diff options
| author | Simon Pilgrim <llvm-dev@redking.me.uk> | 2018-11-06 11:28:22 +0000 |
|---|---|---|
| committer | Simon Pilgrim <llvm-dev@redking.me.uk> | 2018-11-06 11:28:22 +0000 |
| commit | c1da5f757e5f0bbf7857d54348a94c88cff0cb64 (patch) | |
| tree | ea7a321fd0f11ed4422f24b3c2e1feb7e8190840 | |
| parent | abbd713eb7417f3638541b75b8aff051d2f48377 (diff) | |
| download | bcm5719-llvm-c1da5f757e5f0bbf7857d54348a94c88cff0cb64.tar.gz bcm5719-llvm-c1da5f757e5f0bbf7857d54348a94c88cff0cb64.zip | |
[InstCombine] Ensure nested shifts are in range (OSS-Fuzz #9880)
llvm-svn: 346225
| -rw-r--r-- | llvm/lib/Transforms/InstCombine/InstCombineShifts.cpp | 11 | ||||
| -rw-r--r-- | llvm/test/Transforms/InstCombine/apint-shift.ll | 19 |
2 files changed, 25 insertions, 5 deletions
diff --git a/llvm/lib/Transforms/InstCombine/InstCombineShifts.cpp b/llvm/lib/Transforms/InstCombine/InstCombineShifts.cpp index 045ce423ef6..c562d45a9e2 100644 --- a/llvm/lib/Transforms/InstCombine/InstCombineShifts.cpp +++ b/llvm/lib/Transforms/InstCombine/InstCombineShifts.cpp @@ -725,9 +725,9 @@ Instruction *InstCombiner::visitLShr(BinaryOperator &I) { Value *X; const APInt *ShOp1; - if (match(Op0, m_Shl(m_Value(X), m_APInt(ShOp1)))) { - unsigned ShlAmt = ShOp1->getZExtValue(); - if (ShlAmt < ShAmt) { + if (match(Op0, m_Shl(m_Value(X), m_APInt(ShOp1))) && ShOp1->ult(BitWidth)) { + if (ShOp1->ult(ShAmt)) { + unsigned ShlAmt = ShOp1->getZExtValue(); Constant *ShiftDiff = ConstantInt::get(Ty, ShAmt - ShlAmt); if (cast<BinaryOperator>(Op0)->hasNoUnsignedWrap()) { // (X <<nuw C1) >>u C2 --> X >>u (C2 - C1) @@ -740,7 +740,8 @@ Instruction *InstCombiner::visitLShr(BinaryOperator &I) { APInt Mask(APInt::getLowBitsSet(BitWidth, BitWidth - ShAmt)); return BinaryOperator::CreateAnd(NewLShr, ConstantInt::get(Ty, Mask)); } - if (ShlAmt > ShAmt) { + if (ShOp1->ugt(ShAmt)) { + unsigned ShlAmt = ShOp1->getZExtValue(); Constant *ShiftDiff = ConstantInt::get(Ty, ShlAmt - ShAmt); if (cast<BinaryOperator>(Op0)->hasNoUnsignedWrap()) { // (X <<nuw C1) >>u C2 --> X <<nuw (C1 - C2) @@ -753,7 +754,7 @@ Instruction *InstCombiner::visitLShr(BinaryOperator &I) { APInt Mask(APInt::getLowBitsSet(BitWidth, BitWidth - ShAmt)); return BinaryOperator::CreateAnd(NewShl, ConstantInt::get(Ty, Mask)); } - assert(ShlAmt == ShAmt); + assert(*ShOp1 == ShAmt); // (X << C) >>u C --> X & (-1 >>u C) APInt Mask(APInt::getLowBitsSet(BitWidth, BitWidth - ShAmt)); return BinaryOperator::CreateAnd(X, ConstantInt::get(Ty, Mask)); diff --git a/llvm/test/Transforms/InstCombine/apint-shift.ll b/llvm/test/Transforms/InstCombine/apint-shift.ll index 3266fa6e443..efc088637c4 100644 --- a/llvm/test/Transforms/InstCombine/apint-shift.ll +++ b/llvm/test/Transforms/InstCombine/apint-shift.ll @@ -526,3 +526,22 @@ define i40 @test26(i40 %A) { %D = shl i40 %C, 1 ret i40 %D } + +; OSS-Fuzz #9880 +; https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9880 +define i177 @ossfuzz_9880(i177 %X) { +; CHECK-LABEL: @ossfuzz_9880( +; CHECK-NEXT: ret i177 1 +; + %A = alloca i177 + %L1 = load i177, i177* %A + %B = or i177 0, -1 + %B5 = udiv i177 %L1, %B + %B4 = add i177 %B5, %B + %B2 = add i177 %B, %B4 + %B6 = mul i177 %B5, %B2 + %B20 = shl i177 %L1, %B6 + %B14 = sub i177 %B20, %B5 + %B1 = udiv i177 %B14, %B6 + ret i177 %B1 +} |
