<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/124358>124358</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            -fsanitize=pointer-overflow fails to detect overflow with pointer to VLA
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            new issue
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          efriedma-quic
      </td>
    </tr>
</table>

<pre>
    Testcase:

```
void f(void g(void*, void*)) {
  int x = 2;
  unsigned long long y = 0x8000000000000000;
  int a[2][2];
  int (*aa)[x] = a;
  g(&aa[y], aa+y);
}
void g(void*, void*){}
int main(){ f(g); }
```

Compiling with -fsanitize=pointer-overflow, no error is triggered by the resulting program. It should trigger on the subscripting/pointer arithmetic (like it does with a constant array, or if the offfset is 0x4000000000000000).
</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJx8U02v2joQ_TWTzQhkJl9kkQVchPSkt3x6eyeeJG6dmNoOF_rrKxu4va3UIguPPGfOnDl2pPd6XJhbKI9QnjK5hsm6lgenWc1y823VfdZZdW__Yx966RnyA4i0KvFc4nC1WuEAtE_B-AyADkBv-BE2QA1CfQRxQNRLwBtCfkKC_HG0LkmMQmOX8fF3Twhx24tff6-SyCKhPBKUp9f2KQW0BzpIGXuXxxuUp8QnX5gxASoZKe6xlt4woo_3WJFAUJ9eA_55rvr4gMWes9RLoo3HyZTxQYYPzGffQBze7HzRRi8jvusw4WbwctFBf2fITxerl8BuY6_sBmPfY9fFIjtnHWqPwelxZMcKuzuGidGxX02IZBdnRyfnLf4T0E92NeqFRrskrF873zt9iXCg87MXSqfDNHPQfXTP6K-MOqCy7B8CJfZ28UFG452T96gpqhkSqR2GwXOI4sSt-P3SqNlmqs1Vkzcy43ZX53Vd1vumyqa2aOp91TRcDQP1VZE3DXWV7Jg6qbjc15luSVApdlQQ5bu82oq8LsqGd7kiQUpJKATPUputMdd5a92Yae9XbndU5OU-M7Jj49NDJ1r4HVMWKL6ZzLWxaNOto4dCGO2D_0kTdDDc_vVmcJDaeAwWFQfuA34kkmkvc4PF__89ZKsz7RTCxcePic5A51GHae22vZ2BzrHxc9tcnP3CfQA6J7ke6Pyc59rSjwAAAP__HuIjMg">