public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug sanitizer/95275] New: Possible performance regression in libasan with detect_stack_use_after_return=1
@ 2020-05-22 16:56 frantisek at sumsal dot cz
2020-05-22 17:01 ` [Bug sanitizer/95275] " frantisek at sumsal dot cz
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: frantisek at sumsal dot cz @ 2020-05-22 16:56 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95275
Bug ID: 95275
Summary: Possible performance regression in libasan with
detect_stack_use_after_return=1
Product: gcc
Version: 10.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: frantisek at sumsal dot cz
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
Target Milestone: ---
Hello,
This appears to be part #2 to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91101 as we managed to hit the
issue once again[0], but in a different codepath.
Reproducer:
$ git clone https://github.com/systemd/systemd
$ git fetch -fu origin refs/pull/15886/merge:pr
$ git checkout pr
$ meson build-gcc -Db_sanitize=address,undefined -Dfuzz-tests=true
--optimization=1
$ ninja -C build-gcc
$ export
ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1
$ export UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1
$ time build-gcc/fuzz-unit-file\:address\,undefined
test/fuzz/fuzz-unit-file/oss-fuzz-11569
Results:
### gcc (GCC) 10.0.1 20200328 (Red Hat 10.0.1-0.11)
$ time build-gcc/fuzz-unit-file\:address\,undefined
test/fuzz/fuzz-unit-file/oss-fuzz-11569
test/fuzz/fuzz-unit-file/oss-fuzz-11569... ok
real 3m22.804s
user 3m18.725s
sys 0m0.245s
### gcc (GCC) 10.0.1 20200328 (Red Hat 10.0.1-0.11) with
detect_stack_use_after_return=0
$ export
ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=0:check_initialization_order=1:strict_init_order=1
$ time build-gcc/fuzz-unit-file\:address\,undefined
test/fuzz/fuzz-unit-file/oss-fuzz-11569
test/fuzz/fuzz-unit-file/oss-fuzz-11569... ok
real 0m2.803s
user 0m2.731s
sys 0m0.060s
### clang version 10.0.0 (Fedora 10.0.0-0.3.rc4.fc32) for comparison
$ time build-clang/fuzz-unit-file\:address\,undefined
test/fuzz/fuzz-unit-file/oss-fuzz-11569
test/fuzz/fuzz-unit-file/oss-fuzz-11569... ok
real 0m3.222s
user 0m3.104s
sys 0m0.089s
### perf
# Samples: 862K of event 'cycles:u'
# Event count (approx.): 873078595486
#
# Overhead Command Shared Object Symbol
# ........ ............... ........................
.........................................
#
95.14% fuzz-unit-file: libasan.so.6.0.0 [.]
__asan_stack_malloc_0
3.13% fuzz-unit-file: libasan.so.6.0.0 [.]
__asan_stack_malloc_1
0.18% fuzz-unit-file: libc-2.31.so [.] __strlen_avx2
0.17% fuzz-unit-file: libasan.so.6.0.0 [.]
__asan_stack_malloc_2
0.15% fuzz-unit-file: libasan.so.6.0.0 [.]
__asan_region_is_poisoned
0.07% fuzz-unit-file: libc-2.31.so [.] __strchr_avx2
0.06% fuzz-unit-file: libsystemd-shared-245.so [.]
utf8_encoded_valid_unichar
...
### perf (call graph)
# Samples: 804K of event 'cycles:u'
# Event count (approx.): 811179153673
#
# Children Self Command Shared Object Symbol
# ........ ........ ............... ........................
.........................................
#
99.97% 0.00% fuzz-unit-file: fuzz-unit-file [.]
LLVMFuzzerTestOneInput
|
---LLVMFuzzerTestOneInput
|
--99.57%--config_parse
|
--99.56%--parse_line
|
|--93.39%--next_assignment (inlined)
| |
|
--93.39%--config_parse_unit_requires_mounts_for
| |
|
|--88.89%--path_simplify_and_warn
| | |
| |
--88.87%--utf8_is_valid
| |
|
| |
--88.85%--utf8_encoded_valid_unichar
| |
|
| |
--88.79%--__asan_stack_malloc_0
| |
|
--4.09%--unit_full_printf
|
specifier_printf
| |
|
--3.96%--specifier_cgroup
|
|
|
--3.96%--unit_default_cgroup_path
|
|
|
|--2.10%--cg_slice_to_path
|
| |
|
| |--0.76%--strextend_with_separator
|
| | |
|
| | --0.73%--__asan_stack_malloc_1
|
| |
|
| --0.73%--cg_escape
|
| |
|
| --0.68%--__asan_stack_malloc_1
|
|
|
--0.74%--unit_has_name
|
|
|
--0.74%--set_contains (inlined)
|
|
|
--0.74%--internal_hashmap_contains
|
|
|
--0.74%--base_bucket_hash
|
|
|
--0.70%--__asan_stack_malloc_1
|
--6.15%--utf8_is_valid
|
--6.15%--utf8_encoded_valid_unichar
|
--6.15%--__asan_stack_malloc_0
As mentioned in [0], compiling with -O2 makes no difference. I'd attach full
perf reports, but they're quite large (33M for the 'base' one, ~6.5G for call
graph).
[0] https://github.com/systemd/systemd/pull/15886#issuecomment-632689604
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug sanitizer/95275] Possible performance regression in libasan with detect_stack_use_after_return=1
2020-05-22 16:56 [Bug sanitizer/95275] New: Possible performance regression in libasan with detect_stack_use_after_return=1 frantisek at sumsal dot cz
@ 2020-05-22 17:01 ` frantisek at sumsal dot cz
2020-05-23 16:31 ` frantisek at sumsal dot cz
2020-05-25 8:32 ` marxin at gcc dot gnu.org
2 siblings, 0 replies; 4+ messages in thread
From: frantisek at sumsal dot cz @ 2020-05-22 17:01 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95275
--- Comment #1 from Frantisek Sumsal <frantisek at sumsal dot cz> ---
Created attachment 48582
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=48582&action=edit
perf call graph
Attaching a perf call graph screenshot (as the text one got shattered by
formatting).
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug sanitizer/95275] Possible performance regression in libasan with detect_stack_use_after_return=1
2020-05-22 16:56 [Bug sanitizer/95275] New: Possible performance regression in libasan with detect_stack_use_after_return=1 frantisek at sumsal dot cz
2020-05-22 17:01 ` [Bug sanitizer/95275] " frantisek at sumsal dot cz
@ 2020-05-23 16:31 ` frantisek at sumsal dot cz
2020-05-25 8:32 ` marxin at gcc dot gnu.org
2 siblings, 0 replies; 4+ messages in thread
From: frantisek at sumsal dot cz @ 2020-05-23 16:31 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95275
--- Comment #2 from Frantisek Sumsal <frantisek at sumsal dot cz> ---
Slight update of the reproducer - the fetch & checkout is no longer necessary
as the required changes were merged into master.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug sanitizer/95275] Possible performance regression in libasan with detect_stack_use_after_return=1
2020-05-22 16:56 [Bug sanitizer/95275] New: Possible performance regression in libasan with detect_stack_use_after_return=1 frantisek at sumsal dot cz
2020-05-22 17:01 ` [Bug sanitizer/95275] " frantisek at sumsal dot cz
2020-05-23 16:31 ` frantisek at sumsal dot cz
@ 2020-05-25 8:32 ` marxin at gcc dot gnu.org
2 siblings, 0 replies; 4+ messages in thread
From: marxin at gcc dot gnu.org @ 2020-05-25 8:32 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95275
Martin Liška <marxin at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |DUPLICATE
Status|UNCONFIRMED |RESOLVED
--- Comment #3 from Martin Liška <marxin at gcc dot gnu.org> ---
Thanks for the report.
I bet it's duplicate of PR94910.
*** This bug has been marked as a duplicate of bug 94910 ***
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-05-25 8:32 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-22 16:56 [Bug sanitizer/95275] New: Possible performance regression in libasan with detect_stack_use_after_return=1 frantisek at sumsal dot cz
2020-05-22 17:01 ` [Bug sanitizer/95275] " frantisek at sumsal dot cz
2020-05-23 16:31 ` frantisek at sumsal dot cz
2020-05-25 8:32 ` marxin at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).