Teach BasicAliasAnalysis to understand constant gep indices that fall

beyond their associated static array type. I believe that this fixes a legitimate bug, because BasicAliasAnalysis already has code to check for this condition that works for non-constant indices, however it was missing the case of constant indices. With this change, it checks for both. This fixes PR4267, and miscompiles of SPEC 188.ammp and 464.h264.href. llvm-svn: 72451
author: Dan Gohman <gohman@apple.com> 2009-05-27 01:48:27 +0000
committer: Dan Gohman <gohman@apple.com> 2009-05-27 01:48:27 +0000
commit: 776e4c8d359ebf0fa2510f8bf3a72797537be7d1 (patch)
tree: 0d1631b3564919af8288be9b76009771dfba59e6 /llvm/lib/Analysis/BasicAliasAnalysis.cpp
parent: ace7215dd4ab29876036830c7d155bdd8e1fa0ba (diff)
download: bcm5719-llvm-776e4c8d359ebf0fa2510f8bf3a72797537be7d1.tar.gz
bcm5719-llvm-776e4c8d359ebf0fa2510f8bf3a72797537be7d1.zip
1 files changed, 25 insertions, 4 deletions
diff --git a/llvm/lib/Analysis/BasicAliasAnalysis.cpp b/llvm/lib/Analysis/BasicAliasAnalysis.cpp
index d9587463591..d0620456399 100644
--- a/llvm/lib/Analysis/BasicAliasAnalysis.cpp
+++ b/llvm/lib/Analysis/BasicAliasAnalysis.cpp
@@ -611,18 +611,39 @@ BasicAliasAnalysis::CheckGEPInstructions(
           if (G1OC != G2OC) {
             // Handle the "be careful" case above: if this is an array/vector
             // subscript, scan for a subsequent variable array index.
-            if (isa<SequentialType>(BasePtr1Ty))  {
-              const Type *NextTy =
-                cast<SequentialType>(BasePtr1Ty)->getElementType();
+            if (const SequentialType *STy =
+                  dyn_cast<SequentialType>(BasePtr1Ty)) {
+              const Type *NextTy = STy;
               bool isBadCase = false;
               
-              for (unsigned Idx = FirstConstantOper+1;
+              for (unsigned Idx = FirstConstantOper;
                    Idx != MinOperands && isa<SequentialType>(NextTy); ++Idx) {
                 const Value *V1 = GEP1Ops[Idx], *V2 = GEP2Ops[Idx];
                 if (!isa<Constant>(V1) || !isa<Constant>(V2)) {
                   isBadCase = true;
                   break;
                 }
+                // If the array is indexed beyond the bounds of the static type
+                // at this level, it will also fall into the "be careful" case.
+                // It would theoretically be possible to analyze these cases,
+                // but for now just be conservatively correct.
+                if (const ArrayType *ATy = dyn_cast<ArrayType>(STy))
+                  if (cast<ConstantInt>(G1OC)->getZExtValue() >=
+                        ATy->getNumElements() ||
+                      cast<ConstantInt>(G2OC)->getZExtValue() >=
+                        ATy->getNumElements()) {
+                    isBadCase = true;
+                    break;
+                  }
+                if (const VectorType *VTy = dyn_cast<VectorType>(STy))
+                  if (cast<ConstantInt>(G1OC)->getZExtValue() >=
+                        VTy->getNumElements() ||
+                      cast<ConstantInt>(G2OC)->getZExtValue() >=
+                        VTy->getNumElements()) {
+                    isBadCase = true;
+                    break;
+                  }
+                STy = cast<SequentialType>(NextTy);
                 NextTy = cast<SequentialType>(NextTy)->getElementType();
               }
author	Dan Gohman <gohman@apple.com>	2009-05-27 01:48:27 +0000
committer	Dan Gohman <gohman@apple.com>	2009-05-27 01:48:27 +0000
commit	776e4c8d359ebf0fa2510f8bf3a72797537be7d1 (patch)
tree	0d1631b3564919af8288be9b76009771dfba59e6 /llvm/lib/Analysis/BasicAliasAnalysis.cpp
parent	ace7215dd4ab29876036830c7d155bdd8e1fa0ba (diff)
download	bcm5719-llvm-776e4c8d359ebf0fa2510f8bf3a72797537be7d1.tar.gz bcm5719-llvm-776e4c8d359ebf0fa2510f8bf3a72797537be7d1.zip