================
@@ -4238,7 +4238,8 @@ static Value *emitPointerArithmetic(CodeGenFunction &CGF,
else
elemTy = CGF.ConvertTypeForMem(elementType);
- if (CGF.getLangOpts().PointerOverflowDefined)
+ if (CGF.getLangOpts().PointerOverflowDefined ||
+ CGF.isUnderlyingBasePointerConstantNull(pointerOperand))
----------------
nikic wrote:
An important difference is that isNullPointerArithmeticExtension() uses
inttoptr, which means we get back a pointer with provenance, while this case
only drops the inbounds, but still keeps the gep null, resulting in a pointer
with nullary provenance, so any loads/stores on it are UB.
(Using inttoptr is of course only possible if we know for sure that the base
pointer is null, it doesn't work for the "we have a select where the result
might be null" case.)
https://github.com/llvm/llvm-project/pull/137849
_______________________________________________
cfe-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
