caio/clang-p2996
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[InstCombine] Fix use after free

Browse Source 
Load the nowrap flags before calling EmitGEPOffset(), as this may
free the instruction.
This commit is contained in:
Nikita Popov
2025-07-01 15:18:49 +02:00
parent 1a253e213d
commit bedd7ddb7f
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
llvm/lib/Transforms/InstCombine/InstCombineCompares.cpp
View File

@@ -711,9 +711,11 @@ Instruction *InstCombinerImpl::foldGEPICmp(GEPOperator *GEPLHS, Value *RHS,
Value *PtrBase = GEPLHS->getOperand(0);
if (PtrBase == RHS && CanFold(GEPLHS->getNoWrapFlags())) {
// ((gep Ptr, OFFSET) cmp Ptr) ---> (OFFSET cmp 0).
GEPNoWrapFlags NW = GEPLHS->getNoWrapFlags();
// Do not access GEPLHS after EmitGEPOffset, as the instruction may be
// destroyed.
Value *Offset = EmitGEPOffset(GEPLHS, /*RewriteGEP=*/true);
return NewICmp(GEPLHS->getNoWrapFlags(), Offset,
Constant::getNullValue(Offset->getType()));
return NewICmp(NW, Offset, Constant::getNullValue(Offset->getType()));
}
if (GEPLHS->isInBounds() && ICmpInst::isEquality(Cond) &&