mirror of
https://github.com/RPCS3/llvm-mirror.git
synced 2024-11-22 18:54:02 +01:00
c20a0e76af
In LazyValueInfoImpl::isNonNullAtEndOfBlock we populate a set of
pointers, known to be non-null at the end of a block (e.g. because we
did a load through them). We then infer that any pointer, based on an
element of this set is non-null as well ("based" here meaning a
non-null pointer is the underlying object). This is incorrect, even if
the base pointer was non-null, the value of a GEP, that lacks the
inbounds` attribute, may be null.
This issue appeared as miscompilation of the following test case:
int puts(const char *);
typedef struct iter {
int *val;
} iter_t;
static long distance(iter_t first, iter_t last) {
long r = 0;
for (; first.val != last.val; first.val++)
++r;
return r;
}
int main() {
int arr[2] = {0};
iter_t i, j;
i.val = arr;
j.val = arr + 1;
if (distance(i, j) >= 2)
puts("failed");
else
puts("passed");
}
This fixes PR49662.
Differential Revision: https://reviews.llvm.org/D99642
19 lines
566 B
LLVM
19 lines
566 B
LLVM
; RUN: opt -jump-threading -S %s -o - | FileCheck %s
|
|
|
|
define i32 @f(i64* %a, i64 %i) {
|
|
entry:
|
|
store i64 0, i64* %a, align 8
|
|
%p = getelementptr i64, i64* %a, i64 %i
|
|
%c = icmp eq i64* %p, null
|
|
; `%a` is non-null at the end of the block, because we store through it.
|
|
; However, `%p` is derived from `%a` via a GEP that is not `inbounds`, therefore we cannot judge `%p` is non-null as well
|
|
; and must retain the `icmp` instruction.
|
|
; CHECK: %c = icmp eq i64* %p, null
|
|
br i1 %c, label %if.else, label %if.then
|
|
if.then:
|
|
ret i32 0
|
|
|
|
if.else:
|
|
ret i32 1
|
|
}
|