[PATCH] D81269: Fix null pointer dereference in `ProfileSummaryInfo::getPSI()`
Pietro Fezzardi via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Jun 5 09:25:53 PDT 2020
fez created this revision.
fez added a project: LLVM.
Herald added subscribers: llvm-commits, hiraditya, eraman.
fez added a reviewer: vsk.
fez added a comment.
I added @vsk as a reviewer, because he's the one who accepted the patch set that introduced the code that causes the bug.
This fixes a regression introduced by a cosmetic change
here: https://reviews.llvm.org/D54669
The cosmetic change in the link above introduces a scenario where
calling `getPSI()` may dereference a NULL pointer (namely if the `PSI`
member of `ProfileSummaryInfo` is NULL).
When compiling with clang-9 with `-O2`, calls to `getPSI` are inlined.
The compiler sees the nullptr dereference (which is undefined behavior)
and is entitled to remove any nullptr check.
This causes snippets like this to crash:
// The following call to getPSI is inlined, and it contains a pointer
// dereference.
auto *PSI = &Stuff.getPSI();
// This check is assumed to be always true, because if it was false
// the following line would summon undefined behavior.
// So the compiler emits the code for `if (true)`
if (PSI)
PSI->call_any_method(); // This dereferences PSI which is nullptr
This commit changes the APIs of `ProfileSummaryInfo` to return naked
pointers instead of dereferencing a possibly null pointer.
In this way, the pointer (null or not) is never dereferenced, and the
compiler is not entitled to remove the `if (PSI)` check.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D81269
Files:
llvm/include/llvm/Analysis/ProfileSummaryInfo.h
llvm/lib/Analysis/ModuleSummaryAnalysis.cpp
llvm/lib/CodeGen/CodeGenPrepare.cpp
llvm/lib/Transforms/IPO/HotColdSplitting.cpp
llvm/lib/Transforms/IPO/Inliner.cpp
llvm/lib/Transforms/IPO/PartialInlining.cpp
llvm/lib/Transforms/IPO/SampleProfile.cpp
llvm/lib/Transforms/InstCombine/InstructionCombining.cpp
llvm/lib/Transforms/Instrumentation/ControlHeightReduction.cpp
llvm/lib/Transforms/Instrumentation/IndirectCallPromotion.cpp
llvm/lib/Transforms/Scalar/ConstantHoisting.cpp
llvm/lib/Transforms/Scalar/LoopLoadElimination.cpp
llvm/lib/Transforms/Vectorize/LoopVectorize.cpp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D81269.268824.patch
Type: text/x-patch
Size: 8339 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20200605/ea5d9707/attachment.bin>
More information about the llvm-commits
mailing list