[llvm] 602ab24 - [SimplifyCFG] avoid crash on degenerate loop
Sanjay Patel via llvm-commits
llvm-commits at lists.llvm.org
Fri Jun 11 06:44:56 PDT 2021
Author: Sanjay Patel
Date: 2021-06-11T09:37:06-04:00
New Revision: 602ab248335e1540e82667e74fea44b7f042e112
URL: https://github.com/llvm/llvm-project/commit/602ab248335e1540e82667e74fea44b7f042e112
DIFF: https://github.com/llvm/llvm-project/commit/602ab248335e1540e82667e74fea44b7f042e112.diff
LOG: [SimplifyCFG] avoid crash on degenerate loop
The problematic code pattern in the test is based on:
https://llvm.org/PR50638
If the IfCond is itself the phi that we are trying to remove,
then the loop around line 2835 can end up with something like:
%cmp = select i1 %cmp, i1 false, i1 true
That can then lead to a use-after-free and assert (although
I'm still not seeing that locally in my release + asserts build).
I think this can only happen with unreachable code.
Differential Revision: https://reviews.llvm.org/D104063
Added:
Modified:
llvm/lib/Transforms/Utils/SimplifyCFG.cpp
llvm/test/Transforms/SimplifyCFG/two-entry-phi-return.ll
Removed:
################################################################################
diff --git a/llvm/lib/Transforms/Utils/SimplifyCFG.cpp b/llvm/lib/Transforms/Utils/SimplifyCFG.cpp
index ee8632621b5a0..a0224a9a18daf 100644
--- a/llvm/lib/Transforms/Utils/SimplifyCFG.cpp
+++ b/llvm/lib/Transforms/Utils/SimplifyCFG.cpp
@@ -2713,6 +2713,12 @@ static bool FoldTwoEntryPHINode(PHINode *PN, const TargetTransformInfo &TTI,
isa<ConstantInt>(IfCond))
return false;
+ // Don't try to fold an unreachable block. For example, the phi node itself
+ // can't be the candidate if-condition for a select that we want to form.
+ if (auto *IfCondPhiInst = dyn_cast<PHINode>(IfCond))
+ if (IfCondPhiInst->getParent() == BB)
+ return false;
+
// Okay, we found that we can merge this two-entry phi node into a select.
// Doing so would require us to fold *all* two entry phi nodes in this block.
// At some point this becomes non-profitable (particularly if the target
diff --git a/llvm/test/Transforms/SimplifyCFG/two-entry-phi-return.ll b/llvm/test/Transforms/SimplifyCFG/two-entry-phi-return.ll
index e9b52f49b961c..2bb2546467020 100644
--- a/llvm/test/Transforms/SimplifyCFG/two-entry-phi-return.ll
+++ b/llvm/test/Transforms/SimplifyCFG/two-entry-phi-return.ll
@@ -23,4 +23,33 @@ UnifiedReturnBlock:
}
+ at a = external dso_local global i32, align 4
+
+define i32 @PR50638() {
+; CHECK-LABEL: @PR50638(
+; CHECK-NEXT: entry:
+; CHECK-NEXT: store i32 0, i32* @a, align 4
+; CHECK-NEXT: ret i32 0
+;
+entry:
+ store i32 0, i32* @a, align 4
+ br label %pre.for
+
+pre.for:
+ %tobool.not = phi i1 [ false, %for ], [ true, %entry ]
+ br i1 %tobool.not, label %end, label %for
+
+for:
+ %cmp = phi i1 [ true, %pre.for ], [ false, %post.for ]
+ %storemerge = phi i32 [ 0, %pre.for ], [ 1, %post.for ]
+ store i32 %storemerge, i32* @a, align 4
+ br i1 %cmp, label %post.for, label %pre.for
+
+post.for:
+ br label %for
+
+end:
+ ret i32 0
+}
+
!0 = !{!"branch_weights", i32 4, i32 64}
More information about the llvm-commits
mailing list