From 554f68be445c7d4f0dbd33ccdaa4ce77f76f79e5 Mon Sep 17 00:00:00 2001
From: Davide Italiano <davide@freebsd.org>
Date: Fri, 5 Jan 2018 16:18:47 +0000
Subject: [BasicAA] Fix linearization of shifts beyond the bitwidth.

Thanks to Simon Pilgrim for the reduced testcase.
Fixes PR35821.

llvm-svn: 321873
---
 llvm/lib/Analysis/BasicAliasAnalysis.cpp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'llvm/lib/Analysis')

diff --git a/llvm/lib/Analysis/BasicAliasAnalysis.cpp b/llvm/lib/Analysis/BasicAliasAnalysis.cpp
index 537813b6b75..5a2401f8d8a 100644
--- a/llvm/lib/Analysis/BasicAliasAnalysis.cpp
+++ b/llvm/lib/Analysis/BasicAliasAnalysis.cpp
@@ -285,6 +285,19 @@ static bool isObjectSize(const Value *V, uint64_t Size, const DataLayout &DL,
       case Instruction::Shl:
         V = GetLinearExpression(BOp->getOperand(0), Scale, Offset, ZExtBits,
                                 SExtBits, DL, Depth + 1, AC, DT, NSW, NUW);
+
+        // We're trying to linearize an expression of the kind:
+        //   shl i8 -128, 36
+        // where the shift count exceeds the bitwidth of the type.
+        // We can't decompose this further (the expression would return
+        // a poison value).
+        if (Offset.getBitWidth() < RHS.getLimitedValue() ||
+            Scale.getBitWidth() < RHS.getLimitedValue()) {
+          Scale = 1;
+          Offset = 0;
+          return V;
+        }
+
         Offset <<= RHS.getLimitedValue();
         Scale <<= RHS.getLimitedValue();
         // the semantics of nsw and nuw for left shifts don't match those of
-- 
cgit v1.2.3