Fix a integer overflow in SimplifyCFG's look up table formation logic.

If the width is very large it gets truncated from uint64_t to uint32_t when passed to TD->fitsInLegalInteger. The truncated value can fit in a register. This manifested in massive memory usage or crashes (PR13946). llvm-svn: 164784
author: Benjamin Kramer <benny.kra@googlemail.com> 2012-09-27 18:29:58 +0000
committer: Benjamin Kramer <benny.kra@googlemail.com> 2012-09-27 18:29:58 +0000
commit: c2081d1c19f71e1264e33e91425249fc8a4325f2 (patch)
tree: 10a83310b512f5ba063a48ab5c5dbf4d49a6782c /llvm/lib/Transforms
parent: eb9c0d0ed592736bfc6ed4ae4e6420c2140af1e3 (diff)
download: bcm5719-llvm-c2081d1c19f71e1264e33e91425249fc8a4325f2.tar.gz
bcm5719-llvm-c2081d1c19f71e1264e33e91425249fc8a4325f2.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/llvm/lib/Transforms/Utils/SimplifyCFG.cpp b/llvm/lib/Transforms/Utils/SimplifyCFG.cpp
index 299c0596da3..065325b7c25 100644
--- a/llvm/lib/Transforms/Utils/SimplifyCFG.cpp
+++ b/llvm/lib/Transforms/Utils/SimplifyCFG.cpp
@@ -3414,6 +3414,10 @@ bool SwitchLookupTable::WouldFitInRegister(const TargetData *TD,
     return false;
   // FIXME: If the type is wider than it needs to be, e.g. i8 but all values
   // are <= 15, we could try to narrow the type.
+
+  // Avoid overflow, fitsInLegalInteger uses unsigned int for the width.
+  if (TableSize >= UINT_MAX/IT->getBitWidth())
+    return false;
   return TD->fitsInLegalInteger(TableSize * IT->getBitWidth());
 }
author	Benjamin Kramer <benny.kra@googlemail.com>	2012-09-27 18:29:58 +0000
committer	Benjamin Kramer <benny.kra@googlemail.com>	2012-09-27 18:29:58 +0000
commit	c2081d1c19f71e1264e33e91425249fc8a4325f2 (patch)
tree	10a83310b512f5ba063a48ab5c5dbf4d49a6782c /llvm/lib/Transforms
parent	eb9c0d0ed592736bfc6ed4ae4e6420c2140af1e3 (diff)
download	bcm5719-llvm-c2081d1c19f71e1264e33e91425249fc8a4325f2.tar.gz bcm5719-llvm-c2081d1c19f71e1264e33e91425249fc8a4325f2.zip