[all-commits] [llvm/llvm-project] e6e5ef: [basicaa] Fix a latent bug in isGEPBaseAtNegativeO...
Philip Reames via All-commits
all-commits at lists.llvm.org
Wed Mar 3 08:48:18 PST 2021
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: e6e5ef40cbc239754003c93c46df644dad8a8272
https://github.com/llvm/llvm-project/commit/e6e5ef40cbc239754003c93c46df644dad8a8272
Author: Philip Reames <listmail at philipreames.com>
Date: 2021-03-03 (Wed, 03 Mar 2021)
Changed paths:
M llvm/include/llvm/Analysis/BasicAliasAnalysis.h
M llvm/lib/Analysis/BasicAliasAnalysis.cpp
M llvm/test/Analysis/BasicAA/negoffset.ll
Log Message:
-----------
[basicaa] Fix a latent bug in isGEPBaseAtNegativeOffset
This was pointed out in review of D97520 by Nikita, but existed in the original code as well.
The basic issue is that a decomposed GEP expression describes (potentially) more than one getelementptr. The "inbounds" derived UB which justifies this aliasing rule requires that the entire offset be composed of "inbounds" geps. Otherwise, as can be seen in the recently added and changes in this patch test, we can end up with a large commulative offset with only a small sub-offset actually being "inbounds". If that small sub-offset lies within the object, the result was unsound.
We could potentially be fancier here, but for the moment, simply be conservative when any of the GEPs parsed aren't inbounds.
More information about the All-commits
mailing list