Fix possible overflow in optAssertionPropGlobal_RelOp #123201
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
the
area-CodeGen-coreclr
Contributor
|
Tagging subscribers to this area: @JulieLeeMSFT, @dotnet/jit-contrib |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR fixes a potential overflow issue in the JIT compiler's assertion propagation optimizer when performing range analysis on relational operators.
Changes:
- Enhanced the
Limit::AddConstantmethod to optionally report overflow conditions via an out parameter - Updated
optAssertionProp_RangePropertiesto explicitly check for overflow when adding constants to range bounds - Fixed
optAssertionPropGlobal_RelOpto detect and bail out when adding peeled offsets would overflow range limits - Added a regression test that reproduces the overflow scenario
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| src/coreclr/jit/rangecheck.h | Added optional overflows parameter to AddConstant method to report overflow conditions |
| src/coreclr/jit/assertionprop.cpp | Updated two call sites to use explicit overflow detection instead of relying on return values, improving code clarity and correctness |
| src/tests/JIT/Regression/JitBlue/Runtime_122288/Runtime_122288.cs | Added regression test for the overflow scenario with a comparison involving large constants |
Member
Author
|
PTAL @jakobbotsch @dotnet/jit-contrib |
Member
Author
|
Closed in favor of #123233 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #122288
We deal with
1 >= (2147483646 + X)expression. Since getting the range of the whole op2(2147483646 + X)didn't get us anything, we have this hack where we peel the offset (so2147483646) and try to find the range ofX. (I'll move this logic intoryGetRangeFromAssertionsitself in the future).We end up with
[0...65535]range of X which clearly may overflow when2147483646is added. The previous logic was trying to just move the constant to the left1 - 2147483646 >= Xwhere Subtract didn't overflow.I want to do some refactoring around overflow handling. Today, e.g. for
range1=[0..int.MaxValue]andrange2=[10..20]theRangeOps::Add(range1, range2)returns[10..unknown], I want it to return[unknown..unknown](or maybe[-2147483639..0]?). It seems to be not a problem today except for 2 places in global assertion prop.This fix doesn't contain the refactoring to be backport-friendly.
A few diffs correctness related.