From 766967683f73b6ef9c48f03dd3bb1437a92f4399 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timm=20B=C3=A4der?= Date: Wed, 24 Sep 2025 15:02:12 +0200 Subject: [PATCH] [clang][bytecode] Fix a crash in __builtin_object_size() The previous BytOffset computation only makes sense if Ptr points into an array. --- clang/lib/AST/ByteCode/InterpBuiltin.cpp | 12 ++++++++---- clang/test/AST/ByteCode/builtin-object-size.cpp | 3 ++- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/clang/lib/AST/ByteCode/InterpBuiltin.cpp b/clang/lib/AST/ByteCode/InterpBuiltin.cpp index 5423d3ca73c81..a49992029c742 100644 --- a/clang/lib/AST/ByteCode/InterpBuiltin.cpp +++ b/clang/lib/AST/ByteCode/InterpBuiltin.cpp @@ -2449,10 +2449,14 @@ static bool interp__builtin_object_size(InterpState &S, CodePtr OpPC, if (Ptr.isBaseClass()) ByteOffset = computePointerOffset(ASTCtx, Ptr.getBase()) - computePointerOffset(ASTCtx, Ptr); - else - ByteOffset = - computePointerOffset(ASTCtx, Ptr) - - computePointerOffset(ASTCtx, Ptr.expand().atIndex(0).narrow()); + else { + if (Ptr.inArray()) + ByteOffset = + computePointerOffset(ASTCtx, Ptr) - + computePointerOffset(ASTCtx, Ptr.expand().atIndex(0).narrow()); + else + ByteOffset = 0; + } } else ByteOffset = computePointerOffset(ASTCtx, Ptr); diff --git a/clang/test/AST/ByteCode/builtin-object-size.cpp b/clang/test/AST/ByteCode/builtin-object-size.cpp index 6f4ef54bcbafa..e4433ea700ccb 100644 --- a/clang/test/AST/ByteCode/builtin-object-size.cpp +++ b/clang/test/AST/ByteCode/builtin-object-size.cpp @@ -17,7 +17,8 @@ static_assert(__builtin_object_size(&arrf, 0) == (sizeof(float)*2), ""); static_assert(__builtin_object_size(&arrf[1], 0) == sizeof(float), ""); static_assert(__builtin_object_size(&arrf[2], 0) == 0, ""); - +constexpr struct { int a; int b; } F{}; +static_assert(__builtin_object_size(&F.a, 3) == sizeof(int)); struct S { int a;