[llvm-bugs] [Bug 97956] DSE removes store before free() incorrectly

LLVM Bugs via llvm-bugs Sun, 07 Jul 2024 08:15:46 -0700

Issue	97956
Summary	DSE removes store before free() incorrectly
Labels	miscompilation, llvm:optimizations
Assignees
Reporter	nunoplopes

    TL;DR: the transformation below needs gep inbounds, otherwise the input ptr may have a negative offset.


```llvm
; test/Transforms/DeadStoreElimination/free.ll

define void @test2(ptr %P) {
  %Q = gep ptr %P, 8 x i32 0, 1 x i64 4
  store i32 4, ptr %Q, align 4
  call void @free(ptr %P) alloc-family(malloc) allockind(free)
 ret void
}
=>
define void @test2(ptr %P) {
  call void @free(ptr %P) alloc-family(malloc)
  ret void
}
Transformation doesn't verify!

ERROR: Mismatch in memory

Example:
ptr %P = pointer(non-local, block_id=1, offset=-4) / Address=#x000

Source:
ptr %Q = pointer(non-local, block_id=1, offset=0) / Address=#x004
Function @free returned

SOURCE MEMORY STATE
===================
NON-LOCAL BLOCKS:
Block 0 >       size: 0 align: 4        alloc type: 0   alive: false    address: 0
Block 1 > size: 9 align: 1        alloc type: 0   alive: true     address: 4

Target:
Function @free returned

Mismatch in pointer(non-local, block_id=1, offset=0)
Source value: #x00000004
Target value: poison
```

_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs

[llvm-bugs] [Bug 97956] DSE removes store before free() incorrectly

Reply via email to