llvm.org GIT mirror llvm / 0d1bc5f
Detect overflow in the path count computation. rdar://12277446. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@163739 91177308-0d34-0410-b5e6-96231b3b80d8 Dan Gohman 7 years ago
2 changed file(s) with 342 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
2828 //===----------------------------------------------------------------------===//
2929
3030 #define DEBUG_TYPE "objc-arc"
31 #include "llvm/Support/raw_ostream.h"
3132 #include "llvm/Support/CommandLine.h"
3233 #include "llvm/ADT/DenseMap.h"
3334 using namespace llvm;
15961597 // loop backedge. Loop backedges are special.
15971598 TopDownPathCount += Other.TopDownPathCount;
15981599
1600 // Check for overflow. If we have overflow, fall back to conservative behavior.
1601 if (TopDownPathCount < Other.TopDownPathCount) {
1602 clearTopDownPointers();
1603 return;
1604 }
1605
15991606 // For each entry in the other set, if our set has an entry with the same key,
16001607 // merge the entries. Otherwise, copy the entry and merge it with an empty
16011608 // entry.
16201627 // Other.BottomUpPathCount can be 0, in which case it is either dead or a
16211628 // loop backedge. Loop backedges are special.
16221629 BottomUpPathCount += Other.BottomUpPathCount;
1630
1631 // Check for overflow. If we have overflow, fall back to conservative behavior.
1632 if (BottomUpPathCount < Other.BottomUpPathCount) {
1633 clearBottomUpPointers();
1634 return;
1635 }
16231636
16241637 // For each entry in the other set, if our set has an entry with the
16251638 // same key, merge the entries. Otherwise, copy the entry and merge
0 ; RUN: opt -objc-arc -S < %s
1 ; rdar://12277446
2
3 ; The total number of paths grows exponentially with the number of branches, and a
4 ; computation of this number can overflow any reasonable fixed-sized integer.
5
6 target datalayout = "e-p:32:32:32-i1:8:32-i8:8:32-i16:16:32-i32:32:32-i64:32:64-f32:32:32-f64:32:64-v64:32:64-v128:32:128-a0:0:32-n32-S32"
7 target triple = "thumbv7-apple-ios5.0.0"
8
9 %struct.NSConstantString.11.33.55.77.99.121.143.332.1130.1340.2768 = type { i32*, i32, i8*, i32 }
10
11 @_unnamed_cfstring_591 = external constant %struct.NSConstantString.11.33.55.77.99.121.143.332.1130.1340.2768, section "__DATA,__cfstring"
12
13 declare i8* @objc_retain(i8*) nonlazybind
14
15 declare void @objc_release(i8*) nonlazybind
16
17 define hidden void @foo() {
18 entry:
19 br i1 undef, label %msgSend.nullinit, label %msgSend.call
20
21 msgSend.call: ; preds = %entry
22 br label %msgSend.cont
23
24 msgSend.nullinit: ; preds = %entry
25 br label %msgSend.cont
26
27 msgSend.cont: ; preds = %msgSend.nullinit, %msgSend.call
28 %0 = bitcast %struct.NSConstantString.11.33.55.77.99.121.143.332.1130.1340.2768* @_unnamed_cfstring_591 to i8*
29 %1 = call i8* @objc_retain(i8* %0) nounwind
30 br i1 undef, label %msgSend.nullinit33, label %msgSend.call32
31
32 msgSend.call32: ; preds = %if.end10
33 br label %msgSend.cont34
34
35 msgSend.nullinit33: ; preds = %if.end10
36 br label %msgSend.cont34
37
38 msgSend.cont34: ; preds = %msgSend.nullinit33, %msgSend.call32
39 br i1 undef, label %msgSend.nullinit38, label %msgSend.call37
40
41 msgSend.call37: ; preds = %msgSend.cont34
42 br label %msgSend.cont39
43
44 msgSend.nullinit38: ; preds = %msgSend.cont34
45 br label %msgSend.cont39
46
47 msgSend.cont39: ; preds = %msgSend.nullinit38, %msgSend.call37
48 br i1 undef, label %msgSend.nullinit49, label %msgSend.call48
49
50 msgSend.call48: ; preds = %msgSend.cont39
51 br label %msgSend.cont50
52
53 msgSend.nullinit49: ; preds = %msgSend.cont39
54 br label %msgSend.cont50
55
56 msgSend.cont50: ; preds = %msgSend.nullinit49, %msgSend.call48
57 br i1 undef, label %msgSend.nullinit61, label %msgSend.call60
58
59 msgSend.call60: ; preds = %msgSend.cont50
60 br label %msgSend.cont62
61
62 msgSend.nullinit61: ; preds = %msgSend.cont50
63 br label %msgSend.cont62
64
65 msgSend.cont62: ; preds = %msgSend.nullinit61, %msgSend.call60
66 br i1 undef, label %msgSend.nullinit67, label %msgSend.call66
67
68 msgSend.call66: ; preds = %msgSend.cont62
69 br label %msgSend.cont68
70
71 msgSend.nullinit67: ; preds = %msgSend.cont62
72 br label %msgSend.cont68
73
74 msgSend.cont68: ; preds = %msgSend.nullinit67, %msgSend.call66
75 br i1 undef, label %msgSend.nullinit84, label %msgSend.call83
76
77 msgSend.call83: ; preds = %msgSend.cont68
78 br label %msgSend.cont85
79
80 msgSend.nullinit84: ; preds = %msgSend.cont68
81 br label %msgSend.cont85
82
83 msgSend.cont85: ; preds = %msgSend.nullinit84, %msgSend.call83
84 br i1 undef, label %msgSend.nullinit90, label %msgSend.call89
85
86 msgSend.call89: ; preds = %msgSend.cont85
87 br label %msgSend.cont91
88
89 msgSend.nullinit90: ; preds = %msgSend.cont85
90 br label %msgSend.cont91
91
92 msgSend.cont91: ; preds = %msgSend.nullinit90, %msgSend.call89
93 br i1 undef, label %msgSend.nullinit104, label %msgSend.call103
94
95 msgSend.call103: ; preds = %msgSend.cont91
96 br label %msgSend.cont105
97
98 msgSend.nullinit104: ; preds = %msgSend.cont91
99 br label %msgSend.cont105
100
101 msgSend.cont105: ; preds = %msgSend.nullinit104, %msgSend.call103
102 br i1 undef, label %land.lhs.true, label %if.end123
103
104 land.lhs.true: ; preds = %msgSend.cont105
105 br i1 undef, label %if.then117, label %if.end123
106
107 if.then117: ; preds = %land.lhs.true
108 br label %if.end123
109
110 if.end123: ; preds = %if.then117, %land.lhs.true, %msgSend.cont105
111 br i1 undef, label %msgSend.nullinit132, label %msgSend.call131
112
113 msgSend.call131: ; preds = %if.end123
114 br label %msgSend.cont133
115
116 msgSend.nullinit132: ; preds = %if.end123
117 br label %msgSend.cont133
118
119 msgSend.cont133: ; preds = %msgSend.nullinit132, %msgSend.call131
120 br i1 undef, label %msgSend.nullinit139, label %msgSend.call138
121
122 msgSend.call138: ; preds = %msgSend.cont133
123 br label %msgSend.cont140
124
125 msgSend.nullinit139: ; preds = %msgSend.cont133
126 br label %msgSend.cont140
127
128 msgSend.cont140: ; preds = %msgSend.nullinit139, %msgSend.call138
129 br i1 undef, label %if.then151, label %if.end157
130
131 if.then151: ; preds = %msgSend.cont140
132 br label %if.end157
133
134 if.end157: ; preds = %if.then151, %msgSend.cont140
135 br i1 undef, label %msgSend.nullinit164, label %msgSend.call163
136
137 msgSend.call163: ; preds = %if.end157
138 br label %msgSend.cont165
139
140 msgSend.nullinit164: ; preds = %if.end157
141 br label %msgSend.cont165
142
143 msgSend.cont165: ; preds = %msgSend.nullinit164, %msgSend.call163
144 br i1 undef, label %msgSend.nullinit176, label %msgSend.call175
145
146 msgSend.call175: ; preds = %msgSend.cont165
147 br label %msgSend.cont177
148
149 msgSend.nullinit176: ; preds = %msgSend.cont165
150 br label %msgSend.cont177
151
152 msgSend.cont177: ; preds = %msgSend.nullinit176, %msgSend.call175
153 br i1 undef, label %land.lhs.true181, label %if.end202
154
155 land.lhs.true181: ; preds = %msgSend.cont177
156 br i1 undef, label %if.then187, label %if.end202
157
158 if.then187: ; preds = %land.lhs.true181
159 br i1 undef, label %msgSend.nullinit199, label %msgSend.call198
160
161 msgSend.call198: ; preds = %if.then187
162 br label %msgSend.cont200
163
164 msgSend.nullinit199: ; preds = %if.then187
165 br label %msgSend.cont200
166
167 msgSend.cont200: ; preds = %msgSend.nullinit199, %msgSend.call198
168 br label %if.end202
169
170 if.end202: ; preds = %msgSend.cont200, %land.lhs.true181, %msgSend.cont177
171 br i1 undef, label %msgSend.nullinit236, label %msgSend.call235
172
173 msgSend.call235: ; preds = %if.end202
174 br label %msgSend.cont237
175
176 msgSend.nullinit236: ; preds = %if.end202
177 br label %msgSend.cont237
178
179 msgSend.cont237: ; preds = %msgSend.nullinit236, %msgSend.call235
180 br i1 undef, label %msgSend.nullinit254, label %msgSend.call253
181
182 msgSend.call253: ; preds = %msgSend.cont237
183 br label %msgSend.cont255
184
185 msgSend.nullinit254: ; preds = %msgSend.cont237
186 br label %msgSend.cont255
187
188 msgSend.cont255: ; preds = %msgSend.nullinit254, %msgSend.call253
189 br i1 undef, label %msgSend.nullinit269, label %msgSend.call268
190
191 msgSend.call268: ; preds = %msgSend.cont255
192 br label %msgSend.cont270
193
194 msgSend.nullinit269: ; preds = %msgSend.cont255
195 br label %msgSend.cont270
196
197 msgSend.cont270: ; preds = %msgSend.nullinit269, %msgSend.call268
198 br i1 undef, label %msgSend.nullinit281, label %msgSend.call280
199
200 msgSend.call280: ; preds = %msgSend.cont270
201 br label %msgSend.cont282
202
203 msgSend.nullinit281: ; preds = %msgSend.cont270
204 br label %msgSend.cont282
205
206 msgSend.cont282: ; preds = %msgSend.nullinit281, %msgSend.call280
207 br i1 undef, label %msgSend.nullinit287, label %msgSend.call286
208
209 msgSend.call286: ; preds = %msgSend.cont282
210 br label %msgSend.cont288
211
212 msgSend.nullinit287: ; preds = %msgSend.cont282
213 br label %msgSend.cont288
214
215 msgSend.cont288: ; preds = %msgSend.nullinit287, %msgSend.call286
216 br i1 undef, label %msgSend.nullinit303, label %msgSend.call302
217
218 msgSend.call302: ; preds = %msgSend.cont288
219 br label %msgSend.cont304
220
221 msgSend.nullinit303: ; preds = %msgSend.cont288
222 br label %msgSend.cont304
223
224 msgSend.cont304: ; preds = %msgSend.nullinit303, %msgSend.call302
225 br i1 undef, label %msgSend.nullinit344, label %msgSend.call343
226
227 msgSend.call343: ; preds = %msgSend.cont304
228 br label %msgSend.cont345
229
230 msgSend.nullinit344: ; preds = %msgSend.cont304
231 br label %msgSend.cont345
232
233 msgSend.cont345: ; preds = %msgSend.nullinit344, %msgSend.call343
234 br i1 undef, label %msgSend.nullinit350, label %msgSend.call349
235
236 msgSend.call349: ; preds = %msgSend.cont345
237 br label %msgSend.cont351
238
239 msgSend.nullinit350: ; preds = %msgSend.cont345
240 br label %msgSend.cont351
241
242 msgSend.cont351: ; preds = %msgSend.nullinit350, %msgSend.call349
243 br i1 undef, label %msgSend.nullinit366, label %msgSend.call365
244
245 msgSend.call365: ; preds = %msgSend.cont351
246 br label %msgSend.cont367
247
248 msgSend.nullinit366: ; preds = %msgSend.cont351
249 br label %msgSend.cont367
250
251 msgSend.cont367: ; preds = %msgSend.nullinit366, %msgSend.call365
252 br i1 undef, label %msgSend.nullinit376, label %msgSend.call375
253
254 msgSend.call375: ; preds = %msgSend.cont367
255 br label %msgSend.cont377
256
257 msgSend.nullinit376: ; preds = %msgSend.cont367
258 br label %msgSend.cont377
259
260 msgSend.cont377: ; preds = %msgSend.nullinit376, %msgSend.call375
261 br i1 undef, label %if.then384, label %if.else401
262
263 if.then384: ; preds = %msgSend.cont377
264 br i1 undef, label %msgSend.nullinit392, label %msgSend.call391
265
266 msgSend.call391: ; preds = %if.then384
267 br label %msgSend.cont393
268
269 msgSend.nullinit392: ; preds = %if.then384
270 br label %msgSend.cont393
271
272 msgSend.cont393: ; preds = %msgSend.nullinit392, %msgSend.call391
273 br label %if.end418
274
275 if.else401: ; preds = %msgSend.cont377
276 br i1 undef, label %msgSend.nullinit409, label %msgSend.call408
277
278 msgSend.call408: ; preds = %if.else401
279 br label %msgSend.cont410
280
281 msgSend.nullinit409: ; preds = %if.else401
282 br label %msgSend.cont410
283
284 msgSend.cont410: ; preds = %msgSend.nullinit409, %msgSend.call408
285 br label %if.end418
286
287 if.end418: ; preds = %msgSend.cont410, %msgSend.cont393
288 br i1 undef, label %msgSend.nullinit470, label %msgSend.call469
289
290 msgSend.call469: ; preds = %if.end418
291 br label %msgSend.cont471
292
293 msgSend.nullinit470: ; preds = %if.end418
294 br label %msgSend.cont471
295
296 msgSend.cont471: ; preds = %msgSend.nullinit470, %msgSend.call469
297 br i1 undef, label %msgSend.nullinit484, label %msgSend.call483
298
299 msgSend.call483: ; preds = %msgSend.cont471
300 br label %msgSend.cont485
301
302 msgSend.nullinit484: ; preds = %msgSend.cont471
303 br label %msgSend.cont485
304
305 msgSend.cont485: ; preds = %msgSend.nullinit484, %msgSend.call483
306 br i1 undef, label %msgSend.nullinit500, label %msgSend.call499
307
308 msgSend.call499: ; preds = %msgSend.cont485
309 br label %msgSend.cont501
310
311 msgSend.nullinit500: ; preds = %msgSend.cont485
312 br label %msgSend.cont501
313
314 msgSend.cont501: ; preds = %msgSend.nullinit500, %msgSend.call499
315 br i1 undef, label %msgSend.nullinit506, label %msgSend.call505
316
317 msgSend.call505: ; preds = %msgSend.cont501
318 br label %msgSend.cont507
319
320 msgSend.nullinit506: ; preds = %msgSend.cont501
321 br label %msgSend.cont507
322
323 msgSend.cont507: ; preds = %msgSend.nullinit506, %msgSend.call505
324 call void @objc_release(i8* %0) nounwind, !clang.imprecise_release !0
325 ret void
326 }
327
328 !0 = metadata !{}