From 1fdfb8a4a10cb021ef27d8559ba92efc6f457a45 Mon Sep 17 00:00:00 2001
From: tomaioo <hongsaygio.com@gmail.com>
Date: Wed, 22 Apr 2026 23:27:41 -0700
Subject: [PATCH] fix(security): gcuengine is copyable despite owning a raw
 executa

The `GCUEngine` class owns `tops_exec_` and destroys it in its destructor, but it does not define or delete copy/move constructors and assignment operators. The compiler-generated copy operations will shallow-copy `tops_exec_`, so multiple `GCUEngine` instances can end up destroying the same handle. This can cause double-free, use-after-free, or process crashes.

Signed-off-by: tomaioo <203048277+tomaioo@users.noreply.github.com>
---
 backends/gcu/custom_engine/gcu_engine.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/backends/gcu/custom_engine/gcu_engine.h b/backends/gcu/custom_engine/gcu_engine.h
index 29751f46cb8..3fb6eb6be86 100644
--- a/backends/gcu/custom_engine/gcu_engine.h
+++ b/backends/gcu/custom_engine/gcu_engine.h
@@ -29,6 +29,8 @@ namespace custom_engine {
 class GCUEngine {
  public:
   GCUEngine() = default;
+  GCUEngine(const GCUEngine &) = delete;
+  GCUEngine &operator=(const GCUEngine &) = delete;
   GCUEngine(const std::string &engine_key,
             topsExecutable_t tops_exec,
             const std::vector<const phi::DenseTensor *> &tensor_args,