why the compiler broke your program
play

Why the compiler broke your program Peter Brett, LiveCode Six - PowerPoint PPT Presentation

Dec 03, 2023 •253 likes •368 views

Why the compiler broke your program Peter Brett, LiveCode Six impossible things before breakfast /** * Returns the first EntList not of type join, starting from this. */ EntList * EntList::firstNot( JoinType j ) { sibling cant be null

  1. Why the compiler broke your program Peter Brett, LiveCode

  2. Six impossible things before breakfast /** * Returns the first EntList not of type join, starting from this. */ EntList * EntList::firstNot( JoinType j ) { sibling can’t be null… EntList * sibling = this; while( sibling != NULL && sibling->join == j ) { sibling = sibling->next; } …so why do I get a null return sibling; // (may = NULL) pointer dereference here? }

  3. #define NULL (__null) EntList::firstNot(int): typedef int JoinType; test rdi, rdi class EntList { je .L2 EntList* next; mov edx, DWORD PTR [rdi+8] JoinType join; mov rax, rdi First public: cmp edx, esi EntList* firstNot(JoinType j); je .L3 }; jmp .L2 .L5: EntList *EntList::firstNot(JoinType j) cmp DWORD PTR [rax+8], edx { jne .L4 EntList * sibling = this; .L3: Loop while (sibling != NULL) { mov rax, QWORD PTR [rax] if (sibling->join != j) test rax, rax break; jne .L5 sibling = sibling->next; rep } ret return sibling; .L2: } mov rax, rdi .L4: rep ret GCC 4.4.7 (pre C++11): -O3

  4. #define NULL (nullptr) EntList::firstNot(JoinType): enum class JoinType : int; mov rax, rdi class EntList { .L3: EntList* next; cmp DWORD PTR [rax+8], esi JoinType join; jne .L1 public: mov rax, QWORD PTR [rax] EntList* firstNot(JoinType j); test rax, rax }; jne .L3 .L1: EntList * EntList::firstNot(JoinType j) rep ret { EntList * sibling = this; while (sibling != NULL) { if (sibling->join != j) break; sibling = sibling->next; } return sibling; } GCC 6.3: -O3

  5. What does the C++ standard say? “If a non-static member function of a class X is called for an object that is not of type X , or of a type derived from X , the behavior is undefined.” — C++17 draft standard §12.2.2 “In the body of a non-static member function, the keyword this is a prvalue expression whose value is the address of the object for which the function is called.” — C++17 draft standard §12.2.2.1

  6. Undefined behaviour is magic! If EntList::firstNot() is called for an object that is not of type 1. EntList , the behaviour is undefined. nullptr is not an object of type EntList . 2. Therefore if EntList::firstNot() is called for nullptr , the behaviour is 3. undefined. Therefore it can be assumed that this is never nullptr . 4. 5. Therefore the check can be optimised out.

  7. #define NULL (nullptr) EntList::firstNot(JoinType): enum class JoinType : int; test rdi, rdi class EntList { je .L6 EntList* next; cmp esi, DWORD PTR [rdi+8] JoinType join; mov rax, rdi public: je .L4 EntList* firstNot(JoinType j); jmp .L1 }; .L5: cmp DWORD PTR [rax+8], esi EntList * EntList::firstNot(JoinType j) jne .L1 { .L4: EntList * sibling = this; mov rax, QWORD PTR [rax] while (sibling != NULL) { test rax, rax if (sibling->join != j) jne .L5 break; rep ret sibling = sibling->next; .L1: } rep ret return sibling; .L6: } xor eax, eax ret GCC 6.3: -O3 -fno-delete-null-pointer-checks

  8. What’s the actual problem here? ● The standard is wrong! ○ The C++ standard should define what happens when calling methods on an invalid object ● The compiler is wrong! ○ A compiler shouldn’t include new optimisations that might break previously-working code ○ …or, at least, they shouldn’t be enabled by default ● The program is wrong! ○ The program should use STL collection types & algorithms ○ The program shouldn’t expect a specific realization of undefined behaviour

  9. Working with a legacy codebase ● Know the C++ spec & be able to recognize common problematic UB patterns this vs. nullptr ○ ○ Signed overflow ○ Out-of-bounds access ○ Uninitialised scalar variables Access to dead pointers, e.g. after passing to realloc() ○ ● Become friends with your disassembler and debugger ● Disable optimisations that cause problems ○ Use lower optimisation level ○ -fno-delete-null-pointer-checks, -fno-strict-overflow, -fno-strict-aliasing ● Use UndefinedBehaviorSanitizer (-fsanitize=undefined) ○ Requires excellent test coverage ○ Sometimes UB is required for fast code, e.g. array offsets

  10. Developing new code ● Avoid implementing your own data structures & algorithms ○ Modern STL implementations are really good (libc++, libstdc++, MSVC 2017) ● Design APIs not to use raw pointers ● Be a pedantic language lawyer ○ Avoid UB if possible ○ If UB is necessary, document it carefully ● Know your compiler & platform ISA Sanity-check the assembly generated by the compiler

  11. Thank you! Resources: ● My Little Optimizer: Undefined Behavior is Magic (Michael Spencer, CppCon) ● Garbage In, Garbage Out: Arguing about Undefined Behavior with Nasal Demons (Chandler Carruth, CppCon) ● C++ Draft Standard ● Compiler Explorer

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

9/26/2008 Compiler: from the web Source Target Program Program [Higher-Level

9/26/2008 Compiler: from the web Source Target Program Program [Higher-Level

9/26/2008 Compiler: from the web Source Target Program Program [Higher-Level Compiler The Oxford English Dictionary (OED) indicates that the first [Lower-Level Programming usage of the term is circa 1330, referring to one who

406 views • 7 slides
CSC 4181 Compiler Construction Overview of Compilers Part 1 Introduction 1 1 What is a

CSC 4181 Compiler Construction Overview of Compilers Part 1 Introduction 1 1 What is a

CSC 4181 Compiler Construction Overview of Compilers Part 1 Introduction 1 1 What is a Compiler? A compiler is a computer program that translates a program in a source language into an equivalent program in a target language .

172 views • 5 slides
Compiling a C++ Program g++ g++ is the GNU C++ compiler. A program in a file called

Compiling a C++ Program g++ g++ is the GNU C++ compiler. A program in a file called

CS2141 Software Development using C/C++ Compiling a C++ Program g++ g++ is the GNU C++ compiler. A program in a file called hello.C: #include <iostream> using namespace std; int main( ) { cout << Hello world!

679 views • 21 slides
11/8/2012 The Structure of a Compiler (2) The Structure of a Compiler (1) Any compiler must

11/8/2012 The Structure of a Compiler (2) The Structure of a Compiler (1) Any compiler must

11/8/2012 The Structure of a Compiler (2) The Structure of a Compiler (1) Any compiler must perform two major tasks Sourc rce Progra ram Tokens Syntactic Semantic Scanner Parser Structure re Routines (Chara racter r St Stre

690 views • 22 slides
Page 1 Linker Operation Linker Operation Classify all program symbols as either: A strong

Page 1 Linker Operation Linker Operation Classify all program symbols as either: A strong

Assignment for Tues Last Time Read Getting the Least out of Your C Looked at ColdFire and ARM in depth Compiler linked to course web page Today m.c a.c Compiler Compiler Tools and toolchains for embedded m.o a.o

279 views • 6 slides
Broke, ill, and obese: Broke, ill, and obese: The effect of household debt on health Matthias

Broke, ill, and obese: Broke, ill, and obese: The effect of household debt on health Matthias

Broke, ill, and obese: Broke, ill, and obese: The effect of household debt on health Matthias Keese Hendrik Schmitz Ruhr Graduate School in Economics Ruhr Graduate School in Economics University of Duisburg-Essen RWI Essen The 2010 IRDES

506 views • 14 slides
Compiler Construction Chapter 11 1 Compiler Construction Compiler Construction A New Compiler

Compiler Construction Chapter 11 1 Compiler Construction Compiler Construction A New Compiler

Compiler Construction Chapter 11 1 Compiler Construction Compiler Construction A New Compiler Perhaps a new source language Perhaps a new target for an existing compiler Perhaps both 2 Compiler Construction Compiler Construction

661 views • 18 slides
Chapter 3: Programming CS105: Great Insights in Computer Science Compiler An interpreter

Chapter 3: Programming CS105: Great Insights in Computer Science Compiler An interpreter

Chapter 3: Programming CS105: Great Insights in Computer Science Compiler An interpreter takes a program as input and makes it happen. A compiler takes a program as input and creates a machine-language program as output. A

768 views • 64 slides
Formal verification of program obfuscations Sandrine Blazy joint work with Roberto Giacobazzi and

Formal verification of program obfuscations Sandrine Blazy joint work with Roberto Giacobazzi and

Formal verification of program obfuscations Sandrine Blazy joint work with Roberto Giacobazzi and Alix Trieu IFIP WG 2.11, 2015-11-10 1 Background: verifying a compiler Compiler + proof that the compiler does not introduce bugs CompCert, a

597 views • 21 slides
Introduction to Compiler Construction ASU Textbook Chapter 1 Tsan-sheng Hsu

Introduction to Compiler Construction ASU Textbook Chapter 1 Tsan-sheng Hsu

Introduction to Compiler Construction ASU Textbook Chapter 1 Tsan-sheng Hsu tshsu@iis.sinica.edu.tw http://www.iis.sinica.edu.tw/~tshsu 1 What is a compiler? A recognizer . Definitions: A translator . source program compiler target

570 views • 16 slides
What is a Compiler? Compiler A program that translates code in one language (source code) to

What is a Compiler? Compiler A program that translates code in one language (source code) to

CS 426 Lecture 1: Course Overview What is a Compiler? Compiler A program that translates code in one language (source code) to code in another language (target code). Usually, target code is semantically equivalent to source code, but not

905 views • 11 slides
Intermediate Representation (IR) IR encodes all knowledge the compiler has derived about source

Intermediate Representation (IR) IR encodes all knowledge the compiler has derived about source

CS 526 Topic 5: Internal Representations Intermediate Representation (IR) IR encodes all knowledge the compiler has derived about source program. Simple compiler structure source target front IR opti- IR back code

755 views • 32 slides
252-210: Compiler Design 1.1 Simple compiler model 1.2

252-210: Compiler Design 1.1 Simple compiler model 1.2

252-210: Compiler Design 1.1 Simple compiler model 1.2 Admin issues Thomas R. Gross Computer Science Department ETH Zurich, Switzerland 1.1

1.27k views • 46 slides
Program 9 January 2019 OSU CSE 1 BL Compiler Structure Code Tokenizer Parser Generator

Program 9 January 2019 OSU CSE 1 BL Compiler Structure Code Tokenizer Parser Generator

Program 9 January 2019 OSU CSE 1 BL Compiler Structure Code Tokenizer Parser Generator string of string of abstract string of characters tokens program integers (source code) (words) (object code) A BL program consists of

1.03k views • 40 slides
IF IT AINT BROKE... AND OTHER SAFETY LESSONS Kendra Schenk, PE, PTOE, RSP Safety

IF IT AINT BROKE... AND OTHER SAFETY LESSONS Kendra Schenk, PE, PTOE, RSP Safety

IF IT AINT BROKE... AND OTHER SAFETY LESSONS Kendra Schenk, PE, PTOE, RSP Safety Lessons If i f it t aint aint br broke, d dont f fix ix it it Rul ules es a are e made t de to o be br brok oken Get yo

416 views • 38 slides
Program Generation Workflow C**program compiler assembly*code nd* library*object*code

Program Generation Workflow C**program compiler assembly*code nd* library*object*code

Program Generation Workflow C**program compiler assembly*code nd* library*object*code assembler de. . object*code on* linker bels* executable *how* Sean Barker 1 Linking Schematic Executable*file Object*file main:*****

390 views • 4 slides
Inferring Internet Server IPv4 and IPv6 Address Relationships Robert Beverly, Arthur Berger ,

Inferring Internet Server IPv4 and IPv6 Address Relationships Robert Beverly, Arthur Berger ,

Inferring Internet Server IPv4 and IPv6 Address Relationships Robert Beverly, Arthur Berger , Nicholas Weaver , Larry Campbell Naval Postgraduate School Akamai ICSI/UCSD rbeverly@nps.edu, awberger@mit.edu February 7, 2013

323 views • 19 slides
TAG, Dynamic Programming, and the Perceptron for Efficent, Feature-Rich Parsing Xavier Carreras,

TAG, Dynamic Programming, and the Perceptron for Efficent, Feature-Rich Parsing Xavier Carreras,

TAG, Dynamic Programming, and the Perceptron for Efficent, Feature-Rich Parsing Xavier Carreras, Michael Collins and Terry Koo MIT CSAIL Discriminative Models for Parsing Structured Prediction methods like CRF or Perceptron train linear models

403 views • 27 slides
Lecture 10 First-Order Logic 4 th February 2020 Outline 2 / 24 Why FOL? Syntax and

Lecture 10 First-Order Logic 4 th February 2020 Outline 2 / 24 Why FOL? Syntax and

Claudia Chirita School of Informatics, University of Edinburgh Based on slides by: Jacques Fleuriot, Michael Rovatsos, Michael Herrmann, Vaishak Belle Informatics 2D Agents and Reasoning 2019/2020 Lecture 10 First-Order Logic 4 th

512 views • 30 slides
ARTIFICIAL INTELLIGENCE Russell & Norvig Chapter 8. First-Order Logic First-Order Logic

ARTIFICIAL INTELLIGENCE Russell & Norvig Chapter 8. First-Order Logic First-Order Logic

ARTIFICIAL INTELLIGENCE Russell & Norvig Chapter 8. First-Order Logic First-Order Logic First-Order Predicate Logic / Calculus Much more powerful the propositional (Boolean) logic Greater expressive power than propositional

589 views • 20 slides
My y Dig igit ital al Sib iblin ling Andy Fawkes DRAFT as of 6-Jan-20 Ove vervi view ew

My y Dig igit ital al Sib iblin ling Andy Fawkes DRAFT as of 6-Jan-20 Ove vervi view ew

IT 2 EC London 28 April 2020 My y Dig igit ital al Sib iblin ling Andy Fawkes DRAFT as of 6-Jan-20 Ove vervi view ew Digital Twins Fidelity Capability Life Cycle Digital Sibling Di Digit gital al Tw Twins

781 views • 29 slides
Tree A tree consists of a set of nodes and a set of edges that connect pairs of nodes.

Tree A tree consists of a set of nodes and a set of edges that connect pairs of nodes.

Tree A tree consists of a set of nodes and a set of edges that connect pairs of nodes. Property: there is exactly one path (no more, no less) between any two nodes of the tree. A path is a connected sequence of zero or more edges.

301 views • 3 slides
Automated GPU Kernel Fusion with XLA EuroLLVM'19, April 8 2019 Thomas Joerg, Google Presenting

Automated GPU Kernel Fusion with XLA EuroLLVM'19, April 8 2019 Thomas Joerg, Google Presenting

Automated GPU Kernel Fusion with XLA EuroLLVM'19, April 8 2019 Thomas Joerg, Google Presenting work done by the XLA team Outline TensorFlow Kernel fusion XLA compiler Automated kernel fusion Example: ResNet block ReLu :=

715 views • 33 slides
Pros and cons of propositional logic Propositional logic is declarative : pieces of syntax

Pros and cons of propositional logic Propositional logic is declarative : pieces of syntax

Pros and cons of propositional logic Propositional logic is declarative : pieces of syntax correspond to facts Propositional logic allows partial/disjunctive/negated information (unlike most data structures and databases) First-order logic

279 views • 7 slides

More recommend