[clang] b2c3ae0 - [Sema] Don't check bounds for function pointer

Aleksandr Platonov via cfe-commits cfe-commits at lists.llvm.org
Wed Apr 13 10:43:22 PDT 2022 

Author: Aleksandr Platonov
Date: 2022-04-13T20:39:38+03:00
New Revision: b2c3ae0b6f05fd0c2184aea82637685a13b8dc4f

URL: https://github.com/llvm/llvm-project/commit/b2c3ae0b6f05fd0c2184aea82637685a13b8dc4f
DIFF: https://github.com/llvm/llvm-project/commit/b2c3ae0b6f05fd0c2184aea82637685a13b8dc4f.diff

LOG: [Sema] Don't check bounds for function pointer

Currently, clang crashes with i386 target on the following code:
```
void f() {
  f + 0xdead000000000000UL;
}
```
This problem is similar to the problem fixed in D104424, but that fix can't handle function pointer case, because `getTypeSizeInCharsIfKnown()` says that size is known and equal to 0 for function type.

This patch prevents bounds checking for function pointer, thus fixes the crash.

Fixes https://github.com/llvm/llvm-project/issues/50463

Reviewed By: erichkeane

Differential Revision: https://reviews.llvm.org/D122748

Added: 
    

Modified: 
    clang/lib/Sema/SemaChecking.cpp
    clang/test/Sema/unbounded-array-bounds.c

Removed: 
    


################################################################################
diff  --git a/clang/lib/Sema/SemaChecking.cpp b/clang/lib/Sema/SemaChecking.cpp
index 9331d169f800f..03f9b692c0631 100644
--- a/clang/lib/Sema/SemaChecking.cpp
+++ b/clang/lib/Sema/SemaChecking.cpp
@@ -15495,6 +15495,8 @@ void Sema::CheckArrayAccess(const Expr *BaseExpr, const Expr *IndexExpr,
     ND = ME->getMemberDecl();
 
   if (IsUnboundedArray) {
+    if (EffectiveType->isFunctionType())
+      return;
     if (index.isUnsigned() || !index.isNegative()) {
       const auto &ASTC = getASTContext();
       unsigned AddrBits =

diff  --git a/clang/test/Sema/unbounded-array-bounds.c b/clang/test/Sema/unbounded-array-bounds.c
index e7636c2a9249f..01463158418c6 100644
--- a/clang/test/Sema/unbounded-array-bounds.c
+++ b/clang/test/Sema/unbounded-array-bounds.c
@@ -80,3 +80,7 @@ void pr50741(void) {
   (void *)0 + 0xdead000000000000UL;
   // no array-bounds warning, and no crash
 }
+
+void func() {
+  func + 0xdead000000000000UL; // no crash
+}

More information about the cfe-commits mailing list