[llvm] r180824 - Fix a use after free. RI is freed before the call to getDebugLoc(). To

[Richard Trieu]

Author: rtrieu
Date: Tue Apr 30 17:45:10 2013
New Revision: 180824

URL: http://llvm.org/viewvc/llvm-project?rev=180824&view=rev
Log:
Fix a use after free.  RI is freed before the call to getDebugLoc().  To
prevent this, capture the location before RI is freed.

Modified:
    llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp

Modified: llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp?rev=180824&r1=180823&r2=180824&view=diff
==============================================================================
--- llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp (original)
+++ llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp Tue Apr 30 17:45:10 2013
@@ -853,11 +853,12 @@ bool llvm::InlineFunction(CallSite CS, I
 
 
     // Add a branch to the merge points and remove return instructions.
-    ReturnInst *RI;
+    DebugLoc Loc;
     for (unsigned i = 0, e = Returns.size(); i != e; ++i) {
-      RI = Returns[i];
+      ReturnInst *RI = Returns[i];
       BranchInst* BI = BranchInst::Create(AfterCallBB, RI);
-      BI->setDebugLoc(RI->getDebugLoc());
+      Loc = RI->getDebugLoc();
+      BI->setDebugLoc(Loc);
       RI->eraseFromParent();
     }
     // We need to set the debug location to *somewhere* inside the
@@ -865,7 +866,7 @@ bool llvm::InlineFunction(CallSite CS, I
     // instruction will at least be associated with the right
     // function.
     if (CreatedBranchToNormalDest)
-      CreatedBranchToNormalDest->setDebugLoc(RI->getDebugLoc());
+      CreatedBranchToNormalDest->setDebugLoc(Loc);
   } else if (!Returns.empty()) {
     // Otherwise, if there is exactly one return value, just replace anything
     // using the return value of the call with the computed value.