[llvm] r364181 - [InstCombine] SliceUpIllegalIntegerPHI - bail on out of range shifts
Simon Pilgrim via llvm-commits
llvm-commits at lists.llvm.org
Mon Jun 24 06:13:36 PDT 2019
Author: rksimon
Date: Mon Jun 24 06:13:36 2019
New Revision: 364181
URL: http://llvm.org/viewvc/llvm-project?rev=364181&view=rev
Log:
[InstCombine] SliceUpIllegalIntegerPHI - bail on out of range shifts
trunc(lshr) handling - if the shift is out of range (undefined) then bail like we do for non-constant shifts.
Fixes OSS Fuzz #15217
Added:
llvm/trunk/test/Transforms/InstCombine/phi-shifts.ll
Modified:
llvm/trunk/lib/Transforms/InstCombine/InstCombinePHI.cpp
Modified: llvm/trunk/lib/Transforms/InstCombine/InstCombinePHI.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Transforms/InstCombine/InstCombinePHI.cpp?rev=364181&r1=364180&r2=364181&view=diff
==============================================================================
--- llvm/trunk/lib/Transforms/InstCombine/InstCombinePHI.cpp (original)
+++ llvm/trunk/lib/Transforms/InstCombine/InstCombinePHI.cpp Mon Jun 24 06:13:36 2019
@@ -1004,6 +1004,11 @@ Instruction *InstCombiner::SliceUpIllega
!isa<ConstantInt>(UserI->getOperand(1)))
return nullptr;
+ // Bail on out of range shifts.
+ unsigned SizeInBits = UserI->getType()->getScalarSizeInBits();
+ if (cast<ConstantInt>(UserI->getOperand(1))->getValue().uge(SizeInBits))
+ return nullptr;
+
unsigned Shift = cast<ConstantInt>(UserI->getOperand(1))->getZExtValue();
PHIUsers.push_back(PHIUsageRecord(PHIId, Shift, UserI->user_back()));
}
Added: llvm/trunk/test/Transforms/InstCombine/phi-shifts.ll
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Transforms/InstCombine/phi-shifts.ll?rev=364181&view=auto
==============================================================================
--- llvm/trunk/test/Transforms/InstCombine/phi-shifts.ll (added)
+++ llvm/trunk/test/Transforms/InstCombine/phi-shifts.ll Mon Jun 24 06:13:36 2019
@@ -0,0 +1,26 @@
+; NOTE: Assertions have been autogenerated by utils/update_test_checks.py
+; RUN: opt < %s -S -instcombine | FileCheck %s
+
+; OSS Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15217
+define i64 @fuzz15217(i1 %cond, i8* %Ptr, i64 %Val) {
+; CHECK-LABEL: @fuzz15217(
+; CHECK-NEXT: entry:
+; CHECK-NEXT: br i1 [[COND:%.*]], label [[END:%.*]], label [[TWO:%.*]]
+; CHECK: two:
+; CHECK-NEXT: br label [[END]]
+; CHECK: end:
+; CHECK-NEXT: ret i64 0
+;
+entry:
+ br i1 %cond, label %end, label %two
+
+two:
+ br label %end
+
+end:
+ %tmp869.0 = phi i128 [ 0, %entry ], [ 18446744073709551616, %two ]
+ %tmp29 = lshr i128 %tmp869.0, 64
+ %B1 = lshr i128 %tmp29, 170141183460469231731687303715884105727
+ %tmp30 = trunc i128 %B1 to i64
+ ret i64 %tmp30
+}
More information about the llvm-commits
mailing list