[PATCH] D31242: [ARM] t2_so_imm_neg had a subtle bug in the conversion, and could trigger UB by negating (int)-2147483648. By pure luck, none of the pre-existing tests triggered this; so I'm adding one.
A. Skrobov via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Wed Mar 22 07:49:28 PDT 2017
tyomitch created this revision.
Herald added a subscriber: aemerson.
Thanks to Vitaly Buka for helping catch this.
https://reviews.llvm.org/D31242
Files:
lib/Target/ARM/ARMInstrThumb2.td
test/CodeGen/Thumb/ispositive.ll
Index: test/CodeGen/Thumb/ispositive.ll
===================================================================
--- test/CodeGen/Thumb/ispositive.ll
+++ test/CodeGen/Thumb/ispositive.ll
@@ -9,3 +9,12 @@
ret i32 %1
}
+define i32 @test2(i32 %X) {
+entry:
+; CHECK-LABEL: test2:
+; CHECK: lsls r1, r1, #31
+; CHECK-NEXT: adds
+ %tmp1 = sub i32 %X, 2147483648
+ ret i32 %tmp1
+}
+
Index: lib/Target/ARM/ARMInstrThumb2.td
===================================================================
--- lib/Target/ARM/ARMInstrThumb2.td
+++ lib/Target/ARM/ARMInstrThumb2.td
@@ -111,7 +111,9 @@
// t2_so_imm_neg - Match an immediate that is a negation of a t2_so_imm.
def t2_so_imm_neg_asmoperand : AsmOperandClass { let Name = "T2SOImmNeg"; }
def t2_so_imm_neg : Operand<i32>, PatLeaf<(imm), [{
- int64_t Value = -(int)N->getZExtValue();
+ int64_t Value = N->getZExtValue();
+ if (Value == 1LL<<31) return false; // INT_MIN cannot be negated
+ Value = -(int)Value;
return Value && ARM_AM::getT2SOImmVal(Value) != -1;
}], t2_so_imm_neg_XFORM> {
let ParserMatchClass = t2_so_imm_neg_asmoperand;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D31242.92639.patch
Type: text/x-patch
Size: 1114 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170322/1bc01b6b/attachment.bin>
More information about the llvm-commits
mailing list