[PATCH] D108201: [AggressiveInstCombine] Add logical shift right instr to `TruncInstCombine` DAG

Amy Huang via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Thu Aug 19 16:20:43 PDT 2021 

akhuang added a comment.

looks like this caused a crash in some chromium code

c++ repro,

  $ cat t.cpp
  struct a {
    typedef unsigned char b;
  };
  struct c {
    static unsigned char *d(unsigned char *g, unsigned *p, int q) {
      *p = *g;
      if (*p)
        *p = q;
      return g;
    }
  };
  template <typename h> void i(int *, int, int, unsigned *, typename h::b *) {
    char *e = 0;
    unsigned char j;
    unsigned f;
    c::d(&j, &f, 33);
    *e = f >> 2;
  }
  int k, l, m;
  unsigned n;
  void o() { i<a>(&k, l, m, &n, (unsigned char *)o); }
  
  $ clang -cc1 -fno-delete-null-pointer-checks -O3 -fsanitize=fuzzer-no-link -emit-llvm t.cpp

Also made an IR repro,

  $ cat repro.ll
  ; ModuleID = 't.cpp'
  source_filename = "t.cpp"
  target datalayout = "e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128"
  target triple = "x86_64-unknown-linux-gnu"
  
  $_Z1iI1aEvPiiiPjPNT_1bE = comdat any
  
  ; Function Attrs: mustprogress nounwind null_pointer_is_valid optforfuzzing
  define linkonce_odr void @_Z1iI1aEvPiiiPjPNT_1bE(i32* %0, i32 %1, i32 %2, i32* %3, i8* %4) local_unnamed_addr #0 comdat {
  _ZN1c1dEPhPji.exit:
    %shr = lshr i32 33, 2
    %conv = trunc i32 %shr to i8
    store i8 %conv, i8* null, align 536870912, !tbaa !6
    ret void
  }
  
  attributes #0 = { mustprogress nounwind null_pointer_is_valid optforfuzzing "frame-pointer"="none" "min-legal-vector-width"="0" "no-trapping-math"="true" "stack-protector-buffer-size"="8" "target-features"="+cx8,+mmx,+sse,+sse2,+x87" }
  
  !llvm.module.flags = !{!0}
  !llvm.ident = !{!1}
  
  !0 = !{i32 1, !"wchar_size", i32 4}
  !1 = !{!"clang version 14.0.0"}
  !2 = !{!3, !3, i64 0}
  !3 = !{!"int", !4, i64 0}
  !4 = !{!"omnipotent char", !5, i64 0}
  !5 = !{!"Simple C++ TBAA"}
  !6 = !{!4, !4, i64 0}
  
  $ opt -aggressive-instcombine -S repro.ll

  


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D108201/new/

https://reviews.llvm.org/D108201

More information about the llvm-commits mailing list