From 317420aa78687cca5fdd1b8ab0767462e1e8c2cf Mon Sep 17 00:00:00 2001 From: Michael Zolotukhin Date: Fri, 27 May 2016 00:55:16 +0000 Subject: [PATCH] [LoopUnrollAnalyzer] Bail out instead of dying with assert when facing huge index. This fixes PR27902. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@270946 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Analysis/LoopUnrollAnalyzer.cpp | 4 ++-- .../LoopUnroll/full-unroll-crashers.ll | 21 +++++++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/lib/Analysis/LoopUnrollAnalyzer.cpp b/lib/Analysis/LoopUnrollAnalyzer.cpp index d88ab163557..8a97a9f9522 100644 --- a/lib/Analysis/LoopUnrollAnalyzer.cpp +++ b/lib/Analysis/LoopUnrollAnalyzer.cpp @@ -119,8 +119,8 @@ bool UnrolledInstAnalyzer::visitLoad(LoadInst &I) { return false; int ElemSize = CDS->getElementType()->getPrimitiveSizeInBits() / 8U; - assert(SimplifiedAddrOp->getValue().getActiveBits() < 64 && - "Unexpectedly large index value."); + if (SimplifiedAddrOp->getValue().getActiveBits() >= 64) + return false; int64_t Index = SimplifiedAddrOp->getSExtValue() / ElemSize; if (Index >= CDS->getNumElements()) { // FIXME: For now we conservatively ignore out of bound accesses, but diff --git a/test/Transforms/LoopUnroll/full-unroll-crashers.ll b/test/Transforms/LoopUnroll/full-unroll-crashers.ll index 00d12c289cc..a8e4329e599 100644 --- a/test/Transforms/LoopUnroll/full-unroll-crashers.ll +++ b/test/Transforms/LoopUnroll/full-unroll-crashers.ll @@ -167,3 +167,24 @@ for.inc: for.end: ret void } + +define void @index_too_large() { +entry: + br label %for.body + +for.body: + %iv = phi i64 [ -73631599, %entry ], [ %iv.next, %for.inc ] + br i1 undef, label %for.body2, label %for.inc + +for.body2: + %idx = getelementptr inbounds [10 x i32], [10 x i32]* @known_constant, i64 0, i64 %iv + %x = load i32, i32* %idx, align 1 + br label %for.inc + +for.inc: + %iv.next = add nsw i64 %iv, -1 + br i1 undef, label %for.body, label %for.end + +for.end: + ret void +}