Index: llvm/include/llvm/Analysis/VectorUtils.h =================================================================== --- llvm/include/llvm/Analysis/VectorUtils.h +++ llvm/include/llvm/Analysis/VectorUtils.h @@ -277,7 +277,13 @@ bool insertMember(InstTy *Instr, int32_t Index, uint32_t NewAlign) { assert(NewAlign && "The new member's alignment should be non-zero"); - int32_t Key = Index + SmallestKey; + // Make sure the key fits in an int32_t. + int64_t KeyLong = + static_cast(Index) + static_cast(SmallestKey); + if (KeyLong > std::numeric_limits::max() - 2 || + KeyLong < std::numeric_limits::min() + 2) + return false; + int32_t Key = KeyLong; // Skip if there is already a member with the same index. if (Members.find(Key) != Members.end()) @@ -285,13 +291,21 @@ if (Key > LargestKey) { // The largest index is always less than the interleave factor. - if (Index >= static_cast(Factor)) + if (Index >= static_cast(Factor)) return false; LargestKey = Key; } else if (Key < SmallestKey) { + + // Make sure the largest index fits in an int32_t. + int64_t LargestIndex = + static_cast(LargestKey) - static_cast(Key); + if (LargestIndex > std::numeric_limits::max() || + LargestIndex < std::numeric_limits::min()) + return false; + // The largest index is always less than the interleave factor. - if (LargestKey - Key >= static_cast(Factor)) + if (LargestIndex >= static_cast(Factor)) return false; SmallestKey = Key; Index: llvm/test/Transforms/LoopVectorize/X86/interleaved-accesses-large-gap.ll =================================================================== --- /dev/null +++ llvm/test/Transforms/LoopVectorize/X86/interleaved-accesses-large-gap.ll @@ -0,0 +1,70 @@ +; RUN: opt < %s -loop-vectorize -mtriple x86_64 -S | FileCheck %s + +%struct.ST4 = type { i32, i32, i32, i32 } + +; The gaps between the memory access in this function are too large for +; interleaving. + +; Test from https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7560 +define void @test1(%struct.ST4* noalias %B) { +; CHECK-LABEL: @test1 +; CHECK-NEXT: entry: +; CHECK-NEXT: br label %for.body + +; CHECK-LABEL: for.body: +; CHECK: store i32 +; CHECK: store i32 +; CHECK: store i32 +; CHECK: store i32 +; CHECK-NOT: store +; +entry: + br label %for.body + +for.body: ; preds = %for.body, %entry + %indvars.iv = phi i64 [ 0, %entry ], [ %indvars.iv.next, %for.body ] + %p1 = getelementptr inbounds %struct.ST4, %struct.ST4* %B, i64 %indvars.iv, i32 0 + store i32 65536, i32* %p1, align 4 + %p2 = getelementptr i32, i32* %p1, i32 -2147483648 + store i32 65536, i32* %p2, align 4 + %p3 = getelementptr inbounds %struct.ST4, %struct.ST4* %B, i64 %indvars.iv, i32 2 + store i32 10, i32* %p3, align 4 + %p4 = getelementptr inbounds %struct.ST4, %struct.ST4* %B, i64 %indvars.iv, i32 3 + store i32 12, i32* %p4, align 4 + %indvars.iv.next = add nuw nsw i64 %indvars.iv, 1 + %exitcond = icmp eq i64 %indvars.iv.next, 1024 + br i1 %exitcond, label %for.cond.cleanup, label %for.body + +for.cond.cleanup: ; preds = %for.body + ret void +} + +; Test from https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11638 +define void @test2() { +; CHECK-LABEL: @test2 +; CHECK-NEXT: entry: +; CHECK-NEXT: br label %for.body + +; CHECK-LABEL: for.body: +; CHECK: store i32 +; CHECK: store i32 +; CHECK-NOT: store +; +entry: + br label %for.body + +for.body: ; preds = %for.body, %entry + %indvars.iv = phi i64 [ 1, %entry ], [ %0, %for.body ] + %0 = add nsw i64 %indvars.iv, -1 + %arrayidx = getelementptr inbounds [3 x i32], [3 x i32]* undef, i64 0, i64 %0 + %G2 = getelementptr i32, i32* %arrayidx, i64 %0 + %B = sub i32 -2147483648, -2147483648 + %G9 = getelementptr i32, i32* %G2, i32 -2147483648 + %G1 = getelementptr i32, i32* %arrayidx, i64 %0 + store i32 %B, i32* %G1 + store i32 %B, i32* %G9 + br i1 false, label %for.body, label %for.cond.cleanup + +for.cond.cleanup: ; preds = %for.body + ret void +}