Jeroen Dobbelaere via llvm-dev
2021-Jul-09 08:32 UTC
[llvm-dev] InlineFunction.cpp: IFI.InlinedCallSites and intrinsics
Hi all, I have been investigating a 'use after free' in the inliner. (This is with the full restrict patches) The problem is related to an intrinsic call that is removed, but later on is used anyway because the instruction was being tracked in the 'IFI.InlinedCallSites': https://github.com/llvm/llvm-project/blob/1db2551cc1a356a67c0967f424d6158e2ea127e3/llvm/lib/Transforms/Utils/InlineFunction.cpp#L2448 As similar code here: https://github.com/llvm/llvm-project/blob/1db2551cc1a356a67c0967f424d6158e2ea127e3/llvm/lib/Transforms/Utils/InlineFunction.cpp#L1350 avoids updating 'IFI.InlinedCalls' for intrinsics, I am wondering if the same logic should be added to the former. Or is there a good reason that intrinsics must be included in 'IFI.InlinedCallSites' ? Thanks, Jeroen Dobbelaere
Arthur Eubanks via llvm-dev
2021-Jul-09 15:40 UTC
[llvm-dev] InlineFunction.cpp: IFI.InlinedCallSites and intrinsics
I don't see any reason to add intrinsics into `IFI.InlinedCallSites`. Seems like all users expect it to only contain actual function calls. Is the use after free specific to your patches, or is it observable currently in ToT LLVM? On Fri, Jul 9, 2021 at 2:32 AM Jeroen Dobbelaere via llvm-dev < llvm-dev at lists.llvm.org> wrote:> Hi all, > > I have been investigating a 'use after free' in the inliner. (This is with > the full restrict patches) > > The problem is related to an intrinsic call that is removed, but later on > is used anyway because > the instruction was being tracked in the 'IFI.InlinedCallSites': > > > https://github.com/llvm/llvm-project/blob/1db2551cc1a356a67c0967f424d6158e2ea127e3/llvm/lib/Transforms/Utils/InlineFunction.cpp#L2448 > > As similar code here: > > https://github.com/llvm/llvm-project/blob/1db2551cc1a356a67c0967f424d6158e2ea127e3/llvm/lib/Transforms/Utils/InlineFunction.cpp#L1350 > > avoids updating 'IFI.InlinedCalls' for intrinsics, I am wondering if the > same logic should be added to the former. > Or is there a good reason that intrinsics must be included in > 'IFI.InlinedCallSites' ? > > Thanks, > > Jeroen Dobbelaere > > _______________________________________________ > LLVM Developers mailing list > llvm-dev at lists.llvm.org > https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20210709/7dc6ff5f/attachment.html>