[llvm] [llvm] Fix behavior of llvm.objectsize in presence of negative / large offset (PR #115504)
Harald van Dijk via llvm-commits
llvm-commits at lists.llvm.org
Tue Nov 12 14:50:08 PST 2024
================
@@ -580,6 +585,11 @@ bool llvm::getObjectSize(const Value *Ptr, uint64_t &Size, const DataLayout &DL,
if (!Data.bothKnown())
return false;
+ // We could compute an over-approximation in that situation, may be if
+ // Opts.EvalMode == Max, but let's bee conservative and bail out.
+ if (Data.Offset.isNegative())
+ return false;
----------------
hvdijk wrote:
I am not sure this is right. If offsets should always be treated as signed, which is what I think this PR is saying they should be, then a negative offset results in an out of bounds pointer and should result in a size of zero. I worry that this will cause UBSan to stop reporting certain kinds of out of bounds accesses. Isn't the `out_of_bound_negative_gep` test update in this PR showing that exactly that will happen?
https://github.com/llvm/llvm-project/pull/115504
More information about the llvm-commits
mailing list