<div dir="ltr">consider using an non-static data member initializer rather than the ctor init list? </div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Mar 3, 2016 at 4:44 PM, Easwaran Raman via llvm-commits <span dir="ltr"><<a href="mailto:llvm-commits@lists.llvm.org" target="_blank">llvm-commits@lists.llvm.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Author: eraman<br>
Date: Thu Mar  3 18:44:01 2016<br>
New Revision: 262679<br>
<br>
URL: <a href="http://llvm.org/viewvc/llvm-project?rev=262679&view=rev" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project?rev=262679&view=rev</a><br>
Log:<br>
Fix a use-after-free bug introduced in r262636<br>
<br>
<br>
Modified:<br>
    llvm/trunk/include/llvm/Transforms/Utils/Cloning.h<br>
    llvm/trunk/lib/Transforms/IPO/Inliner.cpp<br>
    llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp<br>
<br>
Modified: llvm/trunk/include/llvm/Transforms/Utils/Cloning.h<br>
URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/Transforms/Utils/Cloning.h?rev=262679&r1=262678&r2=262679&view=diff" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/Transforms/Utils/Cloning.h?rev=262679&r1=262678&r2=262679&view=diff</a><br>
==============================================================================<br>
--- llvm/trunk/include/llvm/Transforms/Utils/Cloning.h (original)<br>
+++ llvm/trunk/include/llvm/Transforms/Utils/Cloning.h Thu Mar  3 18:44:01 2016<br>
@@ -189,7 +189,7 @@ public:<br>
   explicit InlineFunctionInfo(CallGraph *cg = nullptr,<br>
                               AssumptionCacheTracker *ACT = nullptr,<br>
                               BlockCloningFunctor Ftor = nullptr)<br>
-      : CG(cg), ACT(ACT), Ftor(Ftor) {}<br>
+      : CG(cg), ACT(ACT), Ftor(Ftor), CallSuccessorBlockDeleted(false) {}<br>
<br>
   /// CG - If non-null, InlineFunction will update the callgraph to reflect the<br>
   /// changes it makes.<br>
@@ -198,6 +198,10 @@ public:<br>
   // Functor that is invoked when a block is cloned into the new function.<br>
   BlockCloningFunctor Ftor;<br>
<br>
+  /// CallSuccessorBlockDeleted - whether the block immediately following the<br>
+  /// call has been deleted during inlining<br>
+  bool CallSuccessorBlockDeleted;<br>
+<br>
   /// StaticAllocas - InlineFunction fills this in with all static allocas that<br>
   /// get copied into the caller.<br>
   SmallVector<AllocaInst *, 4> StaticAllocas;<br>
<br>
Modified: llvm/trunk/lib/Transforms/IPO/Inliner.cpp<br>
URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Transforms/IPO/Inliner.cpp?rev=262679&r1=262678&r2=262679&view=diff" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Transforms/IPO/Inliner.cpp?rev=262679&r1=262678&r2=262679&view=diff</a><br>
==============================================================================<br>
--- llvm/trunk/lib/Transforms/IPO/Inliner.cpp (original)<br>
+++ llvm/trunk/lib/Transforms/IPO/Inliner.cpp Thu Mar  3 18:44:01 2016<br>
@@ -580,11 +580,13 @@ bool Inliner::runOnSCC(CallGraphSCC &SCC<br>
           continue;<br>
         }<br>
         updateEntryCount(CallSiteBlock, Callee);<br>
-        // The instruction following the call is part of a new basic block<br>
-        // created during the inlining process. This does not have an entry in<br>
-        // the BFI. We create an entry by copying the frequency of the original<br>
-        // block containing the call.<br>
-        copyBlockFrequency(CallSiteBlock, CallSuccessor->getParent());<br>
+        if (!InlineInfo.CallSuccessorBlockDeleted) {<br>
+          // The instruction following the call is part of a new basic block<br>
+          // created during the inlining process. This does not have an entry in<br>
+          // the BFI. We create an entry by copying the frequency of the<br>
+          // original block containing the call.<br>
+          copyBlockFrequency(CallSiteBlock, CallSuccessor->getParent());<br>
+        }<br>
<br>
         ++NumInlined;<br>
<br>
<br>
Modified: llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp<br>
URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp?rev=262679&r1=262678&r2=262679&view=diff" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp?rev=262679&r1=262678&r2=262679&view=diff</a><br>
==============================================================================<br>
--- llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp (original)<br>
+++ llvm/trunk/lib/Transforms/Utils/InlineFunction.cpp Thu Mar  3 18:44:01 2016<br>
@@ -1994,8 +1994,11 @@ bool llvm::InlineFunction(CallSite CS, I<br>
<br>
   // If we inlined any musttail calls and the original return is now<br>
   // unreachable, delete it.  It can only contain a bitcast and ret.<br>
-  if (InlinedMustTailCalls && pred_begin(AfterCallBB) == pred_end(AfterCallBB))<br>
+  if (InlinedMustTailCalls &&<br>
+      pred_begin(AfterCallBB) == pred_end(AfterCallBB)) {<br>
+    IFI.CallSuccessorBlockDeleted = true;<br>
     AfterCallBB->eraseFromParent();<br>
+  }<br>
<br>
   // We should always be able to fold the entry block of the function into the<br>
   // single predecessor of the block...<br>
<br>
<br>
_______________________________________________<br>
llvm-commits mailing list<br>
<a href="mailto:llvm-commits@lists.llvm.org">llvm-commits@lists.llvm.org</a><br>
<a href="http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits" rel="noreferrer" target="_blank">http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits</a><br>
</blockquote></div><br></div>