[all-commits] [llvm/llvm-project] 74a8a1: [mlir] Fix a use after free when loading dependent...
Benjamin Kramer via All-commits
all-commits at lists.llvm.org
Wed Apr 5 06:47:14 PDT 2023
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 74a8a1e038022fb4ca9b8e444489e910f16a9741
https://github.com/llvm/llvm-project/commit/74a8a1e038022fb4ca9b8e444489e910f16a9741
Author: Benjamin Kramer <benny.kra at googlemail.com>
Date: 2023-04-05 (Wed, 05 Apr 2023)
Changed paths:
M mlir/lib/IR/MLIRContext.cpp
Log Message:
-----------
[mlir] Fix a use after free when loading dependent dialects
The way dependent dialects are implemented is by recursively calling
loadDialect in the constructor. This means we have to reload from the
dialect table because the constructor might have rehashed that table.
The steps for loading a dialect are
1. Insert a nullptr into loadedDialects. This indicates the dialect is
loading
2. Call ctor(). This recursively loads dependent dialects
3. Insert the new dialect into the table.
We had a conflict between steps 2 and 3 here. You have to be extremely
unlucky though as rehashing is rare and operator[] does no generation
checking on DenseMap. Changing that to an iterator would've uncovered
this issue immediately.
More information about the All-commits
mailing list