https://github.com/llvmbot updated
https://github.com/llvm/llvm-project/pull/130580
>From e0db588f3db40b1486e215c5d0b72a8f9ea2b018 Mon Sep 17 00:00:00 2001
From: Marc Auberer <marc.aube...@chillibits.com>
Date: Mon, 10 Mar 2025 11:53:45 +0100
Subject: [PATCH] [IR] Fix assertion error in User new/delete edge case
(#129914)
Fixes #129900
If `operator delete` was called after an unsuccessful constructor call
after `operator new`, we ran into undefined behaviour.
This was discovered by our malfunction tests while preparing an upgrade
to LLVM 20, that explicitly check for such kind of bugs.
(cherry picked from commit 8d38906d08f0189a7a7f865b267f47cab0a3790f)
---
llvm/lib/IR/User.cpp | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/llvm/lib/IR/User.cpp b/llvm/lib/IR/User.cpp
index b0aa785deb9af..ab44cb4b8a3f7 100644
--- a/llvm/lib/IR/User.cpp
+++ b/llvm/lib/IR/User.cpp
@@ -146,6 +146,9 @@ void *User::allocateFixedOperandUser(size_t Size, unsigned
Us,
Use *Start = reinterpret_cast<Use *>(Storage + DescBytesToAllocate);
Use *End = Start + Us;
User *Obj = reinterpret_cast<User *>(End);
+ Obj->NumUserOperands = Us;
+ Obj->HasHungOffUses = false;
+ Obj->HasDescriptor = DescBytes != 0;
for (; Start != End; Start++)
new (Start) Use(Obj);
@@ -172,6 +175,9 @@ void *User::operator new(size_t Size,
HungOffOperandsAllocMarker) {
void *Storage = ::operator new(Size + sizeof(Use *));
Use **HungOffOperandList = static_cast<Use **>(Storage);
User *Obj = reinterpret_cast<User *>(HungOffOperandList + 1);
+ Obj->NumUserOperands = 0;
+ Obj->HasHungOffUses = true;
+ Obj->HasDescriptor = false;
*HungOffOperandList = nullptr;
return Obj;
}
_______________________________________________
llvm-branch-commits mailing list
llvm-branch-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-branch-commits
