From 796331c026a6cd33624c0f22e4e289fc89093b43 Mon Sep 17 00:00:00 2001 From: David Majnemer Date: Sat, 23 Jul 2016 02:56:49 +0000 Subject: [PATCH] [LoopUnrollAnalyzer] Handle out of bounds accesses in visitLoad While we handed loads past the end of an array, we didn't handle loads _before_ the array. This fixes PR28062. N.B. While the bug in the code is obvious, I am struggling to craft a test case which is reasonable in size. llvm-svn: 276510 --- llvm/lib/Analysis/LoopUnrollAnalyzer.cpp | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/llvm/lib/Analysis/LoopUnrollAnalyzer.cpp b/llvm/lib/Analysis/LoopUnrollAnalyzer.cpp index f59257a..7bdf340 100644 --- a/llvm/lib/Analysis/LoopUnrollAnalyzer.cpp +++ b/llvm/lib/Analysis/LoopUnrollAnalyzer.cpp @@ -115,13 +115,19 @@ bool UnrolledInstAnalyzer::visitLoad(LoadInst &I) { // We might have a vector load from an array. FIXME: for now we just bail // out in this case, but we should be able to resolve and simplify such // loads. - if(CDS->getElementType() != I.getType()) + if (CDS->getElementType() != I.getType()) return false; - int ElemSize = CDS->getElementType()->getPrimitiveSizeInBits() / 8U; - if (SimplifiedAddrOp->getValue().getActiveBits() >= 64) + unsigned ElemSize = CDS->getElementType()->getPrimitiveSizeInBits() / 8U; + if (SimplifiedAddrOp->getValue().getActiveBits() > 64) return false; - int64_t Index = SimplifiedAddrOp->getSExtValue() / ElemSize; + int64_t SimplifiedAddrOpV = SimplifiedAddrOp->getSExtValue(); + if (SimplifiedAddrOpV < 0) { + // FIXME: For now we conservatively ignore out of bound accesses, but + // we're allowed to perform the optimization in this case. + return false; + } + uint64_t Index = static_cast(SimplifiedAddrOpV) / ElemSize; if (Index >= CDS->getNumElements()) { // FIXME: For now we conservatively ignore out of bound accesses, but // we're allowed to perform the optimization in this case. -- 2.7.4