[LLVMbugs] [Bug 16055] New: malloc type check needs to consider subclass struct pattern

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Fri May 17 06:49:05 PDT 2013 

http://llvm.org/bugs/show_bug.cgi?id=16055

            Bug ID: 16055
           Summary: malloc type check needs to consider subclass struct
                    pattern
           Product: clang
           Version: trunk
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: pelle at morth.org
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

Created attachment 10536
  --> http://llvm.org/bugs/attachment.cgi?id=10536&action=edit
test case

While not super common common today, there exists a pattern in C where you
create subclasses by having a struct with another struct as the first member
and casting between the two.

The incompatible pointer types check for malloc needs to take this into
consideration. Casting to the type that's the first member of the sizeof type
should be valid, see attached sample code (which should analyze clean).

E.g. PHP zend headers still uses this as of version 5.3.3
(ALLOCATE_PERMANENT_ZVAL macro). Anyone who programmed in classic MacOS should
also be familiar with it. :)

Steps to reproduce:

cc --analyze foo.c

Expected result:

Empty foo.plist

Actual result:

foo.c:15:18: warning: Result of 'malloc' is converted to a pointer of type
'struct a', which is incompatible with sizeof operand
      type 'struct b'
        struct a *var = malloc(sizeof (struct b));
        ~~~~~~~~~~      ^~~~~~ ~~~~~~~~~~~~~~~~~
1 warning generated.

Version info:
clang version 3.4 (http://llvm.org/git/clang.git
7b773002d0beae96a8a34ec9413877242381ec75) (http://llvm.org/git/llvm.git
d6b4caf291aa8c3cd4bcb5f3b55b72621b506278)
Target: x86_64-unknown-linux-gnu
Thread model: posix

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20130517/96caa557/attachment.html>

More information about the llvm-bugs mailing list