[llvm-commits] [llvm] r120956 - in /llvm/trunk: lib/VMCore/Instructions.cpp test/Assembler/extractvalue-invalid-idx.ll test/Assembler/insertvalue-invalid-idx.ll

Frits van Bommel fvbommel at gmail.com
Sun Dec 5 12:50:27 PST 2010 

Author: fvbommel
Date: Sun Dec  5 14:50:26 2010
New Revision: 120956

URL: http://llvm.org/viewvc/llvm-project?rev=120956&view=rev
Log:
Fix PR 4170 by having ExtractValueInst::getIndexedType() reject out-of-bounds indexing.

Also add asserts that the indices are valid in InsertValueInst::init(). ExtractValueInst already asserts when constructed with invalid indices.

Added:
    llvm/trunk/test/Assembler/extractvalue-invalid-idx.ll
    llvm/trunk/test/Assembler/insertvalue-invalid-idx.ll
Modified:
    llvm/trunk/lib/VMCore/Instructions.cpp

Modified: llvm/trunk/lib/VMCore/Instructions.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/VMCore/Instructions.cpp?rev=120956&r1=120955&r2=120956&view=diff
==============================================================================
--- llvm/trunk/lib/VMCore/Instructions.cpp (original)
+++ llvm/trunk/lib/VMCore/Instructions.cpp Sun Dec  5 14:50:26 2010
@@ -1424,6 +1424,8 @@
 void InsertValueInst::init(Value *Agg, Value *Val, const unsigned *Idx, 
                            unsigned NumIdx, const Twine &Name) {
   assert(NumOperands == 2 && "NumOperands not initialized?");
+  assert(ExtractValueInst::getIndexedType(Agg->getType(), Idx, Idx + NumIdx) ==
+         Val->getType() && "Inserted value must match indexed type!");
   Op<0>() = Agg;
   Op<1>() = Val;
 
@@ -1434,6 +1436,8 @@
 void InsertValueInst::init(Value *Agg, Value *Val, unsigned Idx, 
                            const Twine &Name) {
   assert(NumOperands == 2 && "NumOperands not initialized?");
+  assert(ExtractValueInst::getIndexedType(Agg->getType(), Idx) == Val->getType()
+         && "Inserted value must match indexed type!");
   Op<0>() = Agg;
   Op<1>() = Val;
 
@@ -1506,13 +1510,26 @@
 const Type* ExtractValueInst::getIndexedType(const Type *Agg,
                                              const unsigned *Idxs,
                                              unsigned NumIdx) {
-  unsigned CurIdx = 0;
-  for (; CurIdx != NumIdx; ++CurIdx) {
-    const CompositeType *CT = dyn_cast<CompositeType>(Agg);
-    if (!CT || CT->isPointerTy() || CT->isVectorTy()) return 0;
+  for (unsigned CurIdx = 0; CurIdx != NumIdx; ++CurIdx) {
     unsigned Index = Idxs[CurIdx];
-    if (!CT->indexValid(Index)) return 0;
-    Agg = CT->getTypeAtIndex(Index);
+    // We can't use CompositeType::indexValid(Index) here.
+    // indexValid() always returns true for arrays because getelementptr allows
+    // out-of-bounds indices. Since we don't allow those for extractvalue and
+    // insertvalue we need to check array indexing manually.
+    // Since the only other types we can index into are struct types it's just
+    // as easy to check those manually as well.
+    if (const ArrayType *AT = dyn_cast<ArrayType>(Agg)) {
+      if (Index >= AT->getNumElements())
+        return 0;
+    } else if (const StructType *ST = dyn_cast<StructType>(Agg)) {
+      if (Index >= ST->getNumElements())
+        return 0;
+    } else {
+      // Not a valid type to index into.
+      return 0;
+    }
+
+    Agg = cast<CompositeType>(Agg)->getTypeAtIndex(Index);
 
     // If the new type forwards to another type, then it is in the middle
     // of being refined to another type (and hence, may have dropped all
@@ -1521,7 +1538,7 @@
     if (const Type *Ty = Agg->getForwardedType())
       Agg = Ty;
   }
-  return CurIdx == NumIdx ? Agg : 0;
+  return Agg;
 }
 
 const Type* ExtractValueInst::getIndexedType(const Type *Agg,

Added: llvm/trunk/test/Assembler/extractvalue-invalid-idx.ll
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Assembler/extractvalue-invalid-idx.ll?rev=120956&view=auto
==============================================================================
--- llvm/trunk/test/Assembler/extractvalue-invalid-idx.ll (added)
+++ llvm/trunk/test/Assembler/extractvalue-invalid-idx.ll Sun Dec  5 14:50:26 2010
@@ -0,0 +1,8 @@
+; RUN: not llvm-as < %s |& grep {invalid indices for extractvalue}
+; PR4170
+
+define void @test() {
+entry:
+        extractvalue [0 x i32] undef, 0
+        ret void
+}

Added: llvm/trunk/test/Assembler/insertvalue-invalid-idx.ll
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Assembler/insertvalue-invalid-idx.ll?rev=120956&view=auto
==============================================================================
--- llvm/trunk/test/Assembler/insertvalue-invalid-idx.ll (added)
+++ llvm/trunk/test/Assembler/insertvalue-invalid-idx.ll Sun Dec  5 14:50:26 2010
@@ -0,0 +1,7 @@
+; RUN: not llvm-as < %s |& grep {invalid indices for insertvalue}
+
+define void @test() {
+entry:
+        insertvalue [0 x i32] undef, i32 0, 0
+        ret void
+}

More information about the llvm-commits mailing list