r290169 - Revert r290149: Add the alloc_size attribute to clang.

Dimitry Andric via cfe-commits cfe-commits at lists.llvm.org
Fri Dec 23 05:35:59 PST 2016 

I can confirm that r290169 indeed fixes the three test failures I got earlier.  Thanks George!

-Dimitry

> On 23 Dec 2016, at 02:29, George Burgess IV <george.burgess.iv at gmail.com> wrote:
> 
> It looks like the root of this is that we're treating calls to `allocsize` functions as AllocLike (e.g. any allocation function type except realloc) functions, which caused us to perform invalid optimizations. For example, in ReallocFreedPointerTest, EarlyCSE DCE'd the realloc because llvm::isInstructionTriviallyDead calls llvm::isAllocLikeFn, and isAllocLikeFn would return true if it saw the allocsize attribute. It really shouldn't do that.
> 
> r290397 should fix this behavior by making allocsize alone insufficient to consider a function an allocation function.
> 
> Thanks for your help!
> 
> On Thu, Dec 22, 2016 at 1:10 PM, George Burgess IV <george.burgess.iv at gmail.com <mailto:george.burgess.iv at gmail.com>> wrote:
> Okay, I'm seeing this failure now if I tag my system's `realloc` declaration with `alloc_size`. (Which FreeBSD seems to do in their headers). Because all that clang does with `alloc_size` is use it to answer `__builtin_object_size` queries and lower it to LLVM's `allocsize` attribute, this is presumably a latent bug in LLVM's `allocsize` attribute.
> 
> Let me mess around for a bit and see what I can dig up. :)
> 
> On Thu, Dec 22, 2016 at 11:59 AM, Dimitry Andric <dimitry at andric.com <mailto:dimitry at andric.com>> wrote:
> This is when running "ninja check-all", in a tree with llvm, clang and compiler-rt checked out.  The first program that shows a failure is projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test:
> 
> [==========] Running 92 tests from 3 test cases.
> [----------] Global test environment set-up.
> [----------] 14 tests from AddressSanitizerInterface
> ...
> [ RUN      ] AddressSanitizer.ReallocFreedPointerTest
> /share/dim/src/llvm/trunk/projects/compiler-rt/lib/asan/tests/asan_test.cc:377: Failure
> Death test: ptr = realloc(ptr, 77)
>     Result: failed to die.
>  Error msg:
> [  DEATH   ]
> [  FAILED  ] AddressSanitizer.ReallocFreedPointerTest (48 ms)
> 
> A similar failure shows when running projects/compiler-rt/lib/asan/tests/default/Asan-i386-with-calls-Test:
> 
> [==========] Running 92 tests from 3 test cases.
> [----------] Global test environment set-up.
> [----------] 14 tests from AddressSanitizerInterface
> ...
> [ RUN      ] AddressSanitizer.ReallocFreedPointerTest
> /share/dim/src/llvm/trunk/projects/compiler-rt/lib/asan/tests/asan_test.cc:377: Failure
> Death test: ptr = realloc(ptr, 77)
>     Result: failed to die.
>  Error msg:
> [  DEATH   ]
> [  FAILED  ] AddressSanitizer.ReallocFreedPointerTest (55 ms)
> 
> Interestingly, the Asan-i386-inline-Noinst-Test and Asan-i386-with-calls-Noinst-Test do not show this particular failure.
> 
> The other test that fails is projects/compiler-rt/test/asan/I386FreeBSDConfig/TestCases/Posix/Output/free_hook_realloc.cc.tmp, which simply returns 1 without printing any output. Debugging the program shows that it seems to be skipping completely over the realloc() call, and jumping directly to the _exit(1), but this may be due to optimization.
> 
> -Dimitry
> 
> > On 22 Dec 2016, at 20:27, George Burgess IV <george.burgess.iv at gmail.com <mailto:george.burgess.iv at gmail.com>> wrote:
> >
> > Yes, this was reapplied in r290297 with fixes for the msan issue we caught; these asan unit test failures are news to me. Can you give me the command that you're using to run these tests, please?
> >
> > On Thu, Dec 22, 2016 at 11:10 AM, Dimitry Andric <dimitry at andric.com <mailto:dimitry at andric.com>> wrote:
> > On 20 Dec 2016, at 09:28, Chandler Carruth via cfe-commits <cfe-commits at lists.llvm.org <mailto:cfe-commits at lists.llvm.org>> wrote:
> > > Author: chandlerc
> > > Date: Tue Dec 20 02:28:19 2016
> > > New Revision: 290169
> > >
> > > URL: http://llvm.org/viewvc/llvm-project?rev=290169&view=rev <http://llvm.org/viewvc/llvm-project?rev=290169&view=rev>
> > > Log:
> > > Revert r290149: Add the alloc_size attribute to clang.
> > >
> > > This commit fails MSan when running test/CodeGen/object-size.c in
> > > a confusing way. After some discussion with George, it isn't really
> > > clear what is going on here. We can make the MSan failure go away by
> > > testing for the invalid bit, but *why* things are invalid isn't clear.
> > > And yet, other code in the surrounding area is doing precisely this and
> > > testing for invalid.
> > >
> > > George is going to take a closer look at this to better understand the
> > > nature of the failure and recommit it, for now backing it out to clean
> > > up MSan builds.
> >
> > Hmm, was this reapplied later on?  I'm still getting the following AddressSanitizer failures on FreeBSD, and bisecting has pointed to r290149 as the cause:
> >
> > FAIL: AddressSanitizer-Unit :: Asan-i386-inline-Test/AddressSanitizer.ReallocFreedPointerTest (2124 of 30204)
> > ******************** TEST 'AddressSanitizer-Unit :: Asan-i386-inline-Test/AddressSanitizer.ReallocFreedPointerTest' FAILED ********************
> > Note: Google Test filter = AddressSanitizer.ReallocFreedPointerTest
> > [==========] Running 1 test from 1 test case.
> > [----------] Global test environment set-up.
> > [----------] 1 test from AddressSanitizer
> > [ RUN      ] AddressSanitizer.ReallocFreedPointerTest
> > /share/dim/src/llvm/trunk/projects/compiler-rt/lib/asan/tests/asan_test.cc:377: Failure
> > Death test: ptr = realloc(ptr, 77)
> >     Result: failed to die.
> >  Error msg:
> > [  DEATH   ]
> > [  FAILED  ] AddressSanitizer.ReallocFreedPointerTest (30 ms)
> > [----------] 1 test from AddressSanitizer (30 ms total)
> >
> > [----------] Global test environment tear-down
> > [==========] 1 test from 1 test case ran. (31 ms total)
> > [  PASSED  ] 0 tests.
> > [  FAILED  ] 1 test, listed below:
> > [  FAILED  ] AddressSanitizer.ReallocFreedPointerTest
> >
> >  1 FAILED TEST
> >   YOU HAVE 24 DISABLED TESTS
> >
> >
> > ********************
> > Testing: 0 .
> > FAIL: AddressSanitizer-Unit :: Asan-i386-with-calls-Test/AddressSanitizer.ReallocFreedPointerTest (2233 of 30204)
> > ******************** TEST 'AddressSanitizer-Unit :: Asan-i386-with-calls-Test/AddressSanitizer.ReallocFreedPointerTest' FAILED ********************
> > Note: Google Test filter = AddressSanitizer.ReallocFreedPointerTest
> > [==========] Running 1 test from 1 test case.
> > [----------] Global test environment set-up.
> > [----------] 1 test from AddressSanitizer
> > [ RUN      ] AddressSanitizer.ReallocFreedPointerTest
> > /share/dim/src/llvm/trunk/projects/compiler-rt/lib/asan/tests/asan_test.cc:377: Failure
> > Death test: ptr = realloc(ptr, 77)
> >     Result: failed to die.
> >  Error msg:
> > [  DEATH   ]
> > [  FAILED  ] AddressSanitizer.ReallocFreedPointerTest (24 ms)
> > [----------] 1 test from AddressSanitizer (24 ms total)
> >
> > [----------] Global test environment tear-down
> > [==========] 1 test from 1 test case ran. (25 ms total)
> > [  PASSED  ] 0 tests.
> > [  FAILED  ] 1 test, listed below:
> > [  FAILED  ] AddressSanitizer.ReallocFreedPointerTest
> >
> >  1 FAILED TEST
> >   YOU HAVE 24 DISABLED TESTS
> >
> >
> > ********************
> > Testing: 0 .
> > FAIL: AddressSanitizer-i386-freebsd :: TestCases/Posix/free_hook_realloc.cc (2399 of 30204)
> > ******************** TEST 'AddressSanitizer-i386-freebsd :: TestCases/Posix/free_hook_realloc.cc' FAILED ********************
> > Script:
> > --
> > /home/dim/obj/llvm-290338-trunk-freebsd12-i386-ninja-rel-1/./bin/clang --driver-mode=g++ -fsanitize=address -mno-omit-leaf-frame-pointer -fno-omit-frame-pointer -fno-optimize-sibling-calls -gline-tables-only -m32 -O2 /share/dim/src/llvm/trunk/projects/compiler-rt/test/asan/TestCases/Posix/free_hook_realloc.cc -o /home/dim/obj/llvm-290338-trunk-freebsd12-i386-ninja-rel-1/projects/compiler-rt/test/asan/I386FreeBSDConfig/TestCases/Posix/Output/free_hook_realloc.cc.tmp
> > /home/dim/obj/llvm-290338-trunk-freebsd12-i386-ninja-rel-1/projects/compiler-rt/test/asan/I386FreeBSDConfig/TestCases/Posix/Output/free_hook_realloc.cc.tmp 2>&1 | FileCheck /share/dim/src/llvm/trunk/projects/compiler-rt/test/asan/TestCases/Posix/free_hook_realloc.cc
> > --
> > Exit Code: 2
> >
> > Command Output (stderr):
> > --
> > FileCheck error: '-' is empty.
> > FileCheck command line:  FileCheck /share/dim/src/llvm/trunk/projects/compiler-rt/test/asan/TestCases/Posix/free_hook_realloc.cc
> >
> > --
> >
> > ********************
> > Testing: 0 .. 10.. 20.. 30.. 40.. 50.. 60.. 70.. 80.. 90..
> > Testing Time: 880.55s
> > ********************
> > Failing Tests (3):
> >     AddressSanitizer-Unit :: Asan-i386-inline-Test/AddressSanitizer.ReallocFreedPointerTest
> >     AddressSanitizer-Unit :: Asan-i386-with-calls-Test/AddressSanitizer.ReallocFreedPointerTest
> >     AddressSanitizer-i386-freebsd :: TestCases/Posix/free_hook_realloc.cc
> >
> >   Expected Passes    : 26881
> >   Expected Failures  : 144
> >   Unsupported Tests  : 3176
> >   Unexpected Failures: 3
> >
> > 1 warning(s) in tests.
> >
> > -Dimitry
> >
> >
> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20161223/43bde9ec/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20161223/43bde9ec/attachment-0001.sig>

More information about the cfe-commits mailing list