llvm.org GIT mirror llvm / 3e090e5
[ThinLTO] Fix memory corruption in ThinLTOCodeGenerator when CodeGenOnly was specified Summary: Issue occurs when doing ThinLTO with CodeGenOnly flag. TMBuilder.TheTriple is assigned to by multiple threads in an unsafe way resulting in double-free of std::string memory. Pseudocode: if (CodeGenOnly) { // Perform only parallel codegen and return. ThreadPool Pool; int count = 0; for (auto &ModuleBuffer : Modules) { Pool.async([&](int count) { ... /// Now call OutputBuffer = codegen(*TheModule); /// Which turns into initTMBuilder(moduleTMBuilder, Triple(TheModule.getTargetTriple())); /// Which turns into TMBuilder.TheTriple = std::move(TheTriple); // std::string = "....." /// So, basically std::string assignment to same string on multiple threads = memory corruption } return; } Patch by Alex Borcan Reviewers: llvm-commits, steven_wu Reviewed By: steven_wu Subscribers: mehdi_amini, inglorion, eraman, steven_wu, dexonsmith, llvm-commits Differential Revision: https://reviews.llvm.org/D51651 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@341422 91177308-0d34-0410-b5e6-96231b3b80d8 Steven Wu 1 year, 13 days ago
2 changed file(s) with 1 addition(s) and 14 deletion(s). Raw diff Collapse all Expand all
298298 */
299299 void optimize(Module &Module);
300300
301 /**
302 * Perform ThinLTO CodeGen.
303 */
304 std::unique_ptr codegen(Module &Module);
305
306301 /**@}*/
307302
308303 private:
817817 optimizeModule(TheModule, *TMBuilder.create(), OptLevel, Freestanding);
818818 }
819819
820 /**
821 * Perform ThinLTO CodeGen.
822 */
823 std::unique_ptr ThinLTOCodeGenerator::codegen(Module &TheModule) {
824 initTMBuilder(TMBuilder, Triple(TheModule.getTargetTriple()));
825 return codegenModule(TheModule, *TMBuilder.create());
826 }
827
828820 /// Write out the generated object file, either from CacheEntryPath or from
829821 /// OutputBuffer, preferring hard-link when possible.
830822 /// Returns the path to the generated file in SavedObjectsDirectoryPath.
892884 /*IsImporting*/ false);
893885
894886 // CodeGen
895 auto OutputBuffer = codegen(*TheModule);
887 auto OutputBuffer = codegenModule(*TheModule, *TMBuilder.create());
896888 if (SavedObjectsDirectoryPath.empty())
897889 ProducedBinaries[count] = std::move(OutputBuffer);
898890 else