Fix crash if, during evaluation of __builtin_object_size, we try to load

through an invalid base.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@360998 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/AST/ExprConstant.cpp b/lib/AST/ExprConstant.cpp
index e41264e55e4c9fe9b4a3729e1d33def982688cda..236827280efbc42c30d93484d35a3031fef5f9d3 100644 (file)
--- a/lib/AST/ExprConstant.cpp
+++ b/lib/AST/ExprConstant.cpp
@@ -3285,6 +3285,11 @@ static bool AreElementsOfSameArray(QualType ObjType,
 static CompleteObject findCompleteObject(EvalInfo &Info, const Expr *E,
                                          AccessKinds AK, const LValue &LVal,
                                          QualType LValType) {
+  if (LVal.InvalidBase) {
+    Info.FFDiag(E);
+    return CompleteObject();
+  }
+
   if (!LVal.Base) {
     Info.FFDiag(E, diag::note_constexpr_access_null) << AK;
     return CompleteObject();

diff --git a/test/SemaCXX/builtin-object-size-cxx14.cpp b/test/SemaCXX/builtin-object-size-cxx14.cpp
index 32d752d2736594b4774ec31bbd85e5668f0bb882..bc52478e801eeb4d6607d2d722becbb562361866 100644 (file)
--- a/test/SemaCXX/builtin-object-size-cxx14.cpp
+++ b/test/SemaCXX/builtin-object-size-cxx14.cpp
@@ -97,3 +97,10 @@ void tooSmallBuf() {
   copy5CharsIntoStrict(small.buf); // expected-error{{no matching function for call}}
 }
 }
+
+namespace InvalidBase {
+  // Ensure this doesn't crash.
+  struct S { const char *name; };
+  S invalid_base();
+  constexpr long bos_name = __builtin_object_size(invalid_base().name, 1);
+}