[clang] [analyzer] Fix crash in CStringChecker on zero-size element types (PR #191061)
Martin Storsjö via cfe-commits
cfe-commits at lists.llvm.org
Wed Apr 15 02:38:56 PDT 2026
mstorsjo wrote:
This test fails on mingw targets, see e.g. https://github.com/mstorsjo/llvm-mingw/actions/runs/24308566576/job/70974063490.
Mingw targets are windows, but with gnu C extensions.
Ways of fixing it could be:
```diff
diff --git a/clang/test/Analysis/bstring.c b/clang/test/Analysis/bstring.c
index f343aaec4330..810241accffa 100644
--- a/clang/test/Analysis/bstring.c
+++ b/clang/test/Analysis/bstring.c
@@ -539,7 +539,7 @@ void nocrash_on_locint_offset(void *addr, void* from, struct S s) {
void nocrash_on_empty_struct_memcpy(void) {
struct {} a[10];
__builtin_memcpy(&a[2], a, 2); // no-crash
-#if !defined(_WIN32)
+#if !defined(_WIN32) || defined(__MINGW32__)
// expected-warning at -2 {{'memcpy' will always overflow; destination buffer has size 0, but size argument is 2}}
// expected-warning at -3 {{Memory copy function overflows the destination buffer}}
#endif
```
Or
```diff
diff --git a/clang/test/Analysis/bstring.c b/clang/test/Analysis/bstring.c
index f343aaec4330..7e2ee1af006a 100644
--- a/clang/test/Analysis/bstring.c
+++ b/clang/test/Analysis/bstring.c
@@ -539,7 +539,7 @@ void nocrash_on_locint_offset(void *addr, void* from, struct S s) {
void nocrash_on_empty_struct_memcpy(void) {
struct {} a[10];
__builtin_memcpy(&a[2], a, 2); // no-crash
-#if !defined(_WIN32)
+#if defined(__GNUC__)
// expected-warning at -2 {{'memcpy' will always overflow; destination buffer has size 0, but size argument is 2}}
// expected-warning at -3 {{Memory copy function overflows the destination buffer}}
#endif
```
Out of these, I think the latter is to be preferred, as it exactly captures the condition where this happens, as explained by the comment above the function.
https://github.com/llvm/llvm-project/pull/191061
More information about the cfe-commits
mailing list