[clang] [clang][bytecode] Fix crash on arrays with excessive size (PR #175402)
Timm Baeder via cfe-commits
cfe-commits at lists.llvm.org
Sun Jan 11 09:23:19 PST 2026
================
@@ -424,7 +424,7 @@ Descriptor *Program::createDescriptor(const DeclTy &D, const Type *Ty,
if (!ElemDesc)
return nullptr;
unsigned ElemSize = ElemDesc->getAllocSize() + sizeof(InlineDescriptor);
- if (std::numeric_limits<unsigned>::max() / ElemSize <= NumElems)
+ if (Descriptor::MaxArrayElemBytes / ElemSize < NumElems)
----------------
tbaederr wrote:
This is not correct for composite elements. `MaxArrayElemBytes` includes the size of the `InitMapPtr`, so is only for primitive arrays.
Consider:
```
struct S { char c; };
S q[-2U];
void foo() { S *p = q + 1; }
```
This works without this change (and causes a the current interpreter to allocate too much memory).
https://github.com/llvm/llvm-project/pull/175402
More information about the cfe-commits
mailing list