[llvm] r268269 - [CFLAA] Fix a use-of-invalid-pointer bug.
George Burgess IV via llvm-commits
llvm-commits at lists.llvm.org
Mon May 2 11:09:20 PDT 2016
Author: gbiv
Date: Mon May 2 13:09:19 2016
New Revision: 268269
URL: http://llvm.org/viewvc/llvm-project?rev=268269&view=rev
Log:
[CFLAA] Fix a use-of-invalid-pointer bug.
As shown in the diff, we used to add to CFLAA's cache by doing
`Cache[Fn] = buildSetsFrom(Fn)`. `buildSetsFrom(Fn)` may cause `Cache`
to reallocate its underlying storage, if this happens and `Cache[Fn]`
was evaluated prior to `buildSetsFrom(Fn)`, then we'll store the result
to a bad address.
Patch by Jia Chen.
Modified:
llvm/trunk/lib/Analysis/CFLAliasAnalysis.cpp
Modified: llvm/trunk/lib/Analysis/CFLAliasAnalysis.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Analysis/CFLAliasAnalysis.cpp?rev=268269&r1=268268&r2=268269&view=diff
==============================================================================
--- llvm/trunk/lib/Analysis/CFLAliasAnalysis.cpp (original)
+++ llvm/trunk/lib/Analysis/CFLAliasAnalysis.cpp Mon May 2 13:09:19 2016
@@ -994,7 +994,12 @@ void CFLAAResult::scan(Function *Fn) {
assert(InsertPair.second &&
"Trying to scan a function that has already been cached");
- Cache[Fn] = buildSetsFrom(Fn);
+ // Note that we can't do Cache[Fn] = buildSetsFrom(Fn) here: the function call
+ // may get evaluated after operator[], potentially triggering a DenseMap
+ // resize and invalidating the reference returned by operator[]
+ auto FunInfo = buildSetsFrom(Fn);
+ Cache[Fn] = std::move(FunInfo);
+
Handles.push_front(FunctionHandle(Fn, this));
}
More information about the llvm-commits
mailing list