Page MenuHome
Differential D10719

guardedalloc_test: Do overflow tests without allocation
Needs ReviewPublic
Actions

Authored by Ankit Meel (ankitm) on Mar 14 2021, 4:09 PM.

Details

Reviewers
Brecht Van Lommel (brecht)
Sergey Sharybin (sergey)
Maniphest Tasks
T84637: Guardedalloc test failure with ASan enabled builds.
Summary

Fix T84637
See T84637#1134707 and T84637#1135324

  • Replace allocation tests with direct tests of MEM_size_safe_multiply.
  • Disable death tests on macOS with ASan. Release builds will check if abort occurs or not, upon integer overflow.

Diff Detail

Repository
rB Blender
Branch
alloc (branched from master)
Build Status
Buildable 13797
Build 13797: arc lint + arc unit

Event Timeline

Ankit Meel (ankitm) requested review of this revision.Mar 14 2021, 4:09 PM
Ankit Meel (ankitm) created this revision.
Harbormaster completed remote builds in B13494: Diff 35162.Mar 14 2021, 4:10 PM
Ankit Meel (ankitm) edited the summary of this revision. (Show Details)Mar 14 2021, 4:10 PM
Ankit Meel (ankitm) edited the summary of this revision. (Show Details)
Ankit Meel (ankitm) mentioned this in D9844: GTest/Allocator: make integer-overflow tests pass on ASan-enabled builds.
Ankit Meel (ankitm) added reviewers: Brecht Van Lommel (brecht), Sergey Sharybin (sergey).Mar 14 2021, 4:13 PM
Ankit Meel (ankitm) mentioned this in T84637: Guardedalloc test failure with ASan enabled builds..Mar 15 2021, 12:35 PM
Brecht Van Lommel (brecht) accepted this revision.Mar 15 2021, 2:58 PM

Would be nice to test the actual allocations functions, but I can't think of a batter solution than this.

About the names, perhaps use safe_multiply_pass and safe_multiply_fail.

This revision is now accepted and ready to land.Mar 15 2021, 2:58 PM
Ankit Meel (ankitm) updated this revision to Diff 35328.Mar 18 2021, 6:35 AM

Rename
LockFreeAllocatorTest to AllocatorTest,
LockfreeIntegerOverflow to IntegerOverflow, (as lock-free is not a highlight here.)
multiply_pass to safe_multiply_pass,
multiply_fail to safe_multiply_fail,

Remove the base class include since test fixture is not used.

Remove GCC pragma now that there are no allocations.

Update top level comment.

Harbormaster completed remote builds in B13582: Diff 35328.Mar 18 2021, 6:35 AM
Ankit Meel (ankitm) updated this revision to Diff 35329.Mar 18 2021, 6:37 AM
  • Typos in last update
Harbormaster completed remote builds in B13583: Diff 35329.Mar 18 2021, 6:37 AM
Sergey Sharybin (sergey) requested changes to this revision.Mar 22 2021, 10:41 AM
Sergey Sharybin (sergey) added inline comments.
intern/guardedalloc/tests/guardedalloc_overflow_test.cc
67

total_size is size_t, so using boolean-typed EXPECT_TRUE seems meaningless to me.
Either explicitly check for EXPECT_GT(total_size, 0) or check for an exact value with EXPECT_EQ().

This revision now requires changes to proceed.Mar 22 2021, 10:41 AM
Ankit Meel (ankitm) updated this revision to Diff 35550.Mar 24 2021, 3:16 PM

fix EXPECT_TRUE
Re-add EXPECT_EXIT tests but disable on mac.

Harbormaster completed remote builds in B13704: Diff 35550.Mar 24 2021, 3:16 PM
Sergey Sharybin (sergey) added a comment.Mar 29 2021, 9:57 AM

If the EXPECT_EXIT can not be trusted on some platform/configuration this is to be checked with the upstream gtest library.

Brecht Van Lommel (brecht) added a comment.Mar 29 2021, 1:59 PM
In D10719#276026, @Sergey Sharybin (sergey) wrote:

If the EXPECT_EXIT can not be trusted on some platform/configuration this is to be checked with the upstream gtest library.

It's not that EXPECT_EXIT can't be trusted, it's that it tests for exit with SIGABRT specifically and that the signal you get from a failing malloc (with asan) is not well-defined.

Maybe the best solution is to add a EXIT_ANY_SIGNAL_PREDICATE that does not test for abort specifically.

Ankit Meel (ankitm) added a comment.Mar 29 2021, 2:04 PM

... that the signal you get from a failing malloc (with asan) ..

The malloc is not relevant here.. Even if MallocArray function is edited to be empty (do nothing), the test will fail. AFAIK, it's due to fork(). See T84637#1135324
Also, these tests are the integer overflow ones. The malloc would not be called even if the fork issue is resolved (like in builds without asan). The abort happens before malloc. https://developer.blender.org/diffusion/B/browse/master/intern/guardedalloc/intern/mallocn_guarded_impl.c$480-489

Brecht Van Lommel (brecht) added a comment.Mar 29 2021, 2:43 PM

Ok, I think that may be a bug in asan/ubsan, or some odd behavior.

Perhaps we should then change ABORT_PREDICATE to check for either SIGBART or SIGILL on macOS.

Ankit Meel (ankitm) updated this revision to Diff 35734.Mar 29 2021, 7:42 PM
  • Disable tests if apple and asan enabled.

It'd be slightly deceptive to see a test pass without it even running.
Here's a compromise to disable the test on macOS if Asan is enabled.

Harbormaster completed remote builds in B13797: Diff 35734.Mar 29 2021, 7:42 PM
Ankit Meel (ankitm) edited the summary of this revision. (Show Details)Mar 29 2021, 7:55 PM
Ankit Meel (ankitm) added a comment.Oct 13 2021, 5:07 PM

https://github.com/google/googletest/issues/3378

somewhat dead upstream bug report

Revision Contents
Changeset List

PathSize
intern/
guardedalloc/
1 line
tests/
62 lines

Diff 35734

View Options

intern/guardedalloc/CMakeLists.txt

Loading...
View Options

intern/guardedalloc/tests/guardedalloc_overflow_test.cc

Loading...