From: Marek Polacek <polacek@redhat.com>
To: Jakub Jelinek <jakub@redhat.com>
Cc: GCC Patches <gcc-patches@gcc.gnu.org>, Jason Merrill <jason@redhat.com>
Subject: Re: ubsan PATCH to fix compile-time hog with operator overloading (PR sanitizer/78208)
Date: Fri, 18 Nov 2016 01:40:00 -0000 [thread overview]
Message-ID: <20161118013957.GS3646@redhat.com> (raw)
In-Reply-To: <20161117081051.GG3541@tucnak.redhat.com>
On Thu, Nov 17, 2016 at 09:10:51AM +0100, Jakub Jelinek wrote:
> On Wed, Nov 16, 2016 at 04:29:05PM -0800, Marek Polacek wrote:
> > Sorry. So consider the following:
> >
> > class S
> > {
> > virtual void foo () = 0;
> > };
> >
> > struct T {
> > T &operator << (const char *s);
> > };
> >
> > T t;
> >
> > void
> > S::foo ()
> > {
> > t << "a" << "b" << "c";
> > }
> >
> > Before
> > 1498 if (flag_sanitize & (SANITIZE_NULL | SANITIZE_ALIGNMENT))
> > 1499 ubsan_maybe_instrument_member_call (stmt, is_ctor);
> >
> > the stmt will be
> >
> > T::operator<< (T::operator<< (T::operator<< (&t, "a"), "b"), "c")
> >
> > after ubsan_maybe_instrument_member_call it will be
> >
> > T::operator<< (UBSAN_NULL (SAVE_EXPR <T::operator<< (T::operator<< (&t, "a"), "b")>, 4B, 0);, SAVE_EXPR <T::operator<< (T::operator<< (&t, "a"), "b")>;, "c")
> >
> > and that's what is saved into the hash table. Then another stmt will be the
> > inner
> >
> > T::operator<< (T::operator<< (&t, "a"), "b")
> >
> > which we instrument and put into the hash table, and so on. But those
> > SAVE_EXPRs aren't the same. So we have a T::operator<< call that has nested
> > T::operator<< calls and we kind of recursively instrument all of them.
>
> But those SAVE_EXPRs are the same. If you put a breakpoint on the:
> 489 if (op)
> 490 CALL_EXPR_ARG (stmt, 0) = op;
> line 490 in c-ubsan.c, on the above short testcase is called 2 times
> (the T<<operator<< (&t, "a") is not instrumented, as the argument is known
> not to be NULL), rather than 3 times.
> When trying larger testcase like below I count ~ 120 calls (counted by hand,
> so it is possible it was the right 119 times).
> If this has not been linear, the testcase would be compiling for years.
> Yes, there will be 119 SAVE_EXPRs, and when you -fdump-tree-original it,
> it will be just insanely huge, but each SAVE_EXPR appears exactly twice
> in its containing SAVE_EXPR and the second time cp_genericize_r sees
> the SAVE_EXPR, it will do the
> 1138 /* Other than invisiref parms, don't walk the same tree twice. */
> 1139 if (p_set->contains (stmt))
> 1140 {
> 1141 *walk_subtrees = 0;
> 1142 return NULL_TREE;
> 1143 }
> early exit.
Clearly I misread things here. I blame the cold I've caught!
In any case, I'm sorry for wasting your time and I'll just close the PR.
Marek
next prev parent reply other threads:[~2016-11-18 1:40 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-04 16:05 Marek Polacek
2016-11-04 16:16 ` Jakub Jelinek
2016-11-04 17:03 ` Jason Merrill
2016-11-17 0:29 ` Marek Polacek
2016-11-17 8:11 ` Jakub Jelinek
2016-11-18 1:40 ` Marek Polacek [this message]
2016-11-18 8:06 ` Jakub Jelinek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161118013957.GS3646@redhat.com \
--to=polacek@redhat.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=jakub@redhat.com \
--cc=jason@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).