[LLVMbugs] [Bug 1947] New: LoopUnroll - use after free

bugzilla-daemon at cs.uiuc.edu bugzilla-daemon at cs.uiuc.edu
Fri Jan 25 13:21:30 PST 2008


http://llvm.org/bugs/show_bug.cgi?id=1947

           Summary: LoopUnroll - use after free
           Product: new-bugs
           Version: unspecified
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: new bugs
        AssignedTo: unassignedbugs at nondot.org
        ReportedBy: baldrick at free.fr
                CC: llvmbugs at cs.uiuc.edu


Valgrind shows memory being used after being freed in the testcase
test/Transforms/LoopUnroll/2007-11-05-Crash.ll:

Invalid read of size 4
   at 0x82D551A: llvm::Use::getNext() const (Use.h:65)
   by 0x82D62D7: llvm::value_use_iterator<llvm::User>::operator++() (Use.h:130)
   by 0x83ED7EA: (anonymous
namespace)::LoopUnroll::unrollLoop(llvm::LoopBase<llvm::BasicBlock>*, unsigned,
unsigned) (LoopUnroll.cpp:367)
   by 0x83EE2FD: (anonymous
namespace)::LoopUnroll::runOnLoop(llvm::LoopBase<llvm::BasicBlock>*,
llvm::LPPassManager&) (LoopUnroll.cpp:182)
   by 0x84B375C: llvm::LPPassManager::runOnFunction(llvm::Function&)
(LoopPass.cpp:225)
   by 0x857626F: llvm::FPPassManager::runOnFunction(llvm::Function&)
(PassManager.cpp:1171)
   by 0x8576411: llvm::FPPassManager::runOnModule(llvm::Module&)
(PassManager.cpp:1191)
   by 0x8575F45: llvm::MPPassManager::runOnModule(llvm::Module&)
(PassManager.cpp:1240)
   by 0x85760FD: llvm::PassManagerImpl::run(llvm::Module&)
(PassManager.cpp:1313)
   by 0x857614F: llvm::PassManager::run(llvm::Module&) (PassManager.cpp:1345)
   by 0x82E2C74: main (opt.cpp:426)
 Address 0x42e0db4 is 20 bytes inside a block of size 68 free'd
   at 0x4021EFC: operator delete[](void*) (vg_replace_malloc.c:364)
   by 0x85572E1: llvm::PHINode::resizeOperands(unsigned) (Instructions.cpp:176)
   by 0x831DA38: llvm::PHINode::addIncoming(llvm::Value*, llvm::BasicBlock*)
(Instructions.h:1303)
   by 0x83ED7DC: (anonymous
namespace)::LoopUnroll::unrollLoop(llvm::LoopBase<llvm::BasicBlock>*, unsigned,
unsigned) (LoopUnroll.cpp:373)
   by 0x83EE2FD: (anonymous
namespace)::LoopUnroll::runOnLoop(llvm::LoopBase<llvm::BasicBlock>*,
llvm::LPPassManager&) (LoopUnroll.cpp:182)
   by 0x84B375C: llvm::LPPassManager::runOnFunction(llvm::Function&)
(LoopPass.cpp:225)
   by 0x857626F: llvm::FPPassManager::runOnFunction(llvm::Function&)
(PassManager.cpp:1171)
   by 0x8576411: llvm::FPPassManager::runOnModule(llvm::Module&)
(PassManager.cpp:1191)
   by 0x8575F45: llvm::MPPassManager::runOnModule(llvm::Module&)
(PassManager.cpp:1240)
   by 0x85760FD: llvm::PassManagerImpl::run(llvm::Module&)
(PassManager.cpp:1313)
   by 0x857614F: llvm::PassManager::run(llvm::Module&) (PassManager.cpp:1345)
   by 0x82E2C74: main (opt.cpp:426)


-- 
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.



More information about the llvm-bugs mailing list