[llvm-bugs] [Bug 42699] New: EmitGEPOffset() incorrectly adds NUW to multiplications
via llvm-bugs
llvm-bugs at lists.llvm.org
Sun Jul 21 03:27:39 PDT 2019
https://bugs.llvm.org/show_bug.cgi?id=42699
Bug ID: 42699
Summary: EmitGEPOffset() incorrectly adds NUW to
multiplications
Product: libraries
Version: trunk
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P
Component: Transformation Utilities
Assignee: unassignedbugs at nondot.org
Reporter: nunoplopes at sapo.pt
CC: llvm-bugs at lists.llvm.org, regehr at cs.utah.edu,
sanjoy at playingwithpointers.com
The following transformation in test/Transforms/InstCombine/sub.ll exposes a
bug in EmitGEPOffset() that dates back to 2011.
It assumes that 'gep inbounds' guarantees that %i * 4 doesn't overflow
unsigned, which isn't true since %i could be negative.
Changing nuw to nsw makes it correct.
Alive's report:
define i64 @test30(* %foo, i64 %i, i64 %j) {
%bit = bitcast * %foo to *
%gep1 = gep inbounds * %bit, 4 x i64 %i
%gep2 = gep inbounds * %foo, 1 x i64 %j
%cast1 = ptrtoint * %gep1 to i64
%cast2 = ptrtoint * %gep2 to i64
%sub = sub i64 %cast1, %cast2
ret i64 %sub
}
=>
define i64 @test30(* %foo, i64 %i, i64 %j) {
%gep1.idx = shl nuw i64 %i, 2
%1 = sub i64 %gep1.idx, %j
ret i64 %1
}
Transformation doesn't verify!
ERROR: Target is more poisonous than source
Example:
* %foo = pointer(non-local, block_id=0, offset=8)
i64 %i = -1
i64 %j = 0
Source:
* %bit = pointer(non-local, block_id=0, offset=8)
* %gep1 = pointer(non-local, block_id=0, offset=4)
* %gep2 = pointer(non-local, block_id=0, offset=8)
i64 %sub = -4
Target:
i64 %gep1.idx = poison
i64 %1 = poison
Source value: -4
Target value: poison
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20190721/a0903ee1/attachment.html>
More information about the llvm-bugs
mailing list