<table border="1" cellspacing="0" cellpadding="8">

    <tr>

        <th>Issue</th>

        <td>

            <a href=https://github.com/llvm/llvm-project/issues/116568>116568</a>

        </td>

    </tr>

    <tr>

        <th>Summary</th>

        <td>

            Miscompile: overwrapping local variable storages

        </td>

    </tr>

    <tr>

      <th>Labels</th>

      <td>

            new issue

      </td>

    </tr>

    <tr>

      <th>Assignees</th>

      <td>

      </td>

    </tr>

    <tr>

      <th>Reporter</th>

      <td>

          fujii

      </td>

    </tr>

</table>

<pre>

    I'm using clang-cl 19.1.3 to compile Windows WebKit.

In `JSRopeString::resolveToBufferSlow`, the storages of a local variable `workQueue` and an argument variable `buffer` overwraps.

https://github.com/fujii/WebKit/blob/121f8dbaea55dc714e67c6da747cd5c983bfdea3/Source/JavaScriptCore/runtime/JSStringInlines.h#L219-L232

I added debug logging to show the addresses and the sizes of them.

~~~

workQueue 00000049FE9FE148-00000049FE9FE258 272

buffer 00000049FE9FE238-00000049FE9FE248 16

~~~

I uploaded the preprocessed RegExpPrototype.cpp.

https://drive.google.com/file/d/1zBqMDgtRCCyB_BUWAjj495EzF9uMVqNc/view?usp=sharing

> clang-cl.exe  /nologo -TP /Zc:dllexportInlines- /W4 -fcolor-diagnostics -Werror=undefined-internal -Werror=undefined-inline -Wno-noexcept-type -Wno-psabi -Wno-misleading-indentation -Wno-parentheses-equality -Qunused-arguments -Wundef -Wpointer-arith -Wmissing-format-attribute -Wformat-security -Wcast-align /DWIN32 /D_WINDOWS  -fno-strict-aliasing /O2 /Ob2 -clang:-std=c++23 -MD /clang:-masm=att /Zi /GS /EHa- /EHc- /EHs- /fp:except- /GR- /analyze- /bigobj /utf-8 /validate-charset /WX -c RegExpPrototype.i

~~~

clang version 19.1.3

Target: x86_64-pc-windows-msvc

Thread model: posix

InstalledDir: C:\Program Files\LLVM\bin

~~~

I'll try create a simple repro.

</pre>

<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJx8VU934yYQ_zT4wsNPAv-RDz44dtRmm-yfeLvu62XfCEYyKQItIDvJYT97H5Kz3Wy31QFGzDD8-A0zAyHoxiKuyfyKzHcT6OPR-XXdP2g9qZx6Wt8QvmxpH7RtqDRgGyYNzVfTfCpodFS6ttMG6UFb5c6BHrD6TccpyXYk29xYShbZm_2963AfvbYNERsiNh6DMyf86K76uka_N-5MFhnhWxqPSEN0HhoM1NUUqHESDD2B11AZTP7Ozv_1occeySKjYBUFS8E3fYs2vjKsBu_Jyp3Qnz104QJsHI8xdiEh4iXhZaPjsa-m0rWElwMBhJfjdQgvK-Mqwsuc53WhKkCYz5Vc5jNcLOVCwXK2lGouV4WoaoUgCC_3rvcSCS_fwAn20usubp1PC763UbeDaj_ScmONthimR8LFLc9X7JYL_j3UGwpKoaIKq76hxjVNikd0NBzdeWANlPIYAoaBkoFH_TySGI_Yvrr4169fR-EblTQbvtmqvF6V1_msYK8W-LygfHlBNNL6egcXP-6YFTRf_HDcy136zjhI10kwO4-ddzJhV_Qem-vH7r130cWnDqey66Y_C5by-oTTxrnG4EvItEmUqhSl56svd7sm3m-3T1efr34_bB4eZqv59XO56u8-fXkrCS9PGs9ElH3oiNiFIwyv8zuURFx_e-9TfERKCS-tM65xlH18n_7-lERslDH42DkfLzFkSXOYUVZLZ5xnSkNjXYhaBsoO6L3zROx6q7DWFhXTNqK3YP5DmXxSdrCOWYePErvIEjHjUheg0qPY6mAQlLYN01ahjRC1sxcz8GjjEQMGhl96MDo-Ufaht31AxV5SJ8EbTqbs0LkBFgOv45GyQ6tDKgCsdr6FyCBGr6s-JhiXpYCy94Pfg4QQGRjd2ETF7nDzVvBB-ny4ebt7d9hTymrrWIhey8EShupCePluMHxXccoG7onYsBAVETtJ-BXhV1xQdrdLRt_0LYSWiB3EOMREp_GXfRqvfwU2zvIyj9GpOyI2FzIH6_thAgvm6RkHudKNqx6S1MeaFUk4gdEKIjJ5BB9wOO3wB2XyX49W_zTXBsD0hD6kwIwVdNR8BN9gJGJDH4vF58WMdZKdx3rK2nCSF6ujR1C0dQpNsu1c0I8vdTZEMAbVTvuk2qY8mW_fe9d4aGmpDQYy397efroj822l7c_zkvClMTT6Jyo9QkQKNOi2M0iHFL0k4kSthVqJFUxwnS9FXqzEnGeT43oFSwDEYi4kgswBK6yKapEXdZ5lKi8mes0zPsvzvMhywbNsirNM5HWNAhZ5na8KMsuwBW2mxpzaqfPNRIfQ4zrPF_NFMTFQoQlDq-Lc4pkOWsJ56lx-nTaxqm8CmWVGhxj-cRN1NLi-0-HSrhJJLz2hS2_vhy7z0oImvTfr_2kT6YDLxDrvHlCmXjHACqkOjbhPa_53AAAA__-H41zw">