https://github.com/mugiwaraluffy56 updated https://github.com/llvm/llvm-project/pull/179030
>From 23f63073d6253b96f8e53ecc83c232d1e3b1dab0 Mon Sep 17 00:00:00 2001 From: mugiwaraluffy56 <[email protected]> Date: Sat, 31 Jan 2026 18:02:24 +0530 Subject: [PATCH] [clang][ByteCode] Fix crash when dereferencing cast to larger type When dereferencing a pointer that was reinterpret_cast to a larger type (e.g. *(int**)""), check if the pointer descriptor's primitive type matches what we're trying to read. If not, return std::nullopt to gracefully fail the constant evaluation instead of crashing. Fixes #179015 --- clang/lib/AST/ByteCode/Pointer.cpp | 3 +++ clang/test/AST/ByteCode/invalid.cpp | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/clang/lib/AST/ByteCode/Pointer.cpp b/clang/lib/AST/ByteCode/Pointer.cpp index a1ab492e5cb37..b625128514f83 100644 --- a/clang/lib/AST/ByteCode/Pointer.cpp +++ b/clang/lib/AST/ByteCode/Pointer.cpp @@ -947,6 +947,9 @@ std::optional<APValue> Pointer::toRValue(const Context &Ctx, // Just load primitive types. if (OptPrimType T = Ctx.classify(ResultType)) { + if (const Descriptor *D = getFieldDesc(); + (D->isPrimitive() || D->isPrimitiveArray()) && D->getPrimType() != *T) + return std::nullopt; TYPE_SWITCH(*T, return this->deref<T>().toAPValue(ASTCtx)); } diff --git a/clang/test/AST/ByteCode/invalid.cpp b/clang/test/AST/ByteCode/invalid.cpp index f7f2da2769d65..7c9433ec065ee 100644 --- a/clang/test/AST/ByteCode/invalid.cpp +++ b/clang/test/AST/ByteCode/invalid.cpp @@ -57,6 +57,12 @@ namespace Casts { /// Just make sure this doesn't crash. float PR9558 = reinterpret_cast<const float&>("asd"); + + /// Ensure we don't crash when trying to dereference a cast pointer where the + /// target type is larger than the source allocation (GH#179015). + void GH179015() { + *(int **)""; // both-warning {{expression result unused}} + } } _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
