This is an archive of the discontinued LLVM Phabricator instance.

Differential D48476

Detecting leaked instructions with metadata and freeing the metadata to avoid use-after-free
ClosedPublic

Authored by akokins on Jun 22 2018, 3:19 AM.

Details

Reviewers
vsk
Summary

Original bug

When instructions with metadata are accidentally leaked, the result is a difficult-to-find memory corruption in ~LLVMContextImpl that leads to random crashes.

This patch implements the detection and graceful handling of such issues.

Diff Detail

Event Timeline

akokins created this revision.Jun 22 2018, 3:19 AM
Herald added a subscriber: llvm-commits. · View Herald TranscriptJun 22 2018, 3:19 AM
vsk added a subscriber: vsk.Jun 22 2018, 9:03 AM

Thanks for the patch.

I like the idea of having a cheap leak check in debug builds. However, I don’t think we should add a mitigation for improper use of the API, because it can build up to code confusion/bloat over time. It becomes less clear what the API does/doesn’t support.

Could you please:

  • Just keep the code conditional on !ndebug
  • Update a diff with context (git diff -U10000)
  • End sentences in comments with periods
akokins updated this revision to Diff 152629.Jun 25 2018, 1:11 AM

Made the required changes to the diff.

akokins updated this revision to Diff 152631.Jun 25 2018, 1:14 AM

Please ignore the previous diff, I missed that the comment didn't make sense after the changes.

vsk added a comment.Jun 25 2018, 10:08 AM

LGTM, thanks. Do you need someone to commit this for you?

akokins added a comment.Jun 25 2018, 12:55 PM
In D48476#1142388, @vsk wrote:

LGTM, thanks. Do you need someone to commit this for you?

Yes, it would be great if someone could commit this as I don't have commit access.

vsk accepted this revision.Jun 29 2018, 1:18 PM

Sorry for the delay. I've committed this in r336010.

This revision is now accepted and ready to land.Jun 29 2018, 1:18 PM
vsk closed this revision.Jun 29 2018, 1:18 PM

Revision Contents

PathSize
lib/
IR/
8 lines

Diff 152631

lib/IR/LLVMContextImpl.cpp

Show First 20 LinesShow All 42 Lines▼ Show 20 Lines
LLVMContextImpl::~LLVMContextImpl() { LLVMContextImpl::~LLVMContextImpl() {
// NOTE: We need to delete the contents of OwnedModules, but Module's dtor // NOTE: We need to delete the contents of OwnedModules, but Module's dtor
// will call LLVMContextImpl::removeModule, thus invalidating iterators into // will call LLVMContextImpl::removeModule, thus invalidating iterators into
// the container. Avoid iterators during this operation: // the container. Avoid iterators during this operation:
while (!OwnedModules.empty()) while (!OwnedModules.empty())
delete *OwnedModules.begin(); delete *OwnedModules.begin();
#ifndef NDEBUG
// Check for metadata references from leaked Instructions.
for (auto &Pair : InstructionMetadata)
Pair.first->dump();
assert(InstructionMetadata.empty() &&
"Instructions with metadata have been leaked");
#endif
// Drop references for MDNodes. Do this before Values get deleted to avoid // Drop references for MDNodes. Do this before Values get deleted to avoid
// unnecessary RAUW when nodes are still unresolved. // unnecessary RAUW when nodes are still unresolved.
for (auto *I : DistinctMDNodes) for (auto *I : DistinctMDNodes)
I->dropAllReferences(); I->dropAllReferences();
#define HANDLE_MDNODE_LEAF_UNIQUABLE(CLASS) \ #define HANDLE_MDNODE_LEAF_UNIQUABLE(CLASS) \
for (auto *I : CLASS##s) \ for (auto *I : CLASS##s) \
I->dropAllReferences(); I->dropAllReferences();
#include "llvm/IR/Metadata.def" #include "llvm/IR/Metadata.def"
▲ Show 20 LinesShow All 186 LinesShow Last 20 Lines