[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [csmith-dev] Strict Aliasing and Csmith
- To: John Regehr <regehr@cs.utah.edu>
- Subject: Re: [csmith-dev] Strict Aliasing and Csmith
- From: Alex Coplan <alex.coplan@arm.com>
- Date: Thu, 24 Sep 2020 11:55:31 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=D0kifXlJ1lxS8zUpdpYNzXHv/OFv/tWqHRBF7xgfPsQ=; b=oGracKyt80ZzBY61jGevp5svsFgtqyZfCOepmQDPRIc+fTPSTFzCXJZ9AkrGlGY6UTSg7cH0avVFGhtEThyNXN9SVzgIanAAfMz+6fECkwKFmXUvR0FTaamMsK1br75FxRABZKY2pNNoOQ/IpAWQyNTt0x2zbcLfiJbRcofZkufdk7GmnvCPm5QNX+ltT962sGhcJqLnu9wLWYQsTkI6k7MX5dOdoDYEp8QEy2g6AT+MPJ+I6QgFE681xgvQa4FuL0HT1gFrnT0dQMNJu49lq5PN1bZL93ihFLxkQOXIqx/Ngelto0YcR3nVlRUv6gT6tUU+jAQORWmvwcugj1cZcA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jnhxSsyMLEKUbT51Fg/VOb2t+91iAXtsKxo9iTGrLHXPaRlyDMHL4GrgVNv8mN6Yiv7/N2zLYuw5ZdIuYmwJRZ7jpj0PHnVeaTvmla77PXgxLsuR/PxjN5gePxA2lm/+suwQwCg2f7RUZ4yhwyItxh3fHagZ5WQcksTEI2+SPYtMuYT+0XI4yJpPKVb+Szr8LItrwIHy38/Z6fzl3Uq3lbOnpiEEWtIapkYAefF/WmD4RBGlsk50ZLG2chBEQvpTueu5Ee/dqPZOzv/V3uc46iilsq6x2JpgFcmD2tPRzY2BmWzpNVNxHoGQpnxRI/1zQh7tqTloh8VlvoEjQCr9Dw==
- Authentication-results-original: cs.utah.edu; dkim=none (message not signed) header.d=none; cs.utah.edu; dmarc=none action=none header.from=arm.com;
- Cc: nd@arm.com, csmith-dev@flux.utah.edu
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=D0kifXlJ1lxS8zUpdpYNzXHv/OFv/tWqHRBF7xgfPsQ=; b=lKN3apdAFHdukI1svp8Qq7mDN+hUogAIZBjpZ7RMmiOaiWj8hsM4xs+Nh7UjNeUBYcflyWRaK5ZeOvjq7UdcXdFqr81iZ3E0hzEo75Xc55fYsMIXnqyG3iJLY/XI00nD22goL9ci35j9pXv2vt6sCQtOvi4bPBqODQYdNsRBU8Q=
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=D0kifXlJ1lxS8zUpdpYNzXHv/OFv/tWqHRBF7xgfPsQ=; b=lKN3apdAFHdukI1svp8Qq7mDN+hUogAIZBjpZ7RMmiOaiWj8hsM4xs+Nh7UjNeUBYcflyWRaK5ZeOvjq7UdcXdFqr81iZ3E0hzEo75Xc55fYsMIXnqyG3iJLY/XI00nD22goL9ci35j9pXv2vt6sCQtOvi4bPBqODQYdNsRBU8Q=
- In-reply-to: <1be7aa2d-c0d8-262d-87b0-093c1162d645@cs.utah.edu>
- List-archive: </listarchives/csmith-dev>
- List-help: <mailto:csmith-dev-request@flux.utah.edu?subject=help>
- List-id: Csmith Development Mailing List <csmith-dev.flux.utah.edu>
- List-post: <mailto:csmith-dev@flux.utah.edu>
- List-subscribe: <http://www.flux.utah.edu/mailman/listinfo/csmith-dev>, <mailto:csmith-dev-request@flux.utah.edu?subject=subscribe>
- List-unsubscribe: <http://www.flux.utah.edu/mailman/options/csmith-dev>, <mailto:csmith-dev-request@flux.utah.edu?subject=unsubscribe>
- Nodisclaimer: true
- Original-authentication-results: cs.utah.edu; dkim=none (message not signed) header.d=none; cs.utah.edu; dmarc=none action=none header.from=arm.com;
- References: <20200917144557.ctia2ilycblurlt4@arm.com> <1be7aa2d-c0d8-262d-87b0-093c1162d645@cs.utah.edu>
- User-agent: NeoMutt/20171215
Hi John,
On 17/09/2020 10:52, John Regehr wrote:
> Hi Alex, I believe Csmith is intended to respect the strict aliasing
> constraints, but since we never had a checker for finding violations of
> these constraints, it seems highly possible that we messed this up. If you
> give us instructions for reproducing a problem, we can look into it more.
>
> John
>
Thanks for your reply, and apologies for the delay on my end.
Using csmith 2.3.0 on x86-64 Linux with the seed 3940736818, I observed
a difference in the runtime behaviour of the resulting program between
-O0 and -O2 using current (trunk) AArch64 GCC. The discrepancy went away
upon adding -fno-strict-aliasing.
Of course, this doesn't necessarily mean that the input program is to
blame. I found a similar case where -fno-strict-aliasing "fixed" the
issue which turned out to be a wrong code bug (the code did not violate
the strict aliasing constraints):
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97135
However, in this case, I believe Csmith may have generated code which
violates the strict aliasing constraints. The program generated with
seed 3940736818 can be reduced to the following:
int printf(char *, ...);
union {
char a;
int b;
short c;
} d;
short *e = &d.c;
int f;
short g;
int main(void) {
int *h = &d.b;
g = *h = 1;
*e |= f;
printf("%X\n", d.a);
}
The issue here is that e and h alias and have different incompatible
types. I believe the program would be fine (w.r.t. the strict aliasing
constraints) if we accessed the union members directly, or if the union
type was visible in the pointers, but this is not the case.
Now it's possible that this is a bad reduction from the original
program, but from a brief inspection of the code generated by csmith, it
looks like the program takes the addresses of these different union
members and makes accesses through these pointers of different
incompatible types.
For a related testcase, with seed 10245076650401779801, I see similar runtime
discrepancies that disappear with -fno-strict-aliasing. The program can be
reduced to the following testcase:
int printf(char *, ...);
int a, b = -4L;
union {
int c;
long d;
} e;
int *f = &e.c;
long *g = &e.d;
int main(void) {
*g = 3895278040;
int h = b ^= *f;
if (h >= 7)
printf("%X\n", a);
}
Looking forward to hearing your thoughts on this issue.
Thanks,
Alex