[llvm] [llvm] Fix __builtin_object_size interaction between Negative Offset … (PR #111827)
Harald van Dijk via llvm-commits
llvm-commits at lists.llvm.org
Thu Oct 17 04:24:57 PDT 2024
hvdijk wrote:
And now I do have a testcase:
```c++
#include <stdio.h>
int x, i = -1;
int main() {
int array1[4];
int array2[8];
int *ptr;
if (x) {
ptr = array1;
} else {
ptr = array2 + 4;
}
printf("%zu\n", __builtin_dynamic_object_size(ptr + i, 0));
}
```
This prints 0, but must print 20 (5 * sizeof(int)) or higher. It is the same problem: the PHI for `ptr` has incoming values that resolve to (size 16, offset 0) and (size 32, offset 16), and since both specify 16 remaining bytes, they are resolved to the former. And then, `__builtin_dynamic_object_size` concludes that `i = -1` is out of range as an index and therefore 0 bytes are available, but that conclusion is wrong.
https://github.com/llvm/llvm-project/pull/111827
More information about the llvm-commits
mailing list