Fix a PassManager pointer use-after-free bug.

The bug can be triggered when we require LoopInfo analysis ahead of DominatorTree construction in a Module Pass. The cause is that the LoopInfo analysis itself also invokes DominatorTree construction, therefore, when PassManager schedules LoopInfo, it will add DominatorTree first. Then after that, when the PassManger turns to schedule DominatorTree invoked by the above ModulePass, it finds there is already a DominatorTree, so it delete the redundant one. However, somehow it still try to access that pass pointer after free as code pasted below, which results in segment fault.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@168581 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/VMCore/PassManager.cpp b/lib/VMCore/PassManager.cpp
index 8362034fcf2d5af9f3da40a74f702ca9fd12ef47..3a8a9e25e3cccea3ab185b107431b3082e08709f 100644 (file)
--- a/lib/VMCore/PassManager.cpp
+++ b/lib/VMCore/PassManager.cpp
@@ -1654,6 +1654,18 @@ void MPPassManager::addLowerLevelRequiredPass(Pass *P, Pass *RequiredPass) {
 
     OnTheFlyManagers[P] = FPP;
   }
+
+  // If RequiredPass is an analysis pass and it is available then do not
+  // generate the analysis again. Stale analysis info should not be
+  // available at this point.
+  const PassInfo *PI =
+    PassRegistry::getPassRegistry()->getPassInfo(RequiredPass->getPassID());
+  if (PI && PI->isAnalysis() && 
+      FPP->getTopLevelManager()->findAnalysisPass(RequiredPass->getPassID())) {
+    delete RequiredPass;
+    return;
+  }
+
   FPP->add(RequiredPass);
 
   // Register P as the last user of RequiredPass.