From 9853db7072b26c57ab20bc17bbc00e7384abbf06 Mon Sep 17 00:00:00 2001 From: Zhou Sheng Date: Mon, 26 Nov 2012 05:45:53 +0000 Subject: [PATCH] Fix a PassManager pointer use-after-free bug. The bug can be triggered when we require LoopInfo analysis ahead of DominatorTree construction in a Module Pass. The cause is that the LoopInfo analysis itself also invokes DominatorTree construction, therefore, when PassManager schedules LoopInfo, it will add DominatorTree first. Then after that, when the PassManger turns to schedule DominatorTree invoked by the above ModulePass, it finds there is already a DominatorTree, so it delete the redundant one. However, somehow it still try to access that pass pointer after free as code pasted below, which results in segment fault. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168581 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/VMCore/PassManager.cpp | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/lib/VMCore/PassManager.cpp b/lib/VMCore/PassManager.cpp index 8362034fcf2..3a8a9e25e3c 100644 --- a/lib/VMCore/PassManager.cpp +++ b/lib/VMCore/PassManager.cpp @@ -1654,6 +1654,18 @@ void MPPassManager::addLowerLevelRequiredPass(Pass *P, Pass *RequiredPass) { OnTheFlyManagers[P] = FPP; } + + // If RequiredPass is an analysis pass and it is available then do not + // generate the analysis again. Stale analysis info should not be + // available at this point. + const PassInfo *PI = + PassRegistry::getPassRegistry()->getPassInfo(RequiredPass->getPassID()); + if (PI && PI->isAnalysis() && + FPP->getTopLevelManager()->findAnalysisPass(RequiredPass->getPassID())) { + delete RequiredPass; + return; + } + FPP->add(RequiredPass); // Register P as the last user of RequiredPass.