[Sema] Don't check bounds for function pointer

Currently, clang crashes with i386 target on the following code:
```
void f() {
  f + 0xdead000000000000UL;
}
```
This problem is similar to the problem fixed in D104424, but that fix can't handle function pointer case, because `getTypeSizeInCharsIfKnown()` says that size is known and equal to 0 for function type.

This patch prevents bounds checking for function pointer, thus fixes the crash.

Fixes https://github.com/llvm/llvm-project/issues/50463

Reviewed By: erichkeane

Differential Revision: https://reviews.llvm.org/D122748

diff --git a/clang/lib/Sema/SemaChecking.cpp b/clang/lib/Sema/SemaChecking.cpp
index 9331d169f800f6ea344b1b5145c958b71dc64483..03f9b692c063157f10563d9cc8f98c9f087fa60b 100644 (file)
--- a/clang/lib/Sema/SemaChecking.cpp
+++ b/clang/lib/Sema/SemaChecking.cpp
@@ -15495,6 +15495,8 @@ void Sema::CheckArrayAccess(const Expr *BaseExpr, const Expr *IndexExpr,
     ND = ME->getMemberDecl();
 
   if (IsUnboundedArray) {
+    if (EffectiveType->isFunctionType())
+      return;
     if (index.isUnsigned() || !index.isNegative()) {
       const auto &ASTC = getASTContext();
       unsigned AddrBits =

diff --git a/clang/test/Sema/unbounded-array-bounds.c b/clang/test/Sema/unbounded-array-bounds.c
index e7636c2a9249f22654774c0c8cca91c431305070..01463158418c629bd9d9dee27ef4a351dcda9fca 100644 (file)
--- a/clang/test/Sema/unbounded-array-bounds.c
+++ b/clang/test/Sema/unbounded-array-bounds.c
@@ -80,3 +80,7 @@ void pr50741(void) {
   (void *)0 + 0xdead000000000000UL;
   // no array-bounds warning, and no crash
 }
+
+void func() {
+  func + 0xdead000000000000UL; // no crash
+}