2 files changed, 30 insertions, 0 deletions

diff --git a/clang/lib/StaticAnalyzer/Checkers/MallocSizeofChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/MallocSizeofChecker.cpp
index 4a50d936287..296aec66805 100644
--- a/clang/lib/StaticAnalyzer/Checkers/MallocSizeofChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/MallocSizeofChecker.cpp
@@ -137,6 +137,10 @@ public:
 // Determine if the pointee and sizeof types are compatible.  Here
 // we ignore constness of pointer types.
 static bool typesCompatible(ASTContext &C, QualType A, QualType B) {
+  // sizeof(void*) is compatible with any other pointer.
+  if (B->isVoidPointerType() && A->getAs<PointerType>())
+    return true;
+
   while (true) {
     A = A.getCanonicalType();
     B = B.getCanonicalType();
diff --git a/clang/test/Analysis/malloc-sizeof.cpp b/clang/test/Analysis/malloc-sizeof.cpp
new file mode 100644
index 00000000000..8589975f8fc
--- /dev/null
+++ b/clang/test/Analysis/malloc-sizeof.cpp
@@ -0,0 +1,26 @@
+// RUN: %clang_cc1 -analyze -analyzer-checker=unix.MallocSizeof -verify %s
+
+#include <stddef.h>
+
+void *malloc(size_t size);
+void *calloc(size_t nmemb, size_t size);
+void *realloc(void *ptr, size_t size);
+void free(void *ptr);
+
+struct A {};
+struct B {};
+
+void foo(unsigned int unsignedInt, unsigned int readSize) {
+  // Sanity check the checker is working as expected.
+  A* a = static_cast<A*>(malloc(sizeof(int))); // expected-warning {{Result of 'malloc' is converted to a pointer of type 'struct A', which is incompatible with sizeof operand type 'int'}}
+  free(a);
+}
+
+void bar() {
+  A *x = static_cast<A*>(calloc(10, sizeof(void*))); // expected-warning {{Result of 'calloc' is converted to a pointer of type 'struct A', which is incompatible with sizeof operand type 'void *'}}
+  // sizeof(void*) is compatible with any pointer.
+  A **y = static_cast<A**>(calloc(10, sizeof(void*))); // no-warning
+  free(x);
+  free(y);
+}
+