projects / platform / upstream / llvm.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 40e0006) | patch
[SCCPSolver] Fix use-after-free in markArgInFuncSpecialization
authorSjoerd Meijer <sjoerd.meijer@arm.com>
Tue, 5 Oct 2021 11:12:39 +0000 (12:12 +0100)
committerSjoerd Meijer <sjoerd.meijer@arm.com>
Tue, 5 Oct 2021 11:56:32 +0000 (12:56 +0100)
commitcdfc678572d60af414daf56a5f2f5811f7e6ca31
tree4ecdef71d0784fd53a682ddd90b1f546c62cd7fetree | snapshot
parent40e00063bcb77873274504094116f29ecc2d1080commit | diff
[SCCPSolver] Fix use-after-free in markArgInFuncSpecialization

In SCCPSolver::markArgInFuncSpecialization, the ValueState map may be
reallocated *after* the initial ValueLatticeElement reference is grabbed, but
*before* its use in copy initialization. This causes a use-after-free.  To fix
this, this commit changes the behavior to create the new ValueLatticeElement
before assigning the old one to it.

Patch by: https://github.com/duck-37/

Differential Revision: https://reviews.llvm.org/D111112
llvm/lib/Transforms/Utils/SCCPSolver.cpp diff | blob | history
Domain: System / Toolchain;