SimplifyLibCalls: Fix crash on memset(notmalloc())

rdar://31520787

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@301352 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/Transforms/Utils/SimplifyLibCalls.cpp b/lib/Transforms/Utils/SimplifyLibCalls.cpp
index 4818939824e3a6a879aa1f9c1b3bc266102e9037..2640c1f447a705462f81a1154c506971a3ab9abb 100644 (file)
--- a/lib/Transforms/Utils/SimplifyLibCalls.cpp
+++ b/lib/Transforms/Utils/SimplifyLibCalls.cpp
@@ -842,6 +842,9 @@ static Value *foldMallocMemset(CallInst *Memset, IRBuilder<> &B,
 
   // Is the inner call really malloc()?
   Function *InnerCallee = Malloc->getCalledFunction();
+  if (!InnerCallee)
+    return nullptr;
+
   LibFunc Func;
   if (!TLI.getLibFunc(*InnerCallee, Func) || !TLI.has(Func) ||
       Func != LibFunc_malloc)

diff --git a/test/Transforms/InstCombine/memset-1.ll b/test/Transforms/InstCombine/memset-1.ll
index 7310e5f4faf87aa72e394e9313e1018029e89f89..86f3afdef8dc394d1a3e03b7d036edcbedfe4d43 100644 (file)
--- a/test/Transforms/InstCombine/memset-1.ll
+++ b/test/Transforms/InstCombine/memset-1.ll
@@ -26,6 +26,15 @@ define i8* @pr25892_lite(i32 %size) #0 {
 ; CHECK-NEXT:  ret i8* %calloc
 }
 
+; This should not create a calloc and not crash the compiler.
+; CHECK-LABEL: @notmalloc_memset
+; CHECK-NOT: @calloc
+define i8* @notmalloc_memset(i32 %size, i8*(i32)* %notmalloc) {
+  %call1 = call i8* %notmalloc(i32 %size) #1
+  %call2 = call i8* @memset(i8* %call1, i32 0, i32 %size) #1
+  ret i8* %call2
+}
+
 ; FIXME: memset(malloc(x), 0, x) -> calloc(1, x)
 ; This doesn't fire currently because the malloc has more than one use.