From: Matthias Braun <matze@braunis.de>
Date: Tue, 25 Apr 2017 19:44:25 +0000 (+0000)
Subject: SimplifyLibCalls: Fix crash on memset(notmalloc())
X-Git-Tag: llvmorg-5.0.0-rc1~6700
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=c36a78c3f338f7f4da1db1074211dd748c833675;p=platform%2Fupstream%2Fllvm.git

SimplifyLibCalls: Fix crash on memset(notmalloc())

rdar://31520787

llvm-svn: 301352
---

diff --git a/llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp b/llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
index 4818939..2640c1f 100644
--- a/llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
+++ b/llvm/lib/Transforms/Utils/SimplifyLibCalls.cpp
@@ -842,6 +842,9 @@ static Value *foldMallocMemset(CallInst *Memset, IRBuilder<> &B,
 
   // Is the inner call really malloc()?
   Function *InnerCallee = Malloc->getCalledFunction();
+  if (!InnerCallee)
+    return nullptr;
+
   LibFunc Func;
   if (!TLI.getLibFunc(*InnerCallee, Func) || !TLI.has(Func) ||
       Func != LibFunc_malloc)
diff --git a/llvm/test/Transforms/InstCombine/memset-1.ll b/llvm/test/Transforms/InstCombine/memset-1.ll
index 7310e5f..86f3afd 100644
--- a/llvm/test/Transforms/InstCombine/memset-1.ll
+++ b/llvm/test/Transforms/InstCombine/memset-1.ll
@@ -26,6 +26,15 @@ define i8* @pr25892_lite(i32 %size) #0 {
 ; CHECK-NEXT:  ret i8* %calloc
 }
 
+; This should not create a calloc and not crash the compiler.
+; CHECK-LABEL: @notmalloc_memset
+; CHECK-NOT: @calloc
+define i8* @notmalloc_memset(i32 %size, i8*(i32)* %notmalloc) {
+  %call1 = call i8* %notmalloc(i32 %size) #1
+  %call2 = call i8* @memset(i8* %call1, i32 0, i32 %size) #1
+  ret i8* %call2
+}
+
 ; FIXME: memset(malloc(x), 0, x) -> calloc(1, x)
 ; This doesn't fire currently because the malloc has more than one use.