mirror of
https://github.com/RPCS3/llvm-mirror.git
synced 2024-10-19 11:02:59 +02:00
X86: Avoid accessing SDValues after they've been RAUW'd
This fixes two use-after-frees in selectLEA64_32Addr. If matchAddress matches an ADD with an AND as an operand, and that AND hits one of the "heroic transforms" that folds masks and shifts, we end up with N pointing to an SDNode that was deleted. Make sure we're done accessing it before that. Found by ASan with the recycling allocator changes in llvm.org/PR26808. llvm-svn: 266130
This commit is contained in:
parent
1b80834fc9
commit
7ca5d7c5c4
@ -1574,10 +1574,12 @@ bool X86DAGToDAGISel::selectMOV64Imm32(SDValue N, SDValue &Imm) {
|
||||
bool X86DAGToDAGISel::selectLEA64_32Addr(SDValue N, SDValue &Base,
|
||||
SDValue &Scale, SDValue &Index,
|
||||
SDValue &Disp, SDValue &Segment) {
|
||||
// Save the debug loc before calling selectLEAAddr, in case it invalidates N.
|
||||
SDLoc DL(N);
|
||||
|
||||
if (!selectLEAAddr(N, Base, Scale, Index, Disp, Segment))
|
||||
return false;
|
||||
|
||||
SDLoc DL(N);
|
||||
RegisterSDNode *RN = dyn_cast<RegisterSDNode>(Base);
|
||||
if (RN && RN->getReg() == 0)
|
||||
Base = CurDAG->getRegister(0, MVT::i64);
|
||||
@ -1617,6 +1619,10 @@ bool X86DAGToDAGISel::selectLEAAddr(SDValue N,
|
||||
SDValue &Segment) {
|
||||
X86ISelAddressMode AM;
|
||||
|
||||
// Save the DL and VT before calling matchAddress, it can invalidate N.
|
||||
SDLoc DL(N);
|
||||
MVT VT = N.getSimpleValueType();
|
||||
|
||||
// Set AM.Segment to prevent MatchAddress from using one. LEA doesn't support
|
||||
// segments.
|
||||
SDValue Copy = AM.Segment;
|
||||
@ -1627,7 +1633,6 @@ bool X86DAGToDAGISel::selectLEAAddr(SDValue N,
|
||||
assert (T == AM.Segment);
|
||||
AM.Segment = Copy;
|
||||
|
||||
MVT VT = N.getSimpleValueType();
|
||||
unsigned Complexity = 0;
|
||||
if (AM.BaseType == X86ISelAddressMode::RegBase)
|
||||
if (AM.Base_Reg.getNode())
|
||||
@ -1667,7 +1672,7 @@ bool X86DAGToDAGISel::selectLEAAddr(SDValue N,
|
||||
if (Complexity <= 2)
|
||||
return false;
|
||||
|
||||
getAddressOperands(AM, SDLoc(N), Base, Scale, Index, Disp, Segment);
|
||||
getAddressOperands(AM, DL, Base, Scale, Index, Disp, Segment);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user