[libcxx-commits] [PATCH] D132092: [2a/3][ASan][libcxx] std::deque annotations
Vitaly Buka via Phabricator via libcxx-commits
libcxx-commits at lists.llvm.org
Tue Jun 27 21:12:14 PDT 2023
vitalybuka added a comment.
In D132092#4451255 <https://reviews.llvm.org/D132092#4451255>, @AdvenamTacet wrote:
> I hope I fixed everything requested, cannot find anything else to fix. I hope this time it landed for the last time...
> I see buildbot failures, but I don't see how my patch may be the cause (one <https://lab.llvm.org/buildbot/#/builders/18/builds/9667>, two <https://lab.llvm.org/buildbot/#/builders/119/builds/13925>).
>
>> This one discovered a lot of real bugs in our code.
>
> Hey @vitalybuka, could you share a little bit more? Like statistics, in what projects, how those bugs look like, was there any more interesting? I will appreciate any and every data which we can use!
I have number of bugs we had to fix after the first attempt to integrate, but, I guess, it's meaningless on it's own, without any baseline.
>From my experience of enabling https://libcxx.llvm.org/UsingLibcxx.html#enabling-the-safe-libc-mode on the same code-base, my very rough estimate is that your patch fetched at least 10% of additional bugs to the "safe libc++ mode".
Unfortunately all discoveries so far are in internal code, nothing to share from open sourced components yet. Maybe chromium.org or https://github.com/google/oss-fuzz will find bugs in open source libraries. But they didn't integrated the patch yet.
At least 90% of these bugs look like https://godbolt.org/z/eGddPd3qs or std::stack equivalent. Note that for large 'n' you can already expect SEGV or 'heap-use-after-free' with existing Asan. But smaller 'n' was not covered before your patches.
Also very good news that fixing those bugs very easy, either remove the reference or swap use and pop(). This mean fix rate for discovered bugs should be very high.
BTW. This pattern is quote similar to typical implementations work-lists, BFS and DFS algorithms. We have them in LLVM. We run LLVM under Asan here https://lab.llvm.org/buildbot/#/builders/168, but I didn't see any related reports.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D132092/new/
https://reviews.llvm.org/D132092
More information about the libcxx-commits
mailing list