[PATCH] D148853: [FuzzMutate] Skip EHPad for ShuffleBlockStrategy to avoid crash

Henry Yu via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Thu Apr 20 15:52:34 PDT 2023 

HazyFish created this revision.
HazyFish added a reviewer: Peter.
Herald added a subscriber: hiraditya.
Herald added a project: All.
HazyFish requested review of this revision.
Herald added a project: LLVM.
Herald added a subscriber: llvm-commits.

In ShuffleBlockStrategy, when BB is an EHPad, `BB.getFirstInsertionPt()` will return `BB.end()`, which cannot be dereferenced and will cause crash in following loop.

This patch checks if the block is an EHPad and return immediately if so.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D148853

Files:
  llvm/lib/FuzzMutate/IRMutator.cpp
  llvm/unittests/FuzzMutate/StrategiesTest.cpp


Index: llvm/unittests/FuzzMutate/StrategiesTest.cpp
===================================================================
--- llvm/unittests/FuzzMutate/StrategiesTest.cpp
+++ llvm/unittests/FuzzMutate/StrategiesTest.cpp
@@ -640,4 +640,23 @@
     }";
   VerifyBlockShuffle(Source);
 }
+
+TEST(ShuffleBlockStrategy, ShuffleEHPad) {
+  StringRef Source = "\n\
+    define void @f(i32 %x) personality ptr @__CxxFrameHandler3 { \n\
+    entry: \n\
+      invoke void @g() to label %try.cont unwind label %catch.dispatch \n\
+    catch.dispatch: \n\
+      %0 = catchswitch within none [label %catch] unwind to caller \n\
+    catch: \n\
+      %1 = catchpad within %0 [ptr null, i32 64, ptr null] \n\
+      catchret from %1 to label %try.cont \n\
+    try.cont: \n\
+      ret void \n\
+    } \n\
+    declare void @g() \n\
+    declare i32 @__CxxFrameHandler3(...) \n\
+    ";
+  VerifyBlockShuffle(Source);
+}
 } // namespace
Index: llvm/lib/FuzzMutate/IRMutator.cpp
===================================================================
--- llvm/lib/FuzzMutate/IRMutator.cpp
+++ llvm/lib/FuzzMutate/IRMutator.cpp
@@ -566,7 +566,8 @@
 }
 
 void ShuffleBlockStrategy::mutate(BasicBlock &BB, RandomIRBuilder &IB) {
-
+  if (BB.isEHPad())
+    return;
   SmallPtrSet<Instruction *, 8> AliveInsts;
   for (auto &I : make_early_inc_range(make_range(
            BB.getFirstInsertionPt(), BB.getTerminator()->getIterator()))) {


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D148853.515517.patch
Type: text/x-patch
Size: 1415 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20230420/e0e4f3a4/attachment.bin>

More information about the llvm-commits mailing list