[PATCH] D24774: [Loads] Fix crash in is isDereferenceableAndAlignedPointer()

Tom Stellard via llvm-commits llvm-commits at lists.llvm.org
Tue Sep 20 11:37:43 PDT 2016 

tstellarAMD created this revision.
tstellarAMD added a reviewer: majnemer.
tstellarAMD added a subscriber: llvm-commits.
Herald added a subscriber: wdng.

We were trying to add APInt values with different bit sizes after
visiting an addrspacecast instruction which changed the bit width
of the pointer.

https://reviews.llvm.org/D24774

Files:
  lib/Analysis/Loads.cpp
  test/Analysis/ValueTracking/dereferenceable-and-aligned.ll

Index: test/Analysis/ValueTracking/dereferenceable-and-aligned.ll
===================================================================
--- /dev/null
+++ test/Analysis/ValueTracking/dereferenceable-and-aligned.ll
@@ -0,0 +1,21 @@
+; RUN: opt < %s -licm -S | FileCheck %s
+
+target datalayout = "e-p:32:32-p1:64:64-p4:64:64"
+
+; Make sure isDereferenceableAndAlignePointer() doesn't crash when looking
+; walking pointer defs with an addrspacecast that changes pointer size.
+; CHECK-LABEL: @addrspacecast_crash
+define void @addrspacecast_crash() {
+bb:
+  %tmp = alloca [256 x i32]
+  br label %bb1
+
+bb1:
+  %tmp2 = getelementptr inbounds [256 x i32], [256 x i32]* %tmp, i32 0, i32 36
+  %tmp3 = bitcast i32* %tmp2 to <4 x i32>*
+  %tmp4 = addrspacecast <4 x i32>* %tmp3 to <4 x i32> addrspace(4)*
+  %tmp5 = load <4 x i32>, <4 x i32> addrspace(4)* %tmp4
+  %tmp6 = xor <4 x i32> %tmp5, undef
+  store <4 x i32> %tmp6, <4 x i32> addrspace(1)* undef
+  br label %bb1
+}
Index: lib/Analysis/Loads.cpp
===================================================================
--- lib/Analysis/Loads.cpp
+++ lib/Analysis/Loads.cpp
@@ -91,7 +91,10 @@
     // then the GEP (== Base + Offset == k_0 * Align + k_1 * Align) is also
     // aligned to Align bytes.
 
-    return isDereferenceableAndAlignedPointer(Base, Align, Offset + Size, DL,
+    // Offset and Size may have different bit widths if we have visited an
+    // addrspacecast, so we can't do arithmetic directly on the APInt values.
+    return isDereferenceableAndAlignedPointer(Base, Align,
+                                              Offset + Size.getSExtValue(), DL,
                                               CtxI, DT, Visited);
   }
 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D24774.71962.patch
Type: text/x-patch
Size: 1702 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20160920/bd0fc7b3/attachment.bin>

More information about the llvm-commits mailing list