[llvm-bugs] [Bug 30486] New: [InstCombine] Crash in InstructionCombining.cpp due to a cast failure in switch control condition

via llvm-bugs llvm-bugs at lists.llvm.org
Thu Sep 22 02:55:39 PDT 2016 

https://llvm.org/bugs/show_bug.cgi?id=30486

            Bug ID: 30486
           Summary: [InstCombine] Crash in InstructionCombining.cpp due to
                    a cast failure in switch control condition
           Product: new-bugs
           Version: 3.9
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: new bugs
          Assignee: unassignedbugs at nondot.org
          Reporter: s3rvac at gmail.com
                CC: llvm-bugs at lists.llvm.org
    Classification: Unclassified

InstCombine in LLVM 3.9 (and also in the current trunk, I checked this on rev.
282138) crashes in InstructionCombining.cpp due to a cast failure in switch
control condition.

Input:
------

@g = global i32 0

define i32 @func() {
  switch i32 add (i32 ptrtoint (i32* @g to i32), i32 -1), label %x []
x:
  ret i32 0
}

Run:
----

$ opt -instcombine input.ll -o output.bc

Output:
-------

0  libLLVM-3.9.so.1 0x00007fe0baa0e255
llvm::sys::PrintStackTrace(llvm::raw_ostream&) + 37
1  libLLVM-3.9.so.1 0x00007fe0baa0c45e llvm::sys::RunSignalHandlers() + 62
2  libLLVM-3.9.so.1 0x00007fe0baa0c59a
3  libpthread.so.0  0x00007fe0bce108d0
4  libLLVM-3.9.so.1 0x00007fe0baa9ab9b llvm::Instruction::eraseFromParent() +
27
5  libLLVM-3.9.so.1 0x00007fe0bb0900bb
6  libLLVM-3.9.so.1 0x00007fe0bb098c36
7  libLLVM-3.9.so.1 0x00007fe0bb09a5f9
8  libLLVM-3.9.so.1 0x00007fe0bb09a87c
llvm::InstructionCombiningPass::runOnFunction(llvm::Function&) + 476
9  libLLVM-3.9.so.1 0x00007fe0baabe312
llvm::FPPassManager::runOnFunction(llvm::Function&) + 482
10 libLLVM-3.9.so.1 0x00007fe0baabe64b
llvm::FPPassManager::runOnModule(llvm::Module&) + 43
11 libLLVM-3.9.so.1 0x00007fe0baabe930
llvm::legacy::PassManagerImpl::run(llvm::Module&) + 704
12 opt              0x000000000044d43a main + 7130
13 libc.so.6        0x00007fe0b99e8b45 __libc_start_main + 245
14 opt              0x0000000000457015
Stack dump:
0.      Program arguments: opt -instcombine input.ll -o output.bc
1.      Running pass 'Function Pass Manager' on module 'input.ll'.
2.      Running pass 'Combine redundant instructions' on function '@func'
Segmentation fault

Expected output:
----------------

opt does not crash.

Cause:
------

There is the following code in
lib/Transforms/InstCombine/InstructionCombining.cpp
(LLVM trunk, rev. 282138):

2274   ConstantInt *AddRHS = nullptr;
2275   if (match(Cond, m_Add(m_Value(), m_ConstantInt(AddRHS)))) {
2276     Instruction *I = cast<Instruction>(Cond);

The cast<> on line 2276 fails when the condition (`Cond` variable) is as in the
input file. There needs to be a dyn_cast<> instead because the cast may fail
(as can be seen from this bug report).

Environment:
------------

- Official pre-build version of LLVM 3.9 for Debian Jessie (but the bug is
  reproducible also in the current trunk, I checked that on rev. 282138).
- Fully updated Debian Jessie x86_64, GCC 4.9.2.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20160922/129a92ae/attachment.html>

More information about the llvm-bugs mailing list