[LLVMdev] "icmp sgt" when it should be "ugt" ?

[Duncan Sands]

Hi Eli,

>>> Icmp sgt is correct.
>>
>> while ugt would be wrong, I think sgt is too!
>>
>> For example, suppose %buf is 0 and %bufLen is ~0U.  Then %add.ptr is ~0U, and
>> %cmp is true, so control branches to %if.then.  However in the optimized version
>> %cmp is false and control branches to %if.end.
>>
>> The GEP does have an inbounds attribute, I'm not sure if that is relevant here.
>
> It is relevant: in your proposed scenario, the GEP returns undef.

by the way, is GEP arithmetic supposed to be signed or unsigned?

The LangRef says: "...if any of the addresses that would be formed by
successive addition of the offsets implied by the indices to the base address
with infinitely precise arithmetic are not an in bounds address of that
allocated object".  But it doesn't say how the address (i.e. a number in the
ring of integers mod 2^32) gets represented as an integer (presumably what the
"infinitely precise arithmetic" refers too).

For example, consider the address ~0U.  This could be represented by any of the
integers: ...-1 - 2^32, -1, 2^32 - 1 , 2*2^32 - 1, ...

If you choose -1, and also have an offset of -1, then the sum is -2 which may
well still be inside your object.  If you choose 2^32-1, and also 2^32-1 for
the offset, then the sum is 2*2^32-2, which presumably is not considered to be
inside your object (it would be if you reduced modulo 2^32, but then there
would be no point in using infinite precision arithmetic, so I suppose that that
is not what is intended).

Ciao, Duncan.