[all-commits] [llvm/llvm-project] cdfc67: [SCCPSolver] Fix use-after-free in markArgInFuncSp...
sjoerdmeijer via All-commits
all-commits at lists.llvm.org
Tue Oct 5 04:57:59 PDT 2021
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: cdfc678572d60af414daf56a5f2f5811f7e6ca31
https://github.com/llvm/llvm-project/commit/cdfc678572d60af414daf56a5f2f5811f7e6ca31
Author: Sjoerd Meijer <sjoerd.meijer at arm.com>
Date: 2021-10-05 (Tue, 05 Oct 2021)
Changed paths:
M llvm/lib/Transforms/Utils/SCCPSolver.cpp
Log Message:
-----------
[SCCPSolver] Fix use-after-free in markArgInFuncSpecialization
In SCCPSolver::markArgInFuncSpecialization, the ValueState map may be
reallocated *after* the initial ValueLatticeElement reference is grabbed, but
*before* its use in copy initialization. This causes a use-after-free. To fix
this, this commit changes the behavior to create the new ValueLatticeElement
before assigning the old one to it.
Patch by: https://github.com/duck-37/
Differential Revision: https://reviews.llvm.org/D111112
More information about the All-commits
mailing list