search

Quuxplusone / LLVMBugzillaTest

0 stars 0 forks source link

Clang generates "use-after-delete" code with coroutine when compiled with -O0 #33261

Open Quuxplusone opened 7 years ago

Quuxplusone commented 7 years ago
Bugzilla Link PR34289
Status NEW
Importance P enhancement
Reported by Taewook Oh (twoh@fb.com)
Reported on 2017-08-22 15:29:38 -0700
Last modified on 2018-02-27 06:51:07 -0800
Version trunk
Hardware PC All
CC cygnus@michiru.ru, eniebler@boost.org, gornishanov@gmail.com, modocache@gmail.com
Fixed by commit(s)
Attachments coroutine.ll (694345 bytes, text/plain)
Blocks
Blocked by
See also 
Created attachment 19029
Output bitcode file.

Source: https://pastebin.com/KfLwD2wn
Compilation command: clang++ -O0 -g -fcoroutines-ts '-std=gnu++1z' -c -
stdlib=libc++ -emit-llvm -S -o coroutine.ll coroutine.cpp
Output: Attached.

If you see line 2904 of attached output file (coroutine.ll), it calls delete
with %vFrame. However, in line 2909, it loads from the member of %FramePtr,
which is an alias to %vFrame. This is a use after delete.
Quuxplusone commented 7 years ago

Attached coroutine.ll (694345 bytes, text/plain): Output bitcode file.