[LLVMbugs] [Bug 1568] NEW: segfault during domtree construction on invalid bytecode

bugzilla-daemon at cs.uiuc.edu bugzilla-daemon at cs.uiuc.edu
Tue Jul 24 06:57:49 PDT 2007


           Summary: segfault during domtree construction on invalid bytecode
           Product: new-bugs
           Version: unspecified
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: new bugs
        AssignedTo: unassignedbugs at nondot.org
        ReportedBy: baldrick at free.fr

The verifier uses the result of domtree construction.
Thus domtree construction must not crash on invalid
bytecode.  I hit the following crash while working on
gcc-4.2, caused by a branch to a basic block which lacks
a terminator.  Here's the backtrace:

#0  0x0881f563 in llvm::TerminatorInst::getNumSuccessors (this=0x0) at 
#1  0x08be6c0f in llvm::DominatorTree::DFSPass (this=0x93c8e60, V=0x93d98e0,
    VInfo=@0x9454134, N=3) 
at /home/duncan/LLVM/llvm.master/lib/VMCore/Dominators.cpp:190
#2  0x08be7c66 in llvm::DominatorTree::calculate (this=0x93c8e60, F=@0x9417a70)
    at /home/duncan/LLVM/llvm.master/lib/VMCore/Dominators.cpp:329
#3  0x08be817a in llvm::DominatorTree::runOnFunction (this=0x93c8e60, 
    at /home/duncan/LLVM/llvm.master/lib/VMCore/Dominators.cpp:594

The segfault occurs here
190         if (NextSucc == BB->getTerminator()->getNumSuccessors()) {
because BB has no terminator:
(gdb) call BB->dump()

bb:             ; Error: Block without parent!

(gdb) p BB->getTerminator()
$2 = (class llvm::TerminatorInst *) 0x0

I would love to attach a testcase .ll, but I failed to construct
one: my examples were rejected by llvm-as.

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the llvm-bugs mailing list