Closed
Description
We've had multiple issues with reflect constructing past-the-end pointers when zero-sized types are involved, mostly in the function call paths (most recently: #21717).
I'm not sure we've ever systematically audited all of the pointer constructions for this bug, and a quick search reveals several that look suspect.
If we find any actual bugs, the fixes should get backported to 1.9.x.
It may be easier to build tests for these if we address #21730 first.
/cc @cherrymui @bcmills