[llvm] r324943 - [LSR] Avoid UB overflow when examining reuse opportunities

Gerolf Hoflehner via llvm-commits llvm-commits at lists.llvm.org
Mon Feb 12 13:49:33 PST 2018 

Author: ghoflehner
Date: Mon Feb 12 13:49:32 2018
New Revision: 324943

URL: http://llvm.org/viewvc/llvm-project?rev=324943&view=rev
Log:
[LSR] Avoid UB overflow when examining reuse opportunities

Added:
    llvm/trunk/test/CodeGen/X86/loop-strength-reduce-overflow-check.ll
Modified:
    llvm/trunk/lib/Transforms/Scalar/LoopStrengthReduce.cpp

Modified: llvm/trunk/lib/Transforms/Scalar/LoopStrengthReduce.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Transforms/Scalar/LoopStrengthReduce.cpp?rev=324943&r1=324942&r2=324943&view=diff
==============================================================================
--- llvm/trunk/lib/Transforms/Scalar/LoopStrengthReduce.cpp (original)
+++ llvm/trunk/lib/Transforms/Scalar/LoopStrengthReduce.cpp Mon Feb 12 13:49:32 2018
@@ -3939,6 +3939,11 @@ void LSRInstance::GenerateCrossUseConsta
     if (Imms.size() == 1)
       continue;
 
+    // UB: Check for overflow
+    int64_t Res;
+    if (__builtin_saddll_overflow(Imms.begin()->first, std::prev(Imms.end())->first, &Res))
+      continue;
+
     DEBUG(dbgs() << "Generating cross-use offsets for " << *Reg << ':';
           for (const auto &Entry : Imms)
             dbgs() << ' ' << Entry.first;

Added: llvm/trunk/test/CodeGen/X86/loop-strength-reduce-overflow-check.ll
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/CodeGen/X86/loop-strength-reduce-overflow-check.ll?rev=324943&view=auto
==============================================================================
--- llvm/trunk/test/CodeGen/X86/loop-strength-reduce-overflow-check.ll (added)
+++ llvm/trunk/test/CodeGen/X86/loop-strength-reduce-overflow-check.ll Mon Feb 12 13:49:32 2018
@@ -0,0 +1,26 @@
+; RUN: llc < %s -O1 -mtriple=x86_64-unknown-unknown
+
+; LSR has to check for overflow to avoid UB when it examines reuse opportunities
+; Clang built with UBSan would expose the issue in this test case
+
+define void @main() {
+bb:
+  br label %bb1
+
+bb1:                                              ; preds = %bb1, %bb
+  %tmp = phi i64 [ 248268322795906120, %bb ], [ %tmp10, %bb1 ]
+  %tmp2 = sub i64 %tmp, 248268322795906120
+  %tmp3 = getelementptr i8, i8* undef, i64 %tmp2
+  %tmp4 = sub i64 %tmp, 248268322795906120
+  %tmp5 = getelementptr i8, i8* undef, i64 %tmp4
+  %tmp6 = getelementptr i8, i8* %tmp5, i64 -9086989864993762928
+  %tmp7 = load i8, i8* %tmp6, align 1
+  %tmp8 = getelementptr i8, i8* %tmp3, i64 -1931736422337600660
+  store i8 undef, i8* %tmp8
+  %tmp9 = add i64 %tmp, 248268322795906121
+  %tmp10 = add i64 %tmp9, -248268322795906120
+  br i1 undef, label %bb11, label %bb1
+
+bb11:                                             ; preds = %bb1
+  ret void
+}

More information about the llvm-commits mailing list