[cfe-commits] [patch] Fix CastSizeChecker to handle sizeless types
Jordy Rose
jediknil at belkadan.com
Fri Jun 18 16:05:56 PDT 2010
Casting to void* or any other pointer-to-sizeless type (e.g. function
pointers) causes a divide-by-zero error. Simple fix: check if the pointee
type size is 0 and bail out early if it is.
-------------- next part --------------
Index: /Users/jordy/programming/llvm/tools/clang/lib/Checker/CastSizeChecker.cpp
===================================================================
--- /Users/jordy/programming/llvm/tools/clang/lib/Checker/CastSizeChecker.cpp (revision 105480)
+++ /Users/jordy/programming/llvm/tools/clang/lib/Checker/CastSizeChecker.cpp (working copy)
@@ -63,6 +63,11 @@
CharUnits RegionSize = CharUnits::fromQuantity(CI->getValue().getSExtValue());
CharUnits TypeSize = C.getASTContext().getTypeSizeInChars(ToPointeeTy);
+
+ // void, and a few other un-sizeable types
+ if (TypeSize.isZero())
+ return;
+
if (RegionSize % TypeSize != 0) {
if (ExplodedNode *N = C.GenerateSink()) {
if (!BT)
Index: /Users/jordy/programming/llvm/tools/clang/test/Analysis/malloc.c
===================================================================
--- /Users/jordy/programming/llvm/tools/clang/test/Analysis/malloc.c (revision 105480)
+++ /Users/jordy/programming/llvm/tools/clang/test/Analysis/malloc.c (working copy)
@@ -75,8 +75,20 @@
void PR7217() {
int *buf = malloc(2); // expected-warning{{Cast a region whose size is not a multiple of the destination type size.}}
buf[1] = 'c'; // not crash
+}
+void mallocCastToVoid() {
+ void *p = malloc(2);
+ const void *cp = p; // not crash
+ free(p);
}
+
+void mallocCastToFP() {
+ void *p = malloc(2);
+ void (*fp)() = p; // not crash
+ free(p);
+}
+
// This tests that malloc() buffers are undefined by default
char mallocGarbage () {
char *buf = malloc(2);
More information about the cfe-commits
mailing list