diff options
| author | Alexey Samsonov <samsonov@google.com> | 2012-11-30 22:27:54 +0000 |
|---|---|---|
| committer | Alexey Samsonov <samsonov@google.com> | 2012-11-30 22:27:54 +0000 |
| commit | 999d8bc38e2d8fad5acd978517bc6ba3047fa201 (patch) | |
| tree | 2f0c5aefad88afdff069d5114f8ec39dc0bac616 | |
| parent | ac9464e9360bbf5ee71277b106fefe2f9f374ba4 (diff) | |
| download | llvm-999d8bc38e2d8fad5acd978517bc6ba3047fa201.tar.gz llvm-999d8bc38e2d8fad5acd978517bc6ba3047fa201.tar.bz2 llvm-999d8bc38e2d8fad5acd978517bc6ba3047fa201.tar.xz | |
Fix a bug in APFloat.cpp: declare APFloat after fltSemantics it
uses. APFloat::convert() takes the pointer to the fltSemantics
variable, which is later accessed it in ~APFloat() desctructor.
That is, semantics must still be alive at the moment we delete
APFloat.
Found by experimental AddressSanitizer use-after-scope checker.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@169047 91177308-0d34-0410-b5e6-96231b3b80d8
| -rw-r--r-- | lib/Support/APFloat.cpp | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/Support/APFloat.cpp b/lib/Support/APFloat.cpp index 7e8b4a3d0d..1658d961fb 100644 --- a/lib/Support/APFloat.cpp +++ b/lib/Support/APFloat.cpp @@ -2761,9 +2761,11 @@ APFloat::convertPPCDoubleDoubleAPFloatToAPInt() const // normalize against the "double" minExponent first, and only *then* // truncate the mantissa. The result of that second conversion // may be inexact, but should never underflow. - APFloat extended(*this); + // Declare fltSemantics before APFloat that uses it (and + // saves pointer to it) to ensure correct destruction order. fltSemantics extendedSemantics = *semantics; extendedSemantics.minExponent = IEEEdouble.minExponent; + APFloat extended(*this); fs = extended.convert(extendedSemantics, rmNearestTiesToEven, &losesInfo); assert(fs == opOK && !losesInfo); (void)fs; |