IndVarSimplify: Avoid UB from binding a reference to a null pointer

Calling operator* on a WeakVH whose Value is null hits undefined
behaviour, since we bind the value to a reference. Instead, go through
`operator Value*` so that we work with the pointer itself.

Found by ubsan.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@240214 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/Transforms/Scalar/IndVarSimplify.cpp b/lib/Transforms/Scalar/IndVarSimplify.cpp
index ad2c9726dac1cffb941954e69a9e55c22d63c11b..e931382ea98f6d7a2b7a201943fae08a7ba28cbb 100644 (file)
--- a/lib/Transforms/Scalar/IndVarSimplify.cpp
+++ b/lib/Transforms/Scalar/IndVarSimplify.cpp
@@ -2013,10 +2013,11 @@ bool IndVarSimplify::runOnLoop(Loop *L, LPPassManager &LPM) {
 
   // Now that we're done iterating through lists, clean up any instructions
   // which are now dead.
-  while (!DeadInsts.empty())
-    if (Instruction *Inst =
-          dyn_cast_or_null<Instruction>(&*DeadInsts.pop_back_val()))
+  while (!DeadInsts.empty()) {
+    Value *V = static_cast<Value *>(DeadInsts.pop_back_val());
+    if (Instruction *Inst = dyn_cast_or_null<Instruction>(V))
       RecursivelyDeleteTriviallyDeadInstructions(Inst, TLI);
+  }
 
   // The Rewriter may not be used from this point on.