this-capturing lambda context."); + } } } } else if (MethodDecl->isImplicitObjectMemberFunction()) { diff --git a/clang/unittests/Analysis/FlowSensitive/DataflowEnvironmentTest.cpp b/clang/unittests/Analysis/FlowSensitive/DataflowEnvironmentTest.cpp index bd710a00c47ce..296ea5a3b386b 100644 --- a/clang/unittests/Analysis/FlowSensitive/DataflowEnvironmentTest.cpp +++ b/clang/unittests/Analysis/FlowSensitive/DataflowEnvironmentTest.cpp @@ -436,4 +436,32 @@ TEST_F(EnvironmentTest, Stmt) { Env.getResultObjectLocation(*Init); } +// This is a crash repro. +TEST_F(EnvironmentTest, LambdaCapturingThisInFieldInitializer) { + using namespace ast_matchers; + std::string Code = R"cc( + struct S { + int f{[this]() { return 1; }()}; + }; + )cc"; + + auto Unit = + tooling::buildASTFromCodeWithArgs(Code, {"-fsyntax-only", "-std=c++11"}); + auto &Context = Unit->getASTContext(); + + ASSERT_EQ(Context.getDiagnostics().getClient()->getNumErrors(), 0U); + + auto *LambdaCallOperator = selectFirst<CXXMethodDecl>( + "method", match(cxxMethodDecl(hasName("operator()"), + ofClass(cxxRecordDecl(isLambda()))) + .bind("method"), + Context)); + + Environment Env(DAContext, *LambdaCallOperator); + // Don't crash when initializing. + Env.initialize(); + // And initialize the captured `this` pointee. + ASSERT_NE(nullptr, Env.getThisPointeeStorageLocation()); +} + } // namespace `````````` </details> https://github.com/llvm/llvm-project/pull/99519 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
