[InstCombine] Fix crash when alloc functions are missing alloc-family (#138310)

clubby789 · jamie-osec · web-flow · commit b006756d44de · 2025-05-03T09:53:57.000+02:00
Fixes #63477 by bailing out instead of crashing. Co-authored-by: Jamie <jamie@osec.io>
diff --git a/llvm/lib/Transforms/InstCombine/InstructionCombining.cpp b/llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
@@ -3300,16 +3300,14 @@ static bool isAllocSiteRemovable(Instruction *AI,
           continue;
         }
 
-        if (getFreedOperand(cast<CallBase>(I), &TLI) == PI &&
+        if (Family && getFreedOperand(cast<CallBase>(I), &TLI) == PI &&
             getAllocationFamily(I, &TLI) == Family) {
-          assert(Family);
           Users.emplace_back(I);
           continue;
         }
 
-        if (getReallocatedOperand(cast<CallBase>(I)) == PI &&
+        if (Family && getReallocatedOperand(cast<CallBase>(I)) == PI &&
             getAllocationFamily(I, &TLI) == Family) {
-          assert(Family);
           Users.emplace_back(I);
           Worklist.push_back(I);
           continue;
diff --git a/llvm/test/Transforms/InstCombine/malloc-free-mismatched.ll b/llvm/test/Transforms/InstCombine/malloc-free-mismatched.ll
@@ -3,7 +3,7 @@
 
 define dso_local i32 @_Z6answeri(i32 %0) {
 ; CHECK-LABEL: @_Z6answeri(
-; CHECK-NEXT:    [[TMP2:%.*]] = call noalias nonnull dereferenceable(80) ptr @_Znam(i64 80) #[[ATTR2:[0-9]+]]
+; CHECK-NEXT:    [[TMP2:%.*]] = call noalias nonnull dereferenceable(80) ptr @_Znam(i64 80) #[[ATTR4:[0-9]+]]
 ; CHECK-NEXT:    call void @free(ptr [[TMP2]])
 ; CHECK-NEXT:    ret i32 42
 ;
@@ -25,11 +25,29 @@ define void @test_alloca() {
   ret void
 }
 
+; Test that missing `alloc-family` attributes don't crash LLVM
+; https://github.com/llvm/llvm-project/issues/63749
+
+define void @no_family() {
+; CHECK-LABEL: @no_family(
+; CHECK-NEXT:       [[ALLOC:%.*]] = call ptr @customalloc(i64 64)
+; CHECK-NEXT:       call void @customfree(ptr [[ALLOC]])
+; CHECK-NEXT:       ret void
+;
+  %alloc = call ptr @customalloc(i64 64)
+  call void @customfree(ptr %alloc)
+  ret void
+}
+
+
 ; Function Attrs: nobuiltin allocsize(0)
 declare dso_local nonnull ptr @_Znam(i64) #1
 
 ; Function Attrs: nounwind
 declare dso_local void @free(ptr) allockind("free") "alloc-family"="malloc"
 
+declare ptr @customalloc(i64) allockind("alloc")
+declare void @customfree(ptr allocptr) allockind("free")
+
 attributes #0 = { builtin allocsize(0) }
 attributes #1 = { nobuiltin allocsize(0) allockind("alloc,uninitialized") "alloc-family"="_Znam" }
