[PATCH] D104063: [SimplifyCFG] avoid crash on degenerate loop
Roman Lebedev via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Jun 10 14:53:15 PDT 2021
lebedev.ri added inline comments.
================
Comment at: llvm/lib/Transforms/Utils/SimplifyCFG.cpp:2710
BasicBlock *IfTrue, *IfFalse;
Value *IfCond = GetIfCondition(BB, IfTrue, IfFalse);
if (!IfCond ||
----------------
(1) If you change `IfCond`'s type to `AssertingVH<Value>` ...
================
Comment at: llvm/lib/Transforms/Utils/SimplifyCFG.cpp:2843
Value *Sel = Builder.CreateSelect(IfCond, TrueVal, FalseVal, "", InsertPt);
PN->replaceAllUsesWith(Sel);
----------------
(3) ... so here on the second loop iteration `IfCond` is use-after-free.
================
Comment at: llvm/lib/Transforms/Utils/SimplifyCFG.cpp:2846
Sel->takeName(PN);
PN->eraseFromParent();
}
----------------
(2) ... the backtrace will tell you that the handle goes bad here ...
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D104063/new/
https://reviews.llvm.org/D104063
More information about the llvm-commits
mailing list