[LLVMbugs] [Bug 16104] New: heap-use-after-free in CodeGen/R600/llvm.AMDGPU.tex.ll test
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Wed May 22 00:14:04 PDT 2013
http://llvm.org/bugs/show_bug.cgi?id=16104
Bug ID: 16104
Summary: heap-use-after-free in CodeGen/R600/llvm.AMDGPU.tex.ll
test
Product: new-bugs
Version: trunk
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: new bugs
Assignee: unassignedbugs at nondot.org
Reporter: samsonov at google.com
CC: eugeni.stepanov at gmail.com, kcc at google.com,
llvmbugs at cs.uiuc.edu, tstellar at gmail.com, vljn at ovi.com
Classification: Unclassified
ASan reports the following error on:
LLVM :: CodeGen/R600/llvm.AMDGPU.tex.ll
==7457==ERROR: AddressSanitizer: heap-use-after-free on address 0x611000009420
at pc 0xdf293c bp 0x7fff5f64cfb0 sp 0x7fff5f64cfa8
READ of size 8 at 0x611000009420 thread T0
#0 0xdf293b in get llvm/include/llvm/IR/Use.h:94
#1 0xdf293b in getSimplifiedValue llvm/include/llvm/IR/Use.h:161
#2 0xdf293b in doit llvm/include/llvm/Support/Casting.h:116
#3 0xdf293b in isa<llvm::Function, llvm::Use>
llvm/include/llvm/Support/Casting.h:135
#4 0xdf293b in dyn_cast<llvm::Function, llvm::Use>
llvm/include/llvm/Support/Casting.h:263
#5 0xdf293b in getCalledFunction llvm/include/llvm/IR/Instructions.h:1355
#6 0xdf293b in (anonymous
namespace)::R600TextureIntrinsicsReplacer::visitCallInst(llvm::CallInst&)
llvm/lib/Target/R600/R600TextureIntrinsicsReplacer.cpp:264
#7 0xdf1b9c in visitIntrinsicInst llvm/include/llvm/InstVisitor.h:215
#8 0xdf1b9c in delegateCallInst llvm/include/llvm/InstVisitor.h:262
#9 0xdf1b9c in visitCall llvm/include/llvm/IR/Instruction.def:164
#10 0xdf1b9c in visit llvm/include/llvm/IR/Instruction.def:164
#11 0xdf1b9c in visit<llvm::ilist_iterator<llvm::Instruction> >
llvm/include/llvm/InstVisitor.h:92
#12 0xdf1b9c in operator++ llvm/include/llvm/InstVisitor.h:107
#13 0xdf1b9c in begin llvm/include/llvm/InstVisitor.h:92
#14 0xdf1b9c in visit llvm/include/llvm/InstVisitor.h:103
#15 0xdf1b9c in (anonymous
namespace)::R600TextureIntrinsicsReplacer::runOnFunction(llvm::Function&)
llvm/lib/Target/R600/R600TextureIntrinsicsReplacer.cpp:250
#16 0x250d6e6 in llvm::FPPassManager::runOnFunction(llvm::Function&)
llvm/lib/IR/PassManager.cpp:1530
#17 0x250dc65 in llvm::FPPassManager::runOnModule(llvm::Module&)
llvm/lib/IR/PassManager.cpp:1550
#18 0x250e473 in llvm::MPPassManager::runOnModule(llvm::Module&)
llvm/lib/IR/PassManager.cpp:1608
#19 0x250f5f3 in llvm::PassManagerImpl::run(llvm::Module&)
llvm/lib/IR/PassManager.cpp:1703
#20 0x250fa4f in llvm::PassManager::run(llvm::Module&)
llvm/lib/IR/PassManager.cpp:1738
#21 0x51630f in compileModule llvm/tools/llc/llc.cpp:377
#22 0x51630f in main llvm/tools/llc/llc.cpp:195
#23 0x7f39c6f9a76c (/lib/x86_64-linux-gnu/libc.so.6+0x2176c)
#24 0x512d14 (llvm_build_asan/bin/llc+0x512d14)
0x611000009420 is located 96 bytes inside of 216-byte region
[0x6110000093c0,0x611000009498)
freed by thread T0 here:
#0 0x500345 in operator delete(void*)
llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:83
#1 0xdf3efe in (anonymous
namespace)::R600TextureIntrinsicsReplacer::ReplaceCallInst(llvm::CallInst&,
llvm::FunctionType*, char const*, unsigned int*, llvm::Value**, llvm::Value*,
llvm::Value*, unsigned int*, llvm::Value*)
llvm/lib/Target/R600/R600TextureIntrinsicsReplacer.cpp:155
#2 0xdf31fe in (anonymous
namespace)::R600TextureIntrinsicsReplacer::ReplaceTexIntrinsic(llvm::CallInst&,
bool, llvm::FunctionType*, char const*, char const*)
llvm/lib/Target/R600/R600TextureIntrinsicsReplacer.cpp:180
#3 0xdf1f31 in (anonymous
namespace)::R600TextureIntrinsicsReplacer::visitCallInst(llvm::CallInst&)
llvm/lib/Target/R600/R600TextureIntrinsicsReplacer.cpp:263
#4 0xdf1b9c in visitIntrinsicInst llvm/include/llvm/InstVisitor.h:215
#5 0xdf1b9c in delegateCallInst llvm/include/llvm/InstVisitor.h:262
#6 0xdf1b9c in visitCall llvm/include/llvm/IR/Instruction.def:164
#7 0xdf1b9c in visit llvm/include/llvm/IR/Instruction.def:164
#8 0xdf1b9c in visit<llvm::ilist_iterator<llvm::Instruction> >
llvm/include/llvm/InstVisitor.h:92
#9 0xdf1b9c in operator++ llvm/include/llvm/InstVisitor.h:107
#10 0xdf1b9c in begin llvm/include/llvm/InstVisitor.h:92
#11 0xdf1b9c in visit llvm/include/llvm/InstVisitor.h:103
#12 0xdf1b9c in (anonymous
namespace)::R600TextureIntrinsicsReplacer::runOnFunction(llvm::Function&)
llvm/lib/Target/R600/R600TextureIntrinsicsReplacer.cpp:250
#13 0x250d6e6 in llvm::FPPassManager::runOnFunction(llvm::Function&)
llvm/lib/IR/PassManager.cpp:1530
#14 0x250dc65 in llvm::FPPassManager::runOnModule(llvm::Module&)
llvm/lib/IR/PassManager.cpp:1550
#15 0x250e473 in llvm::MPPassManager::runOnModule(llvm::Module&)
llvm/lib/IR/PassManager.cpp:1608
#16 0x250f5f3 in llvm::PassManagerImpl::run(llvm::Module&)
llvm/lib/IR/PassManager.cpp:1703
#17 0x250fa4f in llvm::PassManager::run(llvm::Module&)
llvm/lib/IR/PassManager.cpp:1738
#18 0x51630f in compileModule llvm/tools/llc/llc.cpp:377
#19 0x51630f in main llvm/tools/llc/llc.cpp:195
#20 0x7f39c6f9a76c (/lib/x86_64-linux-gnu/libc.so.6+0x2176c)
previously allocated by thread T0 here:
#0 0x500085 in operator new(unsigned long)
llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:52
#1 0x253af43 in llvm::User::operator new(unsigned long, unsigned int)
llvm/lib/IR/User.cpp:60
#2 0x139ca13 in ArrayRef<void> llvm/include/llvm/IR/Instructions.h:1199
#3 0x139ca13 in llvm::LLParser::ParseCall(llvm::Instruction*&,
llvm::LLParser::PerFunctionState&, bool) llvm/lib/AsmParser/LLParser.cpp:4011
#4 0x138da37 in llvm::LLParser::ParseInstruction(llvm::Instruction*&,
llvm::BasicBlock*, llvm::LLParser::PerFunctionState&)
llvm/lib/AsmParser/LLParser.cpp:3305
#5 0x138d1b1 in
llvm::LLParser::ParseBasicBlock(llvm::LLParser::PerFunctionState&)
llvm/lib/AsmParser/LLParser.cpp:3183
#6 0x136801f in llvm::LLParser::ParseFunctionBody(llvm::Function&)
llvm/lib/AsmParser/LLParser.cpp:3136
#7 0x13564a5 in ParseDefine llvm/lib/AsmParser/LLParser.cpp:424
#8 0x13564a5 in llvm::LLParser::ParseTopLevelEntities()
llvm/lib/AsmParser/LLParser.cpp:226
#9 0x135613d in llvm::LLParser::Run() llvm/lib/AsmParser/LLParser.cpp:41
#10 0x1348885 in llvm::ParseAssembly(llvm::MemoryBuffer*, llvm::Module*,
llvm::SMDiagnostic&, llvm::LLVMContext&) llvm/lib/AsmParser/Parser.cpp:38
#11 0x11fe2f8 in llvm::ParseIR(llvm::MemoryBuffer*, llvm::SMDiagnostic&,
llvm::LLVMContext&) llvm/lib/IRReader/IRReader.cpp:76
#12 0x11febdb in llvm::ParseIRFile(std::string const&, llvm::SMDiagnostic&,
llvm::LLVMContext&) llvm/lib/IRReader/IRReader.cpp:88
#13 0x516f8b in compileModule llvm/tools/llc/llc.cpp:212
#14 0x516f8b in main llvm/tools/llc/llc.cpp:195
#15 0x7f39c6f9a76c (/lib/x86_64-linux-gnu/libc.so.6+0x2176c)
SUMMARY: AddressSanitizer: heap-use-after-free llvm/include/llvm/IR/Use.h:94
get
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20130522/614c0bd7/attachment.html>
More information about the llvm-bugs
mailing list