[llvm] r348957 - [ConstantFold] Use getMinSignedBits for APInt in isIndexInRangeOfArrayType.

Florian Hahn via llvm-commits llvm-commits at lists.llvm.org
Wed Dec 12 10:55:15 PST 2018 

Author: fhahn
Date: Wed Dec 12 10:55:14 2018
New Revision: 348957

URL: http://llvm.org/viewvc/llvm-project?rev=348957&view=rev
Log:
[ConstantFold] Use getMinSignedBits for APInt in isIndexInRangeOfArrayType.

Indices for getelementptr can be signed so we should use
getMinSignedBits instead of getActiveBits here. The function later calls
getSExtValue to get the int64_t value, which also checks
getMinSignedBits.

This fixes  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11647.

Reviewers: mssimpso, efriedma, davide

Reviewed By: efriedma

Differential Revision: https://reviews.llvm.org/D55536

Modified:
    llvm/trunk/lib/IR/ConstantFold.cpp
    llvm/trunk/test/Transforms/SCCP/apint-bigint2.ll

Modified: llvm/trunk/lib/IR/ConstantFold.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/IR/ConstantFold.cpp?rev=348957&r1=348956&r2=348957&view=diff
==============================================================================
--- llvm/trunk/lib/IR/ConstantFold.cpp (original)
+++ llvm/trunk/lib/IR/ConstantFold.cpp Wed Dec 12 10:55:14 2018
@@ -2053,7 +2053,7 @@ static bool isInBoundsIndices(ArrayRef<I
 static bool isIndexInRangeOfArrayType(uint64_t NumElements,
                                       const ConstantInt *CI) {
   // We cannot bounds check the index if it doesn't fit in an int64_t.
-  if (CI->getValue().getActiveBits() > 64)
+  if (CI->getValue().getMinSignedBits() > 64)
     return false;
 
   // A negative index or an index past the end of our sequential type is

Modified: llvm/trunk/test/Transforms/SCCP/apint-bigint2.ll
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Transforms/SCCP/apint-bigint2.ll?rev=348957&r1=348956&r2=348957&view=diff
==============================================================================
--- llvm/trunk/test/Transforms/SCCP/apint-bigint2.ll (original)
+++ llvm/trunk/test/Transforms/SCCP/apint-bigint2.ll Wed Dec 12 10:55:14 2018
@@ -13,7 +13,7 @@ define i101 @array() {
    %E = trunc i101 %DD to i32
    %F = getelementptr [6 x i101], [6 x i101]* @Y, i32 0, i32 %E
    %G = load i101, i101* %F
- 
+
    ret i101 %G
 }
 
@@ -28,3 +28,13 @@ define i101 @large_aggregate() {
   %L3 = load i101, i101* %G
   ret i101 %L3
 }
+
+; CHECK-LABEL: @index_too_large
+; CHECK-NEXT: store i101* getelementptr (i101, i101* getelementptr ([6 x i101], [6 x i101]* @Y, i32 0, i32 -1), i101 9224497936761618431), i101** undef
+; CHECK-NEXT: ret void
+define void @index_too_large() {
+  %ptr1 = getelementptr [6 x i101], [6 x i101]* @Y, i32 0, i32 -1
+  %ptr2 = getelementptr i101, i101* %ptr1, i101 9224497936761618431
+  store i101* %ptr2, i101** undef
+  ret void
+}

More information about the llvm-commits mailing list