Re: [RFC PATCH] Detecting lifetime-dse issues via Valgrind [PR66487]

Wed, 15 Nov 2023 01:58:16 -0800 

On 2023-11-13 02:53, Sam James wrote:

Sam James <s...@gentoo.org> writes:


Alexander Monakov <amona...@ispras.ru> writes:
[...]
I'm very curious what you mean by "this has come up with LLVM [] too": ttbomk, LLVM doesn't do such lifetime-based optimization yet, which is why compiling LLVM with LLVM doesn't break it. Can you share some examples? Or do you mean instances when libLLVM-miscompiled-with-GCC was linked elsewhere, and that 
program crashed mysteriously as a result?

Indeed this work is inspired by the LLVM incident in PR 106943.


[...]
I had some vague memories in the back of my head so I went digging
because I enjoy this:
[...]


I ended up stumbling on two more:

* charm (https://github.com/UIUC-PPL/charm/issues/1045)
* firebird (https://github.com/FirebirdSQL/firebird/issues/5384, starring richi) 

Now I'm really done :)


[...]


Alexander


thanks,
sam


Thanks for your prompt response; it is greatly appreciated.

We conducted tests on two packages from your provided list and obtained
some preliminary results:

* crypto++: No violations were detected during their own tests, which
were executed using 'make valgrind' and our custom option
--fvalgrind-emit-annotations.
* firebird: An issue was identified with the global object isqlGlobal. It 
appears that developers are assuming the global object will be
zero-initialized, but the C++ standard guarantees this only for static
initialization. The presence of a non-trivial constructor, IsqlGlobals(), 
means that isqlGlobal has formally uninitialized fields.  A snippet from
the Valgrind dump is as follows:

==106087== Conditional jump or move depends on uninitialised value(s)
==106087==    at 0x4378F0: create_db(char const*, char*) (isql.cpp:5838)
==106087==    by 0x44CBE3: frontend(char const*) (isql.cpp:6699)
==106087==    by 0x44EBC1: get_statement (isql.cpp:7638)
==106087==    by 0x44EBC1: do_isql() (isql.cpp:6008)
==106087==    by 0x45039C: ISQL_main(int, char**) (isql.cpp:1854)
==106087==    by 0x4EE1082: (below main) (libc-start.c:308)
==106087==  Uninitialised value was created by a client request
==106087==    at 0x5A617C: __valgrind_make_mem_undefined (valgrind.c:48)
==106087==    by 0x42E365: IsqlGlobals::IsqlGlobals() (isql.cpp:1378)
==106087== by 0x418388: __static_initialization_and_destruction_0 (isql.cpp:1098) 
==106087==    by 0x418388: _GLOBAL__sub_I_isql.cpp (isql.cpp:11536)
==106087==    by 0x5A61DC: __libc_csu_init (in ...)
==106087==    by 0x4EE100F: (below main) (libc-start.c:264)

---
With best regards,
Daniil

Reply via email to