Fix use-after-free in SILCombine #34145
Conversation
|
I tried to change the SILBuilder apis emitStrongRelease/emitReleaseValue/emitDestroyValue such that they don't do any "folding". Even though there are no changes in benchmarks, several tests need to be updated. Because there are no optimizations in GuaranteedARCOpts at -Onone that can optimize the same way as the "folding" in these apis. I'll do this cleanup at a later time. cc @gottesmm |
|
@swift-ci test |
|
Build failed |
|
Build failed |
| // issues must have been dealt with by our caller. | ||
| if (operand->getType().isAddress()) { | ||
| // Then emit the destroy_addr for this operand | ||
| SILInstruction *newInst = builder.emitDestroyAddrAndFold(loc, operand); |
There was a problem hiding this comment.
emitDetroyAddrAndFold can return a nullptr. Shouldn't createNewInst only be called if it's not a nullptr?
This is not new with this PR, so obviously it can deal with nullptrs. But still, I think, just to be on the save side createNewInst should not be called with a nullptr.
meg-gupta
force-pushed
the
usecallbacks
branch
from
d7086c5 to
f05acca
Compare
|
@swift-ci test |
|
Build failed |
|
@swift-ci test |
|
@swift-ci test OS X platform |
|
@swift-ci test Windows platform |
|
Build failed |
|
Build failed |
|
@swift-ci test |
* 'master' of github.com:apple/swift: Fix use-after-free in SILCombine (swiftlang#34145)
SILCombine maintains a worklist of instructions and deleting of instructions is valid only via callbacks that remove them from the worklist as well. It calls swift::tryDeleteDeadClosure which in turn calls SILBuilder apis like emitStrongRelease/emitReleaseValue/emitDestroyValue which can delete instructions via SILInstruction::eraseFromParent leaving behind a stale entry in SILCombine's worklist causing a crash.
This PR adds swift::emitDestroyOperation which correctly calls the appropriate InstModCallbacks on added/removed instructions. This comes from swift::releasePartialApplyCapturedArg which was handling creation of destroys with callbacks correctly.