From b2c3ae0b6f05fd0c2184aea82637685a13b8dc4f Mon Sep 17 00:00:00 2001 From: Aleksandr Platonov Date: Wed, 13 Apr 2022 20:38:59 +0300 Subject: [PATCH] [Sema] Don't check bounds for function pointer Currently, clang crashes with i386 target on the following code: ``` void f() { f + 0xdead000000000000UL; } ``` This problem is similar to the problem fixed in D104424, but that fix can't handle function pointer case, because `getTypeSizeInCharsIfKnown()` says that size is known and equal to 0 for function type. This patch prevents bounds checking for function pointer, thus fixes the crash. Fixes https://github.com/llvm/llvm-project/issues/50463 Reviewed By: erichkeane Differential Revision: https://reviews.llvm.org/D122748 --- clang/lib/Sema/SemaChecking.cpp | 2 ++ clang/test/Sema/unbounded-array-bounds.c | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/clang/lib/Sema/SemaChecking.cpp b/clang/lib/Sema/SemaChecking.cpp index 9331d169..03f9b69 100644 --- a/clang/lib/Sema/SemaChecking.cpp +++ b/clang/lib/Sema/SemaChecking.cpp @@ -15495,6 +15495,8 @@ void Sema::CheckArrayAccess(const Expr *BaseExpr, const Expr *IndexExpr, ND = ME->getMemberDecl(); if (IsUnboundedArray) { + if (EffectiveType->isFunctionType()) + return; if (index.isUnsigned() || !index.isNegative()) { const auto &ASTC = getASTContext(); unsigned AddrBits = diff --git a/clang/test/Sema/unbounded-array-bounds.c b/clang/test/Sema/unbounded-array-bounds.c index e7636c2..0146315 100644 --- a/clang/test/Sema/unbounded-array-bounds.c +++ b/clang/test/Sema/unbounded-array-bounds.c @@ -80,3 +80,7 @@ void pr50741(void) { (void *)0 + 0xdead000000000000UL; // no array-bounds warning, and no crash } + +void func() { + func + 0xdead000000000000UL; // no crash +} -- 2.7.4