[Bug middle-end/111505] [14 Regression] Asan (address-sanitizer) bootstrap fails since r14-4003-geaa8e8541349df
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111505 Sergei Trofimovich changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Assignee|unassigned at gcc dot gnu.org |slyfox at gcc dot gnu.org Resolution|--- |FIXED --- Comment #7 from Sergei Trofimovich --- I can confirm --with-build-config=bootstrap-asan fails the same way before the fix and passes successfully after the fix. Let's declare it FIXED.
[Bug middle-end/111505] [14 Regression] Asan (address-sanitizer) bootstrap fails since r14-4003-geaa8e8541349df
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111505 --- Comment #6 from CVS Commits --- The master branch has been updated by Sergei Trofimovich : https://gcc.gnu.org/g:7525707c5f3edb46958c4fdfbe30de5ddfa8923a commit r14-4327-g7525707c5f3edb46958c4fdfbe30de5ddfa8923a Author: Sergei Trofimovich Date: Thu Sep 28 20:20:31 2023 +0100 ggc: do not wipe out unrelated data via gt_ggc_rtab [PR111505] There are 3 GC root tables: gt_ggc_rtab gt_ggc_deletable_rtab gt_pch_scalar_rtab `deletable` and `scalar` tables are both simple: each element always contains a pointer to the beginning of the object and it's size is the full object. `rtab` is different: it's `base` is a pointer in the middle of the struct and `stride` points to the next GC pointer in the array. Before the change there were 2 problems: 1. We memset()ed not just pointers but data around them. 2. We wen out of bounds of the last object described by gt_ggc_rtab and triggered bootstrap failures in profile and asan bootstraps. After the change we handle only pointers themselves like the rest of ggc-common.cc code. gcc/ PR middle-end/111505 * ggc-common.cc (ggc_zero_out_root_pointers, ggc_common_finalize): Add new helper. Use helper instead of memset() to wipe out pointers.
[Bug middle-end/111505] [14 Regression] Asan (address-sanitizer) bootstrap fails since r14-4003-geaa8e8541349df
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111505 --- Comment #5 from Sergei Trofimovich --- (In reply to Sergei Trofimovich from comment #4) > Is it a ggc_common_finalize() bug in assuming that `base` does not point to > the bbeginning of a struct? > Or a `gt_ggc_r_gt_cp_tree_h` bug that it does not point to the beginning of > the struct? > > Also while at it: what should `ggc_common_finalize ()` ideally do to > `ovl_op_info`? memset() all of it? Or only pointers? I think it has > information only to do latter but it does it in a very strange way. Proposed fix as https://gcc.gnu.org/pipermail/gcc-patches/2023-September/631634.html . That fixes `profiledbootstrap` for me. Having stared a bit more at gcc/ggc-common.cc the answer is: it's complicated. There are 3 roots: gt_ggc_rtab gt_ggc_deletable_rtab gt_pch_scalar_rtab Last two are simple: these are single-element complete values without complexities. But gt_ggc_rtab is different: it encodes pointer locations within structs (of non-pointers). GCH code carefully extracts and restores those pointers. An example: for (rt = gt_ggc_rtab; *rt; rt++) for (rti = *rt; rti->base != NULL; rti++) for (i = 0; i < rti->nelt; i++) (*rti->pchw)(*(void **)((char *)rti->base + rti->stride * i)); finalize() should do the same.
[Bug middle-end/111505] [14 Regression] Asan (address-sanitizer) bootstrap fails since r14-4003-geaa8e8541349df
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111505 --- Comment #4 from Sergei Trofimovich --- In https://gcc.gnu.org/PR111629#c0 profiled bootstrap fales for a similar reason. There ggc_common_finalize() memset()s unexpected memory location #1 0x01933651 in ggc_common_finalize () at /home/slyfox/dev/git/gcc/gcc/ggc-common.cc:1312 1312 memset (rti->base, 0, rti->stride * rti->nelt); (gdb) list 1307for (rti = *rt; rti->base != NULL; rti++) 1308 memset (rti->base, 0, rti->stride * rti->nelt); 1309 1310 for (rt = gt_ggc_rtab; *rt; rt++) 1311for (rti = *rt; rti->base != NULL; rti++) 1312 memset (rti->base, 0, rti->stride * rti->nelt); for this global: struct GTY(()) ovl_op_info_t { /* The IDENTIFIER_NODE for the operator. */ tree identifier; /* The name of the operator. */ const char *name; /* The mangled name of the operator. */ const char *mangled_name; /* The (regular) tree code. */ enum tree_code tree_code : 16; /* The (compressed) operator code. */ enum ovl_op_code ovl_op_code : 8; /* The ovl_op_flags of the operator */ unsigned flags : 8; }; /* Overloaded operator info indexed by ass_op_p & ovl_op_code. */ extern GTY(()) ovl_op_info_t ovl_op_info[2][OVL_OP_MAX]; Generated tables: /* Structures for the easy way to mark roots. In an array, terminated by having base == NULL. */ struct ggc_root_tab { void *base; size_t nelt; size_t stride; gt_pointer_walker cb; gt_pointer_walker pchw; }; EXPORTED_CONST struct ggc_root_tab gt_ggc_r_gt_cp_tree_h[] = { ... { // 4 _op_info[0][0].identifier, 1 * (2) * (OVL_OP_MAX), sizeof (ovl_op_info[0][0]), _ggc_mx_tree_node, _pch_nx_tree_node }, { // 5 _op_info[0][0].name, 1 * (2) * (OVL_OP_MAX), sizeof (ovl_op_info[0][0]), (gt_pointer_walker) _ggc_m_S, (gt_pointer_walker) _pch_n_S }, { //6 _op_info[0][0].mangled_name, 1 * (2) * (OVL_OP_MAX), sizeof (ovl_op_info[0][0]), (gt_pointer_walker) _ggc_m_S, (gt_pointer_walker) _pch_n_S }, Is it a ggc_common_finalize() bug in assuming that `base` does not point to the bbeginning of a struct? Or a `gt_ggc_r_gt_cp_tree_h` bug that it does not point to the beginning of the struct? Also while at it: what should `ggc_common_finalize ()` ideally do to `ovl_op_info`? memset() all of it? Or only pointers? I think it has information only to do latter but it does it in a very strange way.
[Bug middle-end/111505] [14 Regression] Asan (address-sanitizer) bootstrap fails since r14-4003-geaa8e8541349df
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111505 Andrew Pinski changed: What|Removed |Added CC||slyfox at gcc dot gnu.org --- Comment #3 from Andrew Pinski --- *** Bug 111629 has been marked as a duplicate of this bug. ***
[Bug middle-end/111505] [14 Regression] Asan (address-sanitizer) bootstrap fails since r14-4003-geaa8e8541349df
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111505 Richard Biener changed: What|Removed |Added Priority|P3 |P1 Summary|Asan (address-sanitizer)|[14 Regression] Asan |bootstrap fails since |(address-sanitizer) |r14-4003-geaa8e8541349df|bootstrap fails since ||r14-4003-geaa8e8541349df --- Comment #2 from Richard Biener --- Quite odd indeed.