Fix a subtle use-after-free issue.

author Owen Anderson <resistor@mac.com>

Wed, 11 Aug 2010 22:36:04 +0000 (22:36 +0000)

committer Owen Anderson <resistor@mac.com>

Wed, 11 Aug 2010 22:36:04 +0000 (22:36 +0000)
author Owen Anderson <resistor@mac.com>
Wed, 11 Aug 2010 22:36:04 +0000 (22:36 +0000)
committer Owen Anderson <resistor@mac.com>
Wed, 11 Aug 2010 22:36:04 +0000 (22:36 +0000)
diff --git a/lib/Analysis/LazyValueInfo.cpp b/lib/Analysis/LazyValueInfo.cpp

index c932e81e2457764867ac765c800ee491cc02d1b6..d3a437f9405057ea4b8af7545c86756fd533f30e 100644 (file)
--- a/lib/Analysis/LazyValueInfo.cpp
+++ b/lib/Analysis/LazyValueInfo.cpp
@@ -384,7 +384,6 @@ namespace {
  } // end anonymous namespace
  
  void LazyValueInfoCache::LVIValueHandle::deleted() {
-  Parent->ValueCache.erase(*this);
    for (std::set<std::pair<BasicBlock*, Value*> >::iterator
         I = Parent->OverDefinedCache.begin(),
         E = Parent->OverDefinedCache.end();
@@ -394,6 +393,10 @@ void LazyValueInfoCache::LVIValueHandle::deleted() {
      if (tmp->second == getValPtr())
        Parent->OverDefinedCache.erase(tmp);
    }
+  
+  // This erasure deallocates *this, so it MUST happen after we're done
+  // using any and all members of *this.
+  Parent->ValueCache.erase(*this);
  }
author	Owen Anderson <resistor@mac.com>
	Wed, 11 Aug 2010 22:36:04 +0000 (22:36 +0000)
committer	Owen Anderson <resistor@mac.com>
	Wed, 11 Aug 2010 22:36:04 +0000 (22:36 +0000)