[llvm-bugs] [Bug 51824] New: [InstCombine] Null-dereference READ in llvm::ConstantVector::getImpl

via llvm-bugs llvm-bugs at lists.llvm.org
Sat Sep 11 09:49:48 PDT 2021 

https://bugs.llvm.org/show_bug.cgi?id=51824

            Bug ID: 51824
           Summary: [InstCombine] Null-dereference READ in
                    llvm::ConstantVector::getImpl
           Product: libraries
           Version: trunk
          Hardware: PC
                OS: Windows NT
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Scalar Optimizations
          Assignee: unassignedbugs at nondot.org
          Reporter: llvm-dev at redking.me.uk
                CC: lebedev.ri at gmail.com, llvm-bugs at lists.llvm.org,
                    spatel+llvm at rotateright.com

Reduced from https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38057

; ModuleID = 'bugpoint-reduced-simplified.bc'
source_filename = "llvm/test/Transforms/InstCombine/pr38984.ll"
target datalayout = "p:16:16"
target triple = "x86_64-unknown-linux-gnu"

define void @PR38984() {
entry:
  %C7 = icmp sgt i1 false, true
  %B2 = lshr i16 -32768, 0
  %C1 = icmp uge i16 %B2, %B2
  %E9 = extractelement <4 x i16> zeroinitializer, i16 %B2
  %I2 = insertelement <4 x i16> undef, i16 %E9, i16 0
  %i = sext <4 x i16> %I2 to <4 x i32>
  %i1 = getelementptr inbounds i64, i64* null, <4 x i32> %i
  %i2 = ptrtoint <4 x i64*> %i1 to <4 x i32>
  %E2 = extractelement <4 x i32> %i2, i16 0
  br label %BB

BB:                                               ; preds = %BB, %entry
  %A15 = alloca <4 x i32>, align 16
  %L2 = load <4 x i32>, <4 x i32>* %A15, align 16
  %G1 = getelementptr i64, i64* null, i32 %E2
  %i3 = getelementptr inbounds i64, i64* %G1, <4 x i16> undef
  %i4 = ptrtoint <4 x i64*> %i3 to <4 x i32>
  %E22 = extractelement <4 x i32> %L2, i1 false
  %E8 = extractelement <4 x i32> %i4, i1 false
  %I10 = insertelement <4 x i32> undef, i32 undef, i32 %E8
  %I19 = insertelement <4 x i32> %I10, i32 %E22, i16 0
  %S7 = shufflevector <4 x i32> %I19, <4 x i32> %L2, <4 x i32> undef
  %I8 = insertelement <4 x i32> %I19, i32 0, i1 %C1
  %E10 = extractelement <4 x i32> %I8, i1 undef
  store i32 %E10, i32* undef, align 4
  br i1 undef, label %BB, label %BB1

BB1:                                              ; preds = %BB
  %S8 = shufflevector <4 x i32> %I10, <4 x i32> %S7, <4 x i32> undef
  store <4 x i32> %S8, <4 x i32>* undef, align 16
  ret void
}

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210911/c4b30369/attachment.html>

More information about the llvm-bugs mailing list