[llvm] [llvm] Bail out when meeting pointer with negative offset instead of … (PR #120424)

[Martin Storsjö via llvm-commits]

================
@@ -841,8 +841,7 @@ OffsetSpan ObjectSizeOffsetVisitor::computeImpl(Value *V) {
     // This is UB, and we'd rather return an empty location then.
     if (Options.EvalMode == ObjectSizeOpts::Mode::Min ||
         Options.EvalMode == ObjectSizeOpts::Mode::Max) {
-      ORT.Before = APInt::getZero(ORT.Before.getBitWidth());
-      ORT.After = APInt::getZero(ORT.Before.getBitWidth());
+      return ObjectSizeOffsetVisitor::unknown();
----------------
mstorsjo wrote:

Indeed; regularly with UB, when looking at various potential execution paths, the compiler can assume that the ones that are UB just won't happen at runtime. (Not sure how that translates best to this feature though, which is intended to protect against things at runtime that really are unintended.)

https://github.com/llvm/llvm-project/pull/120424