6502/llvm-6502
1
0
Fork 0
mirror of https://github.com/c64scene-ar/llvm-6502.git synced 2025-08-15 22:28:18 +00:00
Code Issues Projects Releases Wiki Activity

Fix PR2423 by checking all indices for out of range access, not only

Browse Source 
indices that start with an array subscript.  x->field[10000] is just 
as bad as (*X)[14][10000].


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@55226 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
Chris Lattner
2008-08-23 05:21:06 +00:00
parent b4f572597e
commit 88e6dc8bf1
2 changed files with 53 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
lib/Transforms/Scalar/ScalarReplAggregates.cpp
View File

@@ -511,42 +511,12 @@ void SROA::isSafeUseOfAllocation(Instruction *User, AllocationInst *AI,
bool IsAllZeroIndices = true; bool IsAllZeroIndices = true;
// If this is a use of an array allocation, do a bit more checking for sanity. // If the first index is a non-constant index into an array, see if we can
// handle it as a special case.
if (const ArrayType *AT = dyn_cast<ArrayType>(*I)) { if (const ArrayType *AT = dyn_cast<ArrayType>(*I)) {
uint64_t NumElements = AT->getNumElements(); if (!isa<ConstantInt>(I.getOperand())) {
if (ConstantInt *Idx = dyn_cast<ConstantInt>(I.getOperand())) {
IsAllZeroIndices &= Idx->isZero();
// Check to make sure that index falls within the array. If not,
// something funny is going on, so we won't do the optimization.
//
if (Idx->getZExtValue() >= NumElements)
return MarkUnsafe(Info);
// We cannot scalar repl this level of the array unless any array
// sub-indices are in-range constants. In particular, consider:
// A[0][i]. We cannot know that the user isn't doing invalid things like
// allowing i to index an out-of-range subscript that accesses A[1].
//
// Scalar replacing *just* the outer index of the array is probably not
// going to be a win anyway, so just give up.
for (++I; I != E && (isa<ArrayType>(*I) || isa<VectorType>(*I)); ++I) {
uint64_t NumElements;
if (const ArrayType *SubArrayTy = dyn_cast<ArrayType>(*I))
NumElements = SubArrayTy->getNumElements();
else
NumElements = cast<VectorType>(*I)->getNumElements();
ConstantInt *IdxVal = dyn_cast<ConstantInt>(I.getOperand());
if (!IdxVal) return MarkUnsafe(Info);
if (IdxVal->getZExtValue() >= NumElements)
return MarkUnsafe(Info);
IsAllZeroIndices &= IdxVal->isZero();
}
} else {
IsAllZeroIndices = 0; IsAllZeroIndices = 0;
uint64_t NumElements = AT->getNumElements();
// If this is an array index and the index is not constant, we cannot // If this is an array index and the index is not constant, we cannot
// promote... that is unless the array has exactly one or two elements in // promote... that is unless the array has exactly one or two elements in
@@ -560,7 +530,33 @@ void SROA::isSafeUseOfAllocation(Instruction *User, AllocationInst *AI,
return MarkUnsafe(Info); return MarkUnsafe(Info);
} }
} }
// Walk through the GEP type indices, checking the types that this indexes
// into.
for (; I != E; ++I) {
// Ignore struct elements, no extra checking needed for these.
if (isa<StructType>(*I))
continue;
// Don't SROA pointers into vectors.
if (isa<VectorType>(*I))
return MarkUnsafe(Info);
// Otherwise, we must have an index into an array type. Verify that this is
// an in-range constant integer. Specifically, consider A[0][i]. We
// cannot know that the user isn't doing invalid things like allowing i to
// index an out-of-range subscript that accesses A[1]. Because of this, we
// have to reject SROA of any accesses into structs where any of the
// components are variables.
ConstantInt *IdxVal = dyn_cast<ConstantInt>(I.getOperand());
if (!IdxVal) return MarkUnsafe(Info);
if (IdxVal->getZExtValue() >= cast<ArrayType>(*I)->getNumElements())
return MarkUnsafe(Info);
IsAllZeroIndices &= IdxVal->isZero();
}
// If there are any non-simple uses of this getelementptr, make sure to reject // If there are any non-simple uses of this getelementptr, make sure to reject
// them. // them.
return isSafeElementUse(GEPI, IsAllZeroIndices, AI, Info); return isSafeElementUse(GEPI, IsAllZeroIndices, AI, Info);

22
test/Transforms/ScalarRepl/2008-08-22-out-of-range-array-promote.ll Normal file
View File

@@ -0,0 +1,22 @@
; RUN: llvm-as < %s | opt -scalarrepl | llvm-dis | grep {s = alloca .struct.x}
; PR2423
target datalayout = "e-p:32:32:32-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:32:64-f32:32:32-f64:32:64-v64:64:64-v128:128:128-a0:0:64-f80:128:128"
target triple = "i386-apple-darwin8"
%struct.x = type { [1 x i32], i32, i32 }
define i32 @b() nounwind {
entry:
%s = alloca %struct.x ; <%struct.x*> [#uses=2]
%r = alloca %struct.x ; <%struct.x*> [#uses=2]
call i32 @a( %struct.x* %s ) nounwind ; <i32>:0 [#uses=0]
%r1 = bitcast %struct.x* %r to i8* ; <i8*> [#uses=1]
%s2 = bitcast %struct.x* %s to i8* ; <i8*> [#uses=1]
call void @llvm.memcpy.i32( i8* %r1, i8* %s2, i32 12, i32 8 )
getelementptr %struct.x* %r, i32 0, i32 0, i32 1 ; <i32*>:1 [#uses=1]
load i32* %1, align 4 ; <i32>:2 [#uses=1]
ret i32 %2
}
declare i32 @a(%struct.x*)
declare void @llvm.memcpy.i32(i8*, i8*, i32, i32) nounwind