projects / oota-llvm.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 80708ae)
[AArch64] Remove a use-after-free when collecting stats.
authorChad Rosier <mcrosier@codeaurora.org>
Wed, 26 Aug 2015 13:39:48 +0000 (13:39 +0000)
committerChad Rosier <mcrosier@codeaurora.org>
Wed, 26 Aug 2015 13:39:48 +0000 (13:39 +0000)
The call to mergePairedInsns() deletes MI, so the later use by isUnscaledLdSt()
is referencing freed memory.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@246033 91177308-0d34-0410-b5e6-96231b3b80d8

lib/Target/AArch64/AArch64LoadStoreOptimizer.cpp patch | blob | history

diff --git a/lib/Target/AArch64/AArch64LoadStoreOptimizer.cpp b/lib/Target/AArch64/AArch64LoadStoreOptimizer.cpp
index b67d2e2acf9c0122bfd2bcebcfc21eaf80abb517..f7f3bfa75957330c98911d3e3bfa63c38496cade 100644 (file)
--- a/lib/Target/AArch64/AArch64LoadStoreOptimizer.cpp
+++ b/lib/Target/AArch64/AArch64LoadStoreOptimizer.cpp
@@ -984,15 +984,15 @@ bool AArch64LoadStoreOpt::optimizeBlock(MachineBasicBlock &MBB) {
       MachineBasicBlock::iterator Paired =
           findMatchingInsn(MBBI, Flags, ScanLimit);
       if (Paired != E) {
+        ++NumPairCreated;
+        if (isUnscaledLdSt(MI))
+          ++NumUnscaledPairCreated;
+
         // Merge the loads into a pair. Keeping the iterator straight is a
         // pain, so we let the merge routine tell us what the next instruction
         // is after it's done mucking about.
         MBBI = mergePairedInsns(MBBI, Paired, Flags);
-
         Modified = true;
-        ++NumPairCreated;
-        if (isUnscaledLdSt(MI))
-          ++NumUnscaledPairCreated;
         break;
       }
       ++MBBI;
C/C++ LLVM-based compilers that forbids OOTA behaviors