From f4bbbf0aaf741cc7d014e2cf059670a6756f8cbd Mon Sep 17 00:00:00 2001 From: Argyrios Kyrtzidis Date: Mon, 2 May 2011 18:21:19 +0000 Subject: [PATCH] Add a warning for when reinterpret_cast leads to undefined behavior, patch by Richard Trieu! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130703 91177308-0d34-0410-b5e6-96231b3b80d8 --- include/clang/Basic/DiagnosticSemaKinds.td | 7 + include/clang/Sema/Sema.h | 4 + lib/Sema/SemaCXXCast.cpp | 60 ++++++++ lib/Sema/SemaExpr.cpp | 8 +- test/SemaCXX/reinterpret-cast.cpp | 154 ++++++++++++++++++++- 5 files changed, 231 insertions(+), 2 deletions(-) diff --git a/include/clang/Basic/DiagnosticSemaKinds.td b/include/clang/Basic/DiagnosticSemaKinds.td index 0a0c91ac91..aa7f64a246 100644 --- a/include/clang/Basic/DiagnosticSemaKinds.td +++ b/include/clang/Basic/DiagnosticSemaKinds.td @@ -2641,6 +2641,10 @@ def warn_indirection_through_null : Warning< "indirection of non-volatile null pointer will be deleted, not trap">, InGroup; def note_indirection_through_null : Note< "consider using __builtin_trap() or qualifying pointer with 'volatile'">; +def warn_pointer_indirection_from_incompatible_type : Warning< + "dereference of type %1 that was reinterpret_cast from type %0 has undefined " + "behavior.">, + InGroup>, DefaultIgnore; def err_assignment_requires_nonfragile_object : Error< "cannot assign to class object in non-fragile ABI (%0 invalid)">; @@ -2904,6 +2908,9 @@ def err_bad_cxx_cast_member_pointer_size : Error< def err_bad_static_cast_incomplete : Error<"%0 is an incomplete type">; def err_bad_reinterpret_cast_reference : Error< "reinterpret_cast of a %0 to %1 needs its address which is not allowed">; +def warn_undefined_reinterpret_cast : Warning< + "reinterpret_cast from %0 to %1 has undefined behavior.">, + InGroup>, DefaultIgnore; // These messages don't adhere to the pattern. // FIXME: Display the path somehow better. diff --git a/include/clang/Sema/Sema.h b/include/clang/Sema/Sema.h index 07a14d2dca..1129adda49 100644 --- a/include/clang/Sema/Sema.h +++ b/include/clang/Sema/Sema.h @@ -2587,6 +2587,10 @@ public: ParsedType ObjectType, bool EnteringContext); + // Checks that reinterpret casts don't have undefined behavior. + void CheckCompatibleReinterpretCast(QualType SrcType, QualType DestType, + bool IsDereference, SourceRange Range); + /// ActOnCXXNamedCast - Parse {dynamic,static,reinterpret,const}_cast's. ExprResult ActOnCXXNamedCast(SourceLocation OpLoc, tok::TokenKind Kind, diff --git a/lib/Sema/SemaCXXCast.cpp b/lib/Sema/SemaCXXCast.cpp index ed54f0f544..2ea3b46829 100644 --- a/lib/Sema/SemaCXXCast.cpp +++ b/lib/Sema/SemaCXXCast.cpp @@ -1288,6 +1288,61 @@ static TryCastResult TryConstCast(Sema &Self, Expr *SrcExpr, QualType DestType, return TC_Success; } +// Checks for undefined behavior in reinterpret_cast. +// The cases that is checked for is: +// *reinterpret_cast(&a) +// reinterpret_cast(a) +// where accessing 'a' as type 'T' will result in undefined behavior. +void Sema::CheckCompatibleReinterpretCast(QualType SrcType, QualType DestType, + bool IsDereference, + SourceRange Range) { + unsigned DiagID = IsDereference ? + diag::warn_pointer_indirection_from_incompatible_type : + diag::warn_undefined_reinterpret_cast; + + if (Diags.getDiagnosticLevel(DiagID, Range.getBegin()) == + Diagnostic::Ignored) { + return; + } + + QualType SrcTy, DestTy; + if (IsDereference) { + if (!SrcType->getAs() || !DestType->getAs()) { + return; + } + SrcTy = SrcType->getPointeeType(); + DestTy = DestType->getPointeeType(); + } else { + if (!DestType->getAs()) { + return; + } + SrcTy = SrcType; + DestTy = DestType->getPointeeType(); + } + + // Cast is compatible if the types are the same. + if (Context.hasSameUnqualifiedType(DestTy, SrcTy)) { + return; + } + // or one of the types is a char or void type + if (DestTy->isAnyCharacterType() || DestTy->isVoidType() || + SrcTy->isAnyCharacterType() || SrcTy->isVoidType()) { + return; + } + // or one of the types is a tag type. + if (isa(SrcTy) || isa(DestTy)) { + return; + } + + if ((SrcTy->isUnsignedIntegerType() && DestTy->isSignedIntegerType()) || + (SrcTy->isSignedIntegerType() && DestTy->isUnsignedIntegerType())) { + if (Context.getTypeSize(DestTy) == Context.getTypeSize(SrcTy)) { + return; + } + } + + Diag(Range.getBegin(), DiagID) << SrcType << DestType << Range; +} static TryCastResult TryReinterpretCast(Sema &Self, ExprResult &SrcExpr, QualType DestType, bool CStyle, @@ -1324,6 +1379,11 @@ static TryCastResult TryReinterpretCast(Sema &Self, ExprResult &SrcExpr, return TC_NotApplicable; } + if (!CStyle) { + Self.CheckCompatibleReinterpretCast(SrcType, DestType, + /*isDereference=*/false, OpRange); + } + // C++ 5.2.10p10: [...] a reference cast reinterpret_cast(x) has the // same effect as the conversion *reinterpret_cast(&x) with the // built-in & and * operators. diff --git a/lib/Sema/SemaExpr.cpp b/lib/Sema/SemaExpr.cpp index 20b92b8420..afcde44814 100644 --- a/lib/Sema/SemaExpr.cpp +++ b/lib/Sema/SemaExpr.cpp @@ -8404,7 +8404,13 @@ static QualType CheckIndirectionOperand(Sema &S, Expr *Op, ExprValueKind &VK, Op = ConvResult.take(); QualType OpTy = Op->getType(); QualType Result; - + + if (isa(Op)) { + QualType OpOrigType = Op->IgnoreParenCasts()->getType(); + S.CheckCompatibleReinterpretCast(OpOrigType, OpTy, /*IsDereference*/true, + Op->getSourceRange()); + } + // Note that per both C89 and C99, indirection is always legal, even if OpTy // is an incomplete type or void. It would be possible to warn about // dereferencing a void pointer, but it's completely well-defined, and such a diff --git a/test/SemaCXX/reinterpret-cast.cpp b/test/SemaCXX/reinterpret-cast.cpp index f5262496c4..449fecb160 100644 --- a/test/SemaCXX/reinterpret-cast.cpp +++ b/test/SemaCXX/reinterpret-cast.cpp @@ -1,4 +1,4 @@ -// RUN: %clang_cc1 -fsyntax-only -verify -ffreestanding %s +// RUN: %clang_cc1 -fsyntax-only -verify -ffreestanding -Wundefined-reinterpret-cast %s #include @@ -116,3 +116,155 @@ namespace PR9564 { __attribute((ext_vector_type(4))) typedef float v4; float& w(v4 &a) { return reinterpret_cast(a[1]); } // expected-error {{not allowed}} } + +void dereference_reinterpret_cast() { + struct A {}; + class B {}; + A a; + B b; + long l; + double d; + float f; + char c; + unsigned char uc; + void* v_ptr; + (void)reinterpret_cast(l); // expected-warning {{reinterpret_cast from 'long' to 'double &' has undefined behavior}} + (void)*reinterpret_cast(&l); // expected-warning {{dereference of type 'double *' that was reinterpret_cast from type 'long *' has undefined behavior}} + (void)reinterpret_cast(f); // expected-warning {{reinterpret_cast from 'float' to 'double &' has undefined behavior}} + (void)*reinterpret_cast(&f); // expected-warning {{dereference of type 'double *' that was reinterpret_cast from type 'float *' has undefined behavior}} + (void)reinterpret_cast(l); // expected-warning {{reinterpret_cast from 'long' to 'float &' has undefined behavior}} + (void)*reinterpret_cast(&l); // expected-warning {{dereference of type 'float *' that was reinterpret_cast from type 'long *' has undefined behavior}} + (void)reinterpret_cast(d); // expected-warning {{reinterpret_cast from 'double' to 'float &' has undefined behavior}} + (void)*reinterpret_cast(&d); // expected-warning {{dereference of type 'float *' that was reinterpret_cast from type 'double *' has undefined behavior}} + + // TODO: add warning for tag types + (void)reinterpret_cast(b); + (void)*reinterpret_cast(&b); + (void)reinterpret_cast(a); + (void)*reinterpret_cast(&a); + + // Casting to itself is allowed + (void)reinterpret_cast(a); + (void)*reinterpret_cast(&a); + (void)reinterpret_cast(b); + (void)*reinterpret_cast(&b); + (void)reinterpret_cast(l); + (void)*reinterpret_cast(&l); + (void)reinterpret_cast(d); + (void)*reinterpret_cast(&d); + (void)reinterpret_cast(c); + (void)*reinterpret_cast(&c); + + // Casting to and from chars are allowable + (void)reinterpret_cast(c); + (void)*reinterpret_cast(&c); + (void)reinterpret_cast(c); + (void)*reinterpret_cast(&c); + (void)reinterpret_cast(c); + (void)*reinterpret_cast(&c); + (void)reinterpret_cast(c); + (void)*reinterpret_cast(&c); + (void)reinterpret_cast(l); + (void)*reinterpret_cast(&l); + (void)reinterpret_cast(d); + (void)*reinterpret_cast(&d); + (void)reinterpret_cast(f); + (void)*reinterpret_cast(&f); + + // Casting from void pointer. + (void)*reinterpret_cast(v_ptr); + (void)*reinterpret_cast(v_ptr); + (void)*reinterpret_cast(v_ptr); + (void)*reinterpret_cast(v_ptr); + (void)*reinterpret_cast(v_ptr); + + // Casting to void pointer + (void)*reinterpret_cast(&a); + (void)*reinterpret_cast(&b); + (void)*reinterpret_cast(&l); + (void)*reinterpret_cast(&d); + (void)*reinterpret_cast(&f); +} + +void reinterpret_cast_whitelist () { + // the dynamic type of the object + int a; + float b; + (void)reinterpret_cast(a); + (void)*reinterpret_cast(&a); + (void)reinterpret_cast(b); + (void)*reinterpret_cast(&b); + + // a cv-qualified version of the dynamic object + (void)reinterpret_cast(a); + (void)*reinterpret_cast(&a); + (void)reinterpret_cast(a); + (void)*reinterpret_cast(&a); + (void)reinterpret_cast(a); + (void)*reinterpret_cast(&a); + (void)reinterpret_cast(b); + (void)*reinterpret_cast(&b); + (void)reinterpret_cast(b); + (void)*reinterpret_cast(&b); + (void)reinterpret_cast(b); + (void)*reinterpret_cast(&b); + + // a type that is the signed or unsigned type corresponding to the dynamic + // type of the object + signed d; + unsigned e; + (void)reinterpret_cast(d); + (void)*reinterpret_cast(&d); + (void)reinterpret_cast(e); + (void)*reinterpret_cast(&e); + (void)reinterpret_cast(d); + (void)*reinterpret_cast(&d); + (void)reinterpret_cast(e); + (void)*reinterpret_cast(&e); + + // a type that is the signed or unsigned type corresponding a cv-qualified + // version of the dynamic type the object + (void)reinterpret_cast(d); + (void)*reinterpret_cast(&d); + (void)reinterpret_cast(e); + (void)*reinterpret_cast(&e); + (void)reinterpret_cast(d); + (void)*reinterpret_cast(&d); + (void)reinterpret_cast(e); + (void)*reinterpret_cast(&e); + (void)reinterpret_cast(d); + (void)*reinterpret_cast(&d); + (void)reinterpret_cast(e); + (void)*reinterpret_cast(&e); + (void)reinterpret_cast(d); + (void)*reinterpret_cast(&d); + (void)reinterpret_cast(e); + (void)*reinterpret_cast(&e); + (void)reinterpret_cast(d); + (void)*reinterpret_cast(&d); + (void)reinterpret_cast(e); + (void)*reinterpret_cast(&e); + (void)reinterpret_cast(d); + (void)*reinterpret_cast(&d); + (void)reinterpret_cast(e); + (void)*reinterpret_cast(&e); + + // an aggregate or union type that includes one of the aforementioned types + // among its members (including, recursively, a member of a subaggregate or + // contained union) + // TODO: checking is not implemented for tag types + + // a type that is a (possible cv-qualified) base class type of the dynamic + // type of the object + // TODO: checking is not implemented for tag types + + // a char or unsigned char type + (void)reinterpret_cast(a); + (void)*reinterpret_cast(&a); + (void)reinterpret_cast(a); + (void)*reinterpret_cast(&a); + (void)reinterpret_cast(b); + (void)*reinterpret_cast(&b); + (void)reinterpret_cast(b); + (void)*reinterpret_cast(&b); +} -- 2.40.0