[PATCH] D47531: [ValueTracking] Fix endless recursion in isKnownNonZero()
Karl-Johan Karlsson via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Wed May 30 06:10:48 PDT 2018
Ka-Ka created this revision.
Ka-Ka added reviewers: Prazek, nlopes, spatel, craig.topper.
The isKnownNonZero() function have checks that abort the recursion when
it reach the specified max depth. However one of the recursive calls was
placed before the max depth check was done, resulting in a endless
recursion that eventually triggered a segmentation fault.
Fixed the problem by moving the max depth check above the first
recursive call.
Repository:
rL LLVM
https://reviews.llvm.org/D47531
Files:
lib/Analysis/ValueTracking.cpp
test/Transforms/CorrelatedValuePropagation/pointer.ll
Index: test/Transforms/CorrelatedValuePropagation/pointer.ll
===================================================================
--- /dev/null
+++ test/Transforms/CorrelatedValuePropagation/pointer.ll
@@ -0,0 +1,35 @@
+; NOTE: Assertions have been autogenerated by utils/update_test_checks.py
+; RUN: opt -correlated-propagation -S -mtriple=i686-- -o - %s | FileCheck %s
+
+; Testcast that check that we don't end in a neverending recursion resulting in
+; a segmentation fault. The checks below verify that nothing is changed.
+
+declare dso_local i16* @f2(i16* readnone returned) local_unnamed_addr
+
+define dso_local void @f3() local_unnamed_addr {
+; CHECK-LABEL: @f3(
+; CHECK-NEXT: entry:
+; CHECK-NEXT: br label [[FOR_COND:%.*]]
+; CHECK: for.end:
+; CHECK-NEXT: [[CALL6:%.*]] = call i16* @f2(i16* [[CALL6]])
+; CHECK-NEXT: br i1 false, label [[FOR_COND]], label [[FOR_COND3:%.*]]
+; CHECK: for.cond:
+; CHECK-NEXT: [[C_0:%.*]] = phi i16* [ undef, [[ENTRY:%.*]] ], [ [[CALL6]], [[FOR_END:%.*]] ]
+; CHECK-NEXT: br label [[FOR_COND3]]
+; CHECK: for.cond3:
+; CHECK-NEXT: ret void
+;
+entry:
+ br label %for.cond
+
+for.end:
+ %call6 = call i16* @f2(i16* %call6)
+ br i1 false, label %for.cond, label %for.cond3
+
+for.cond:
+ %c.0 = phi i16* [ undef, %entry ], [ %call6, %for.end ]
+ br label %for.cond3
+
+for.cond3:
+ ret void
+}
Index: lib/Analysis/ValueTracking.cpp
===================================================================
--- lib/Analysis/ValueTracking.cpp
+++ lib/Analysis/ValueTracking.cpp
@@ -1943,6 +1943,10 @@
}
}
+ // Some of the tests below are recursive, so bail out if we hit the limit.
+ if (Depth++ >= MaxDepth)
+ return false;
+
// Check for pointer simplifications.
if (V->getType()->isPointerTy()) {
// Alloca never returns null, malloc might.
@@ -1963,13 +1967,10 @@
if (CS.isReturnNonNull())
return true;
if (const auto *RP = getArgumentAliasingToReturnedPointer(CS))
- return isKnownNonZero(RP, Depth + 1, Q);
+ return isKnownNonZero(RP, Depth, Q);
}
}
- // The remaining tests are all recursive, so bail out if we hit the limit.
- if (Depth++ >= MaxDepth)
- return false;
// Check for recursive pointer simplifications.
if (V->getType()->isPointerTy()) {
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D47531.149103.patch
Type: text/x-patch
Size: 2325 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20180530/d6da04a6/attachment.bin>
More information about the llvm-commits
mailing list