r253156 - [Sema] Don't crash trying to diagnose abs called on a pointer type

David Majnemer via cfe-commits cfe-commits at lists.llvm.org
Sat Nov 14 19:04:35 PST 2015


Author: majnemer
Date: Sat Nov 14 21:04:34 2015
New Revision: 253156

URL: http://llvm.org/viewvc/llvm-project?rev=253156&view=rev
Log:
[Sema] Don't crash trying to diagnose abs called on a pointer type

Clang tries to figure out if a call to abs is suspicious by looking
through implicit casts to look at the underlying, implicitly converted
type.
Interestingly, C has implicit conversions from pointer-ish types like
function to less exciting types like int.  This trips up our 'abs'
checker because it doesn't know which variant of 'abs' is appropriate.

Instead, diagnose 'abs' called on function types upfront.  This sort of
thing is highly suspicious and is likely indicative of a missing
pointer dereference/function call/array index operation.

This fixes PR25532.

Modified:
    cfe/trunk/include/clang/Basic/DiagnosticSemaKinds.td
    cfe/trunk/lib/Sema/SemaChecking.cpp
    cfe/trunk/test/Sema/warn-absolute-value.c

Modified: cfe/trunk/include/clang/Basic/DiagnosticSemaKinds.td
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Basic/DiagnosticSemaKinds.td?rev=253156&r1=253155&r2=253156&view=diff
==============================================================================
--- cfe/trunk/include/clang/Basic/DiagnosticSemaKinds.td (original)
+++ cfe/trunk/include/clang/Basic/DiagnosticSemaKinds.td Sat Nov 14 21:04:34 2015
@@ -67,6 +67,9 @@ def warn_wrong_absolute_value_type : War
   "when argument is of %select{integer|floating point|complex}2 type">,
   InGroup<AbsoluteValue>;
 def note_replace_abs_function : Note<"use function '%0' instead">;
+def warn_pointer_abs : Warning<
+  "taking the absolute value of %select{pointer|function|array}0 type %1 is suspicious">,
+  InGroup<AbsoluteValue>;
 
 def warn_infinite_recursive_function : Warning<
   "all paths through this function will call itself">,

Modified: cfe/trunk/lib/Sema/SemaChecking.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Sema/SemaChecking.cpp?rev=253156&r1=253155&r2=253156&view=diff
==============================================================================
--- cfe/trunk/lib/Sema/SemaChecking.cpp (original)
+++ cfe/trunk/lib/Sema/SemaChecking.cpp Sat Nov 14 21:04:34 2015
@@ -5085,6 +5085,19 @@ void Sema::CheckAbsoluteValueFunction(co
     return;
   }
 
+  // Taking the absolute value of a pointer is very suspicious, they probably
+  // wanted to index into an array, dereference a pointer, call a function, etc.
+  if (ArgType->isPointerType() || ArgType->canDecayToPointerType()) {
+    unsigned DiagType = 0;
+    if (ArgType->isFunctionType())
+      DiagType = 1;
+    else if (ArgType->isArrayType())
+      DiagType = 2;
+
+    Diag(Call->getExprLoc(), diag::warn_pointer_abs) << DiagType << ArgType;
+    return;
+  }
+
   // std::abs has overloads which prevent most of the absolute value problems
   // from occurring.
   if (IsStdAbs)

Modified: cfe/trunk/test/Sema/warn-absolute-value.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Sema/warn-absolute-value.c?rev=253156&r1=253155&r2=253156&view=diff
==============================================================================
--- cfe/trunk/test/Sema/warn-absolute-value.c (original)
+++ cfe/trunk/test/Sema/warn-absolute-value.c Sat Nov 14 21:04:34 2015
@@ -1,5 +1,5 @@
-// RUN: %clang_cc1 -triple i686-pc-linux-gnu -fsyntax-only -verify %s -Wabsolute-value
-// RUN: %clang_cc1 -triple i686-pc-linux-gnu -fsyntax-only %s -Wabsolute-value -fdiagnostics-parseable-fixits 2>&1 | FileCheck %s
+// RUN: %clang_cc1 -triple i686-pc-linux-gnu -fsyntax-only -verify %s -Wabsolute-value -Wno-int-conversion
+// RUN: %clang_cc1 -triple i686-pc-linux-gnu -fsyntax-only %s -Wabsolute-value -Wno-int-conversion -fdiagnostics-parseable-fixits 2>&1 | FileCheck %s
 
 int abs(int);
 long int labs(long int);
@@ -780,3 +780,19 @@ void test_unsigned_long(unsigned long x)
   // CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:9-[[@LINE-3]]:24}:""
 }
 
+long long test_array() {
+  return llabs((long long[]){1});
+  // expected-warning at -1 {{absolute value of array type}}
+}
+long long test_function_pointer() {
+  return llabs(&test_function_pointer);
+  // expected-warning at -1 {{absolute value of pointer type}}
+}
+long long test_void_pointer(void *x) {
+  return llabs(x);
+  // expected-warning at -1 {{absolute value of pointer type}}
+}
+long long test_function() {
+  return llabs(test_function);
+  // expected-warning at -1 {{absolute value of function type}}
+}




More information about the cfe-commits mailing list