<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/163033>163033</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            [clang] -fsanitize=undefined causes Assertion `(!isa<llvm::Constant>(EvaluatedGEP.TotalOffset) || EvaluatedGEP.OffsetOverflows == Builder.getFalse()) && "If the offset got constant-folded, we don't expect that there was an " "overflow."' failed.
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            clang:codegen,
            crash
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          k-arrows
      </td>
    </tr>
</table>

<pre>
    Reproducer:
https://godbolt.org/z/j9dqbEfoT
```cpp
void *operator new(__SIZE_TYPE__ n, void *p) { return p; }

typedef int int32_t __attribute__((mode(__SI__)));

struct A {};

int32_t arr[2];

struct S {
  int32_t i, arr[0];
};

void foo(S *p) { new (&p->arr[(-__PTRDIFF_MAX__ - 1)]) A; }
```

Backtrace:
```console
clang++: /root/llvm-project/llvm/tools/clang/lib/CodeGen/CGExprScalar.cpp:6147: llvm::Value* clang::CodeGen::CodeGenFunction::EmitCheckedInBoundsGEP(llvm::Type*, llvm::Value*, llvm::ArrayRef<llvm::Value*>, bool, bool, clang::SourceLocation, const llvm::Twine&): Assertion `(!isa<llvm::Constant>(EvaluatedGEP.TotalOffset) || EvaluatedGEP.OffsetOverflows == Builder.getFalse()) && "If the offset got constant-folded, we don't expect that there was an " "overflow."' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: /opt/compiler-explorer/clang-assertions-trunk/bin/clang++ -g -o /app/output.s -mllvm --x86-asm-syntax=intel -fno-verbose-asm -S --gcc-toolchain=/opt/compiler-explorer/gcc-snapshot -fcolor-diagnostics -fno-crash-diagnostics -fsanitize=undefined <source>
1.      <eof> parser at end of file
2.      <source>:13:6: LLVM IR generation of declaration 'foo'
3.      <source>:13:6: Generating code for declaration 'foo'
 #0 0x00000000041e9638 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x41e9638)
 #1 0x00000000041e6a64 llvm::sys::CleanupOnSignal(unsigned long) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x41e6a64)
 #2 0x000000000412b3b8 CrashRecoverySignalHandler(int) CrashRecoveryContext.cpp:0:0
 #3 0x0000762208442520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520)
 #4 0x00007622084969fc pthread_kill (/lib/x86_64-linux-gnu/libc.so.6+0x969fc)
 #5 0x0000762208442476 gsignal (/lib/x86_64-linux-gnu/libc.so.6+0x42476)
 #6 0x00007622084287f3 abort (/lib/x86_64-linux-gnu/libc.so.6+0x287f3)
 #7 0x000076220842871b (/lib/x86_64-linux-gnu/libc.so.6+0x2871b)
 #8 0x0000762208439e96 (/lib/x86_64-linux-gnu/libc.so.6+0x39e96)
 #9 0x00000000045b9d4f clang::CodeGen::CodeGenFunction::EmitCheckedInBoundsGEP(llvm::Type*, llvm::Value*, llvm::ArrayRef<llvm::Value*>, bool, bool, clang::SourceLocation, llvm::Twine const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x45b9d4f)
#10 0x00000000045b9eb0 clang::CodeGen::CodeGenFunction::EmitCheckedInBoundsGEP(clang::CodeGen::Address, llvm::ArrayRef<llvm::Value*>, llvm::Type*, bool, bool, clang::SourceLocation, clang::CharUnits, llvm::Twine const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x45b9eb0)
#11 0x00000000045402e0 emitArraySubscriptGEP(clang::CodeGen::CodeGenFunction&, clang::CodeGen::Address, llvm::ArrayRef<llvm::Value*>, clang::QualType, bool, bool, clang::SourceLocation, clang::QualType*, clang::Expr const*, llvm::Twine const&) CGExpr.cpp:0:0
#12 0x000000000454708a clang::CodeGen::CodeGenFunction::EmitArraySubscriptExpr(clang::ArraySubscriptExpr const*, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x454708a)
#13 0x000000000455f2db clang::CodeGen::CodeGenFunction::EmitLValueHelper(clang::Expr const*, clang::CodeGen::KnownNonNull_t) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x455f2db)
#14 0x000000000455fd97 void llvm::function_ref<void ()>::callback_fn<clang::CodeGen::CodeGenFunction::EmitLValue(clang::Expr const*, clang::CodeGen::KnownNonNull_t)::'lambda'()>(long) CGExpr.cpp:0:0
#15 0x00000000081aeb91 clang::StackExhaustionHandler::runWithSufficientStackSpace(clang::SourceLocation, llvm::function_ref<void ()>) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x81aeb91)
#16 0x0000000004527e03 clang::CodeGen::CodeGenFunction::EmitLValue(clang::Expr const*, clang::CodeGen::KnownNonNull_t) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4527e03)
#17 0x0000000004541432 EmitPointerWithAlignment(clang::Expr const*, clang::CodeGen::LValueBaseInfo*, clang::CodeGen::TBAAAccessInfo*, clang::CodeGen::KnownNonNull_t, clang::CodeGen::CodeGenFunction&) CGExpr.cpp:0:0
#18 0x0000000004541fd4 clang::CodeGen::CodeGenFunction::EmitPointerWithAlignment(clang::Expr const*, clang::CodeGen::LValueBaseInfo*, clang::CodeGen::TBAAAccessInfo*, clang::CodeGen::KnownNonNull_t) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4541fd4)
#19 0x00000000045417a0 EmitPointerWithAlignment(clang::Expr const*, clang::CodeGen::LValueBaseInfo*, clang::CodeGen::TBAAAccessInfo*, clang::CodeGen::KnownNonNull_t, clang::CodeGen::CodeGenFunction&) CGExpr.cpp:0:0
#20 0x0000000004541fd4 clang::CodeGen::CodeGenFunction::EmitPointerWithAlignment(clang::Expr const*, clang::CodeGen::LValueBaseInfo*, clang::CodeGen::TBAAAccessInfo*, clang::CodeGen::KnownNonNull_t) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4541fd4)
#21 0x00000000045837df clang::CodeGen::CodeGenFunction::EmitCXXNewExpr(clang::CXXNewExpr const*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x45837df)
#22 0x00000000045bf3d5 clang::StmtVisitorBase<std::add_pointer, (anonymous namespace)::ScalarExprEmitter, llvm::Value*>::Visit(clang::Stmt*) CGExprScalar.cpp:0:0
#23 0x00000000045c36cc clang::CodeGen::CodeGenFunction::EmitScalarExpr(clang::Expr const*, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x45c36cc)
#24 0x0000000004526a8e clang::CodeGen::CodeGenFunction::EmitAnyExpr(clang::Expr const*, clang::CodeGen::AggValueSlot, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4526a8e)
#25 0x000000000455807d clang::CodeGen::CodeGenFunction::EmitIgnoredExpr(clang::Expr const*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x455807d)
#26 0x00000000046d7f87 clang::CodeGen::CodeGenFunction::EmitStmt(clang::Stmt const*, llvm::ArrayRef<clang::Attr const*>) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x46d7f87)
#27 0x00000000046e021c clang::CodeGen::CodeGenFunction::EmitCompoundStmtWithoutScope(clang::CompoundStmt const&, bool, clang::CodeGen::AggValueSlot) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x46e021c)
#28 0x000000000474879e clang::CodeGen::CodeGenFunction::EmitFunctionBody(clang::Stmt const*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x474879e)
#29 0x000000000475a7c4 clang::CodeGen::CodeGenFunction::GenerateCode(clang::GlobalDecl, llvm::Function*, clang::CodeGen::CGFunctionInfo const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x475a7c4)
#30 0x00000000047c73d0 clang::CodeGen::CodeGenModule::EmitGlobalFunctionDefinition(clang::GlobalDecl, llvm::GlobalValue*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x47c73d0)
#31 0x00000000047c22b4 clang::CodeGen::CodeGenModule::EmitGlobalDefinition(clang::GlobalDecl, llvm::GlobalValue*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x47c22b4)
#32 0x00000000047c3150 clang::CodeGen::CodeGenModule::EmitGlobal(clang::GlobalDecl) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x47c3150)
#33 0x00000000047cd923 clang::CodeGen::CodeGenModule::EmitTopLevelDecl(clang::Decl*) (.part.0) CodeGenModule.cpp:0:0
#34 0x0000000004b32ca9 (anonymous namespace)::CodeGeneratorImpl::HandleTopLevelDecl(clang::DeclGroupRef) ModuleBuilder.cpp:0:0
#35 0x0000000004b21dd4 clang::BackendConsumer::HandleTopLevelDecl(clang::DeclGroupRef) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4b21dd4)
#36 0x00000000068c6084 clang::ParseAST(clang::Sema&, bool, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x68c6084)
#37 0x0000000004b2e6a8 clang::CodeGenAction::ExecuteAction() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4b2e6a8)
#38 0x0000000004e1a3a5 clang::FrontendAction::Execute() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4e1a3a5)
#39 0x0000000004d9bade clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4d9bade)
#40 0x0000000004f116bd clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4f116bd)
#41 0x0000000000dbfa50 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0xdbfa50)
#42 0x0000000000db65ba ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&, llvm::IntrusiveRefCntPtr<llvm::vfs::FileSystem>) driver.cpp:0:0
#43 0x0000000000db673d int llvm::function_ref<int (llvm::SmallVectorImpl<char const*>&)>::callback_fn<clang_main(int, char**, llvm::ToolContext const&)::'lambda'(llvm::SmallVectorImpl<char const*>&)>(long, llvm::SmallVectorImpl<char const*>&) driver.cpp:0:0
#44 0x0000000004b97839 void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const::'lambda'()>(long) Job.cpp:0:0
#45 0x000000000412b854 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x412b854)
#46 0x0000000004b97e4f clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (.part.0) Job.cpp:0:0
#47 0x0000000004b59162 clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4b59162)
#48 0x0000000004b5a10e clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4b5a10e)
#49 0x0000000004b61845 clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4b61845)
#50 0x0000000000dbbf79 clang_main(int, char**, llvm::ToolContext const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0xdbbf79)
#51 0x0000000000c6bf74 main (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0xc6bf74)
#52 0x0000762208429d90 (/lib/x86_64-linux-gnu/libc.so.6+0x29d90)
#53 0x0000762208429e40 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e40)
#54 0x0000000000db6055 _start (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0xdb6055)
clang++: error: clang frontend command failed with exit code 134 (use -v to see invocation)
Compiler returned: 134
```
</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJzsW1t34zZw_jXwC450SFDi5cEPtCw5TjeJu3K3aV94QGIoMUsBLAD6kl_fA4IyL5bslY-Vpm1yrKwEAoP5ZgaYDxdSpYoNB7hE8ys0v76gtd4Kefl9QqUUj-oiFez58itUUrA6A4m8GDnxVutKma9khchqI1gqSj0VcoPI6k9EVn9E7L_SZS7ukRMj37F_WVUhJ34QBcOIxKICSbWQmMMjImGSrG__c5nc_8fdMkkwR2SB9zUrRCKMgissQdeS4wp5VxgF10a2E-vnChjkuODafDySaJwkVGtZpLWGJEEkRCTcCQZtN6Yoav-8KytFaVlnGsemHyN6X76XSKVE8yuC5tfjJuumiRPjl94Lo7xt4HQNekIbYLkQiITrAUAOj7hR168myFtaGYiEkyS5u_96fbtaJb_EvycJnmDXaD-_Ni3jnj32trYdXdHsu5Y0A-u1zhOCK1ECcuKspHyDyJX582KMyEoKoRFZleXDblJJ8Qdk-5-IrLQQpUJk1TZblUWKyGohGNwAN99ulk-VXGe0pHJq_O3FvjsLjOhGghcjL_5GyxoQibGV0pTtRfR_rGqe6UK0hctdoRdbyL4Du-VXouZM3SzvEAk7wffPlZFrzP-6t2FpLCV9_go58hYHqnpLUzsVouz_21N3LWqZwReR0UZB81BwpXsd3D8WHBDxmyCLcawUSFMXGw8YF7uFooPeF0YC5brpPVw-0LKmGtjN8m56LzQtf8tzBdqGygIFCzyoYp_-9gAyL8Wjwsi7Rt41vqqLkoGcbkCvaKmg6TpqhBjdfIwIuc2x3gIWjQS8EdqCoVxPclEyYAbfI2BmkAYaw1MFmcZ6S83_QAJ-pApTbmSZj2iVmCJCEAlwTosS2BQ58d2XZbxeYlWnu0JjitN6gyVUQmqsBR5NKoXe1uk0E7su_EZBWShVgwlHTDnDBc_KmkGDJZNUbXH6Ev5kgStp5rAMlAKGVeO_ZpxyhqlSIiuMJbGsOVaZLCpt9F1rmn3HrN5VdgA5U-REd1JsJN1hKjf1DrhW7cARldEpE7uqKEFO4KkqhQS5Hy0Tug8BNdGy5t8RWaUF7waTGYN4ssETYaTRqjIya13VeqrwZGew48nkKfQnVO0m6plr-oS864JrKPEk52LyADIVCsxzPFnjyWSTZRMzZLMtLbiJiLe0NJUVp5XaCo0neSZKISesoBsulC4yZftoLDsqVpQXuvgTkHddcwZ5wYFh5C1aK3tL5MSuMR3yFiBy5C1xRaUCianGwBkWOc6LZj4ibbWuqRe7nplGjJW_fPn2C779ijfATfIww0nkmEFW0vYnIkEzsQbIib03Zd20MvgGZ4IBzoU8Kgkj4jnYeXL2_81ciHwv7I139azslztZcN0Ezr0Nvd4EJeljIpSWQHfN8FuYnGEHY_hJEYTIlfPUqmdGulXeHSnvU392SPlFCZTX1W98XWw4LREJa97QA4ZLYbo4h6pGmU5VMlSVpF4a4oWJuq-Qmanl2er2E-WsND2GrQ0HdRaCa3jSbQ5ymo-V77XyA58QJ5zNyJw4LSibzZ5CP_Fnk7Lg9dNkw2v7IJsqMfWtyqZJp_BsKDDyozzDld5KoCz5XpTladKb9p30-VjdWeDjjWpMcKras8DvBPtDwSQMcg_T1MzFJ4ltGnZig1di3fRkgW7aCQyHAr0IIv80gU2TTmA0CLB5GrFZ_n-KioxIiM3mlop8-ui15rPGNfOMMzYupM4nGfeYlJgxCUqdbtSD3jqN9PVU2lL5b7zQ6n_AA5A6nQeGU_185hBwMOwK3ZhkXaeW3rxt07FnbLL6dA_0BP5rTUvrho_7oJMRj56YVcneC_F7HrKLmFHqMKYlI9MGTkhPD-6hH0xXQ0e8fj7Q3BrlDHHUwOniyBuCneeEpaeD_dJ4_CcoKxjBfAXsmOx_4eKR_yr4r3VZJmdhSxZcB302hs6iwO5GdGGTt1AT2YR4u1fRUK6GaCIvzmhZmiVIknPkLT5ous8ymi1GJCjpLmXU8NoXbUm4J3dHQ3_eN0noUkgjdzAuDeFdPm1prQyKPTmzrLfm_17o7brO8yIroGXH68qy4x9MZW_b-_ODosXYBYU_DAoSgON9dDz8fUdCA6sDHYxmPHfmEWxw3Amz7pTGr3FZbLhZCH8QlTXJFVVwy3PxTuX7qziOM7OK_4HKY3sdr3ko370xGsKxWXI2Oz0W_lfa8ByJx5ivi7lobNyAOv_EHHH-ibmzxRwZkebQC9hH1oS___4rPL5mdF15z7BnANWo3YEa0dU099h8mLN3-luhCi2k8SLyFkoz-4gyllQ2VIyjEAkpF_x5J2qFOd2Bssm7ZRV2v9_gM1Zo2xwm_bbAdDpK_Xq3N8uBM4T-OBjx0szzs-x0V3UqvxP9Z6PbjeKds0ack_g0hA-sLfjzD2A6uo7bbBpfrUuhz4q9Qddhn4_4dugE7HTstxsuJLB38Z9j_WA07vAMqaLPgjwMPhCizZAYD5Ijq9jearu_lNS6h_wsPLmF14EfUkYfHOJ-YHwuxK4SNWcGsklWotbrTFQw3rPoavWW8Ad3Dt6I9DMYpYHdGWVIGINZGEQfGN37kivBnt-MjM8HZFXuAA1JWjCnQXYiG2nPX2BhD-Z7bW9KkdLyGrJyGOMdU3pzFlvc7CsaqnHWvTeL-8UqozOiIAs89u7u5y-C1SV0Trbo9xCuIS94YVH_iI1sebfRfAbMDaoOszvCTEj6biQcxvx3xGrQdFjJCKvnzj_o3-MIz4HC6Nmh8EYoWETe3ckYo7gX1Rd4gFbnPhZbsnfHtKJST52G1_UlvSZ23pABpR7JaPQe82xl2ptEt7uqtMV2--ltHW-kqCuTMUmErU77uxKvVRsSlJS4bLj2uqLZd-BsIbiqd_ttr1OV-Gy3WzU7tw9YiR9mvhMOQNxRqSBe348yC-zoKKmeiRa2KnUKByOrg0_DA3Ea97PkE2S1hrao2R48g12NIp2aw9wOLvXoYJm1koJr4OyAnmfS0OrQaThM1ixKKRuxD9vnbXPrJ4PDtjwO6TzJ1er5gmI2TK656_opG57xNPp2YB5eNpLHnHEA9jypw-rXaT9Ikw5Lc2pSR-YmO2oEhIep_JaO-PsCD8vaa5LnAWG17DCQEQZ_nlK8N_vCvW_mhR6S9Y6W5TfIXubmA4D80WmcEGV7d2NA6Lsat1zLWhUP8BXyBdd3Wg5OGB_y9irLqihh_aw07NqFD5PFw6HZfeaNYQUea66THj19MA8_gvTNs6F9JDTXWayfG7eOzysPWujw-c7HFNwfB_V7_dH2x608Su9REHrRZx6q2Y7bMb5wF2K3o5yNp9uDw-xl20tUpndaDiJqrWXBN03NZTsGXxokSfb05Lr2R0pVkSWqqd4aaFDZFCRa0kKr_eOROFqWZs4SsvfcVOntRDXj3Jr9kMdfnej9LNIDzpiPL1mF8_59sENXqeyTrzVf0xzK54Et_-rDuVbjbmbyx8EFwzs9_--CY8S9D0fBiGDNI9cnR63WeI2-ojB7Uw5y7KihqTCYzX-sajzgnT1gn0vnGthdKIUjo1DXgVON8rNI1XGL_CzSL4U6lt9ez7QvEVDRQtrsc4oR2zD5S0xpjNWZcsg7U98NZ_Njal_3vg-Y3AEKd8wFf6Epz7CsaMzzYry5M2IlaR5E-BOIwueTRKNZp_eQ6GZ-mgczbDT-7I6t6K5jMrp5GrHoxIu9TZNOoDcWCDMHJ4lpkyhNpU56sH64C5j1upiNqaczn2Mr_PP9ZITbrvvPvBiDlCartC_k4Lxd3eGsjX_7Agd-LPQWw1Oh7YV515sZHWsFePKAtcAKABe9VZfpab_aat_dAjP8TMv-20gX7NJjkRfRC7h0A98hMyd0oovtJQMWETfNKXNDGhBwvDR02GyWea5LHIdcFJfEIXPXcYnjzfxZNPU9P88pC3IvT3MICJo5sKNFOTXDYirk5qJ5Z-TS9T3H8y5KmkKpmjffCNlPAgbcBnjz8srClBsyZH7Nry_kZfMKSlpvFJo5ZaG06kTrQpfNa3RW0vz62KsRGa0VqH_eCWLTi1qWlx9_76d148Ml-e8AAAD__1ZIWeI">