1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
ConstProp RemoveUselessMasking pass breaks 8-bit test/jnz
In an application's use of zlib 1.2.3 (inflate_fast) compiled with MSVC, the following basic block is observed:
```asm
mov r11d, [r9+rax*4]
mov eax, r11d
movzx edx, r11b
shr eax, 8
movzx ecx, al
shr ebx, cl
sub r10d, ecx
test r11b, r11b
jnz short loc_141284962
```
However, the following IR is generated for the test/jcc:
```
%ssa45(GPR0) i64 = Select %ssa11(GPR0) i32, %ssa42(Invalid4294967295), %ssa43(Invalid4294967295), %ssa44(Invalid4294967295), EQ, #0x8
(%ssa46 i0) StoreFlag %ssa45(GPR0) i64, #0x6
%ssa47(GPR1) i64 = Constant #0x0
(%ssa48 i0) StoreFlag %ssa47(GPR1) i64, #0x0
%ssa49(GPR1) i64 = Constant #0x0
(%ssa50 i0) StoreFlag %ssa49(GPR1) i64, #0xb
(%ssa51 i0) InlineConstant #0x0
(%ssa52 i0) CondJump %ssa45(GPR0) i64, %ssa51(Invalid4294967295), %ssa3(Invalid4294967295), %ssa4(Invalid4294967295), EQ, #0x8
(%ssa53 i0) EndBlock %ssa2(Invalid4294967295)
```
`r11d` at this time contained a value `0x00410400`, which leads to the jump being incorrectly taken, for a 32-bit compare-to-zero is used as a jump condition.
|