[LLVMbugs] [Bug 4483] New: The JIT allocates global data inside of function bodies, which can be freed
bugzilla-daemon at cs.uiuc.edu
bugzilla-daemon at cs.uiuc.edu
Mon Jun 29 16:22:29 PDT 2009
http://llvm.org/bugs/show_bug.cgi?id=4483
Summary: The JIT allocates global data inside of function bodies,
which can be freed
Product: new-bugs
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: new bugs
AssignedTo: reid.kleckner at gmail.com
ReportedBy: reid.kleckner at gmail.com
CC: llvmbugs at cs.uiuc.edu
Consider the program:
int counter = 0;
void foo() { return ++counter; }
void bar() { return ++counter; }
If we use the JIT, and make a call to foo, free the code for foo, and then call
bar, we'll access freed memory. Of course, you won't notice the problem until
something else is allocated in the freed region, but if you poison freed memory
it's easier to detect.
This also interferes with reattempting to JIT machine code, which I was working
on when I found this bug. I ran into it because I free the machine code before
retrying, and if the function allocated any globals before reattempting, the
old addresses are saved in the GlobalValue to address map.
I've attached a failing test case, and I'm working on a fix.
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the llvm-bugs
mailing list