[cfe-dev] Memory corruption bug in CodeGenTypes

Wed, 30 Jan 2008 18:26:02 -0800 

Found a pretty serious issue in CodeGenTypes::ConvertNewType: it grabs
a reference to a cell in a map, modifies the map by instantiating the
members of the struct, then writes to the map.  Obviously, this is not
a good thing...

Patch attached, although I'm not sure if it's the right way to fix this.

-Eli

Index: CodeGen/CodeGenTypes.cpp
===================================================================
--- CodeGen/CodeGenTypes.cpp    (revision 46593)
+++ CodeGen/CodeGenTypes.cpp    (working copy)
@@ -97,7 +97,7 @@
 static bool isOpaqueTypeDefinition(QualType T, const llvm::Type *LT) {
   if (T->isPointerType()) {
     return
-      isOpaqueTypeDefinition(cast<PointerType>(*T).getPointeeType(),
+      isOpaqueTypeDefinition(T->getAsPointerType()->getPointeeType(),
                              cast<llvm::PointerType>(LT)->getElementType());
   }
   if (!isa<llvm::OpaqueType>(LT))
@@ -279,7 +279,7 @@
   case Type::Tagged:
     const TagType &TT = cast<TagType>(Ty);
     const TagDecl *TD = TT.getDecl();
-    llvm::Type *&ResultType = TagDeclTypes[TD];
+    llvm::Type *ResultType = TagDeclTypes[TD];
       
     // If corresponding llvm type is not a opaque struct type
     // then use it.
@@ -287,7 +287,7 @@
       return ResultType;
     
     if (!TD->isDefinition()) {
-      ResultType = llvm::OpaqueType::get();  
+      ResultType = TagDeclTypes[TD] = llvm::OpaqueType::get();  
     } else if (TD->getKind() == Decl::Enum) {
       return ConvertType(cast<EnumDecl>(TD)->getIntegerType());
     } else if (TD->getKind() == Decl::Struct) {
@@ -324,7 +324,7 @@
 
       // Get llvm::StructType.
       CGRecordLayout *RLI = new CGRecordLayout(RO.getLLVMType());
-      ResultType = RLI->getLLVMType();
+      ResultType = TagDeclTypes[TD] = RLI->getLLVMType();
       CGRecordLayouts[ResultType] = RLI;
 
       // Refine any OpaqueType associated with this RecordDecl.
@@ -347,11 +347,11 @@
 
         // Get llvm::StructType.
         CGRecordLayout *RLI = new CGRecordLayout(RO.getLLVMType());
-        ResultType = RLI->getLLVMType();
+        ResultType = TagDeclTypes[TD] = RLI->getLLVMType();
         CGRecordLayouts[ResultType] = RLI;
       } else {       
         std::vector<const llvm::Type*> Fields;
-        ResultType = llvm::StructType::get(Fields);
+        ResultType = TagDeclTypes[TD] = llvm::StructType::get(Fields);
       }
     } else {
       assert(0 && "FIXME: Implement tag decl kind!");

_______________________________________________
cfe-dev mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev

Reply via email to