From bce995b034452abe200edc2381bc313ff12a0f2f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Gustavsson?= <bjorn@erlang.org>
Date: Tue, 30 Jul 2019 10:14:16 +0200
Subject: Eliminate a crash in the type optimizer pass

https://bugs.erlang.org/browse/ERL-1013
---
 lib/compiler/src/beam_ssa_type.erl    |  4 ++++
 lib/compiler/test/beam_type_SUITE.erl | 25 +++++++++++++++++++++++--
 2 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/lib/compiler/src/beam_ssa_type.erl b/lib/compiler/src/beam_ssa_type.erl
index 68920e7dd3..3c06c83e2e 100644
--- a/lib/compiler/src/beam_ssa_type.erl
+++ b/lib/compiler/src/beam_ssa_type.erl
@@ -160,6 +160,10 @@ opt_finish_1([Arg | Args], [TypeMap | TypeMaps], ParamInfo0) ->
     case join(maps:values(TypeMap)) of
         any ->
             opt_finish_1(Args, TypeMaps, ParamInfo0);
+        none ->
+            %% This function will never be called. Pretend that we don't
+            %% know the type for this argument.
+            opt_finish_1(Args, TypeMaps, ParamInfo0);
         JoinedType ->
             JoinedType = verified_type(JoinedType),
             ParamInfo = ParamInfo0#{ Arg => validator_anno(JoinedType) },
diff --git a/lib/compiler/test/beam_type_SUITE.erl b/lib/compiler/test/beam_type_SUITE.erl
index 076a604aa4..a99dee48aa 100644
--- a/lib/compiler/test/beam_type_SUITE.erl
+++ b/lib/compiler/test/beam_type_SUITE.erl
@@ -24,7 +24,8 @@
 	 integers/1,numbers/1,coverage/1,booleans/1,setelement/1,
 	 cons/1,tuple/1,record_float/1,binary_float/1,float_compare/1,
 	 arity_checks/1,elixir_binaries/1,find_best/1,
-         test_size/1,cover_lists_functions/1,list_append/1,bad_binary_unit/1]).
+         test_size/1,cover_lists_functions/1,list_append/1,bad_binary_unit/1,
+         none_argument/1]).
 
 suite() -> [{ct_hooks,[ts_install_cth]}].
 
@@ -49,7 +50,8 @@ groups() ->
        test_size,
        cover_lists_functions,
        list_append,
-       bad_binary_unit
+       bad_binary_unit,
+       none_argument
       ]}].
 
 init_per_suite(Config) ->
@@ -518,5 +520,24 @@ bad_binary_unit(_Config) ->
     false = is_binary(Bitstring),
     ok.
 
+%% ERL-1013: The compiler would crash during the type optimization pass.
+none_argument(_Config) ->
+    Binary = id(<<3:16, 42>>),
+    error = id(case Binary of
+                   <<Len:16, Body/binary>> when length(Body) == Len - 2 ->
+                       %% The type for Body will be none. It means
+                       %% that this clause will never match and that
+                       %% uncompress/1 will never be called.
+                       uncompress(Body);
+                   _ ->
+                       error
+               end),
+    ok.
+
+uncompress(CompressedBinary) ->
+    %% The type for CompressedBinary is none, which beam_ssa_type
+    %% did not handle properly.
+    zlib:uncompress(CompressedBinary).
+
 id(I) ->
     I.
-- 
cgit v1.2.3