This is an archive of the discontinued LLVM Phabricator instance.

[GlobalOpt] Test array indices inside structs for out-of-bounds accesses
ClosedPublic

Authored by dmgreen on Jul 25 2018, 12:09 PM.

Details

Summary

First go at fixing PR38309. We now, from clang, can turn arrays of

static short g_data[] = {16, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 0, 0, 0, 0};

into structs of the form

@g_data = internal global <{ [8 x i16], [8 x i16] }> ...

GlobalOpt can incorrectly SROA it, not realising that the access to the first
element may overflow into the second.

I believe this makes the globalsra-partial.ll test case invalid as the %i value
could be out of bounds. I've re-purposed it as a negative test for this case.

Diff Detail

Event Timeline

dmgreen created this revision.Jul 25 2018, 12:09 PM
efriedma added inline comments.Jul 25 2018, 12:20 PM
lib/Transforms/IPO/GlobalOpt.cpp
382

Do we need to do the same GEP validation here?

414

"GEPI.isSequential() || GEPI.isStruct()" is always true.

dmgreen updated this revision to Diff 157453.Jul 26 2018, 4:09 AM

Rewrote a little to do the same checks on following GEPs.

This revision is now accepted and ready to land.Jul 27 2018, 5:07 PM
This revision was automatically updated to reflect the committed changes.