[LLVMbugs] [Bug 4102] New: Write after free in debug info writer with fast isel
bugzilla-daemon at cs.uiuc.edu
bugzilla-daemon at cs.uiuc.edu
Tue Apr 28 21:30:19 PDT 2009
http://llvm.org/bugs/show_bug.cgi?id=4102
Summary: Write after free in debug info writer with fast isel
Product: new-bugs
Version: unspecified
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: new bugs
AssignedTo: unassignedbugs at nondot.org
ReportedBy: sharparrow1 at yahoo.com
CC: llvmbugs at cs.uiuc.edu
Created an attachment (id=2911)
--> (http://llvm.org/bugs/attachment.cgi?id=2911)
Testcase (unreduced bitcode)
Testcase attached; to reproduce, run the following:
valgrind llc x.bc -o x.s -fast
First error:
==7399== Invalid write of size 4
==7399== at 0x8AC41C2:
llvm::DwarfDebug::getOrCreateScope(llvm::GlobalVariable*)
(DwarfWriter.cpp:2034)
==7399== by 0x8AC44CD:
llvm::DwarfDebug::RecordRegionStart(llvm::GlobalVariable*)
(DwarfWriter.cpp:3471)
==7399== by 0x8AAD37A:
llvm::DwarfWriter::RecordRegionStart(llvm::GlobalVariable*)
(DwarfWriter.cpp:4756)
==7399== by 0x898311C: llvm::FastISel::SelectCall(llvm::User*)
(FastISel.cpp:349)
==7399== by 0x8984A70: llvm::FastISel::SelectOperator(llvm::User*, unsigned)
(FastISel.cpp:721)
==7399== by 0x8984CAE: llvm::FastISel::SelectInstruction(llvm::Instruction*)
(FastISel.cpp:626)
==7399== by 0x8A08A61:
llvm::SelectionDAGISel::SelectAllBasicBlocks(llvm::Function&,
llvm::MachineFunction&, llvm::MachineModuleInfo*, llvm::DwarfWriter*,
llvm::TargetInstrInfo const&) (SelectionDAGISel.cpp:810)
==7399== by 0x8A09B88:
llvm::SelectionDAGISel::runOnFunction(llvm::Function&)
(SelectionDAGISel.cpp:331)
==7399== by 0x8D35F71: llvm::FPPassManager::runOnFunction(llvm::Function&)
(PassManager.cpp:1338)
==7399== by 0x8D36A5F: llvm::FunctionPassManagerImpl::run(llvm::Function&)
(PassManager.cpp:1291)
==7399== by 0x8D36C30: llvm::FunctionPassManager::run(llvm::Function&)
(PassManager.cpp:1233)
==7399== by 0x8419F89: main (llc.cpp:322)
==7399== Address 0x4b40fa4 is 68 bytes inside a block of size 512 free'd
==7399== at 0x40246EA: operator delete(void*) (vg_replace_malloc.c:342)
==7399== by 0x8ABA5DE: llvm::DenseMap<llvm::GlobalVariable*,
llvm::DbgScope*, llvm::DenseMapInfo<llvm::GlobalVariable*>,
llvm::DenseMapInfo<llvm::DbgScope*> >::grow(unsigned) (DenseMap.h:469)
==7399== by 0x8ABA64D: llvm::DenseMap<llvm::GlobalVariable*,
llvm::DbgScope*, llvm::DenseMapInfo<llvm::GlobalVariable*>,
llvm::DenseMapInfo<llvm::DbgScope*> >::InsertIntoBucket(llvm::GlobalVariable*
const&, llvm::DbgScope* const&, std::pair<llvm::GlobalVariable*,
llvm::DbgScope*>*) (DenseMap.h:351)
==7399== by 0x8ABA73D: llvm::DenseMap<llvm::GlobalVariable*,
llvm::DbgScope*, llvm::DenseMapInfo<llvm::GlobalVariable*>,
llvm::DenseMapInfo<llvm::DbgScope*> >::FindAndConstruct(llvm::GlobalVariable*
const&) (DenseMap.h:282)
==7399== by 0x8ABA76D: llvm::DenseMap<llvm::GlobalVariable*,
llvm::DbgScope*, llvm::DenseMapInfo<llvm::GlobalVariable*>,
llvm::DenseMapInfo<llvm::DbgScope*> >::operator[](llvm::GlobalVariable* const&)
(DenseMap.h:286)
==7399== by 0x8AC40F4:
llvm::DwarfDebug::getOrCreateScope(llvm::GlobalVariable*)
(DwarfWriter.cpp:2024)
==7399== by 0x8AC417F:
llvm::DwarfDebug::getOrCreateScope(llvm::GlobalVariable*)
(DwarfWriter.cpp:2032)
==7399== by 0x8AC44CD:
llvm::DwarfDebug::RecordRegionStart(llvm::GlobalVariable*)
(DwarfWriter.cpp:3471)
==7399== by 0x8AAD37A:
llvm::DwarfWriter::RecordRegionStart(llvm::GlobalVariable*)
(DwarfWriter.cpp:4756)
==7399== by 0x898311C: llvm::FastISel::SelectCall(llvm::User*)
(FastISel.cpp:349)
==7399== by 0x8984A70: llvm::FastISel::SelectOperator(llvm::User*, unsigned)
(FastISel.cpp:721)
==7399== by 0x8984CAE: llvm::FastISel::SelectInstruction(llvm::Instruction*)
(FastISel.cpp:626)
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the llvm-bugs
mailing list