On 03/12/14 18:18, Eric Blake wrote: > [adding the public list] > > On 12/03/2014 10:49 AM, Dingbao Xie wrote: >> Dear coreutils maintainer, >> I'm a visiting phd student at UC davis and currently works >> on a project aiming to detect undefined behaviors. >> clang has a sanitizer called ubsan which can identify certain >> undefined behaviors at runtime. I tried to do experiment on coreutils >> and found a shift out of bounds in a c file. >> Below is the detail information: >> >> xdb@xie:$ ./arch _<<<\x00 >> ../../lib/quotearg.c:554:45: runtime error: left shift of 1 by 31 places >> cannot be represented in type 'int' >> ./arch: extra operand `_' >> Try `./arch --help' for more information >> >> >> Could you please confirm that whether it is a serious problem or not? >> BTW, I built coreutil-6.11 with clang (-fsanitize=undefined). > > Thanks for the report. This issue has already been fixed upstream; > http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=831b84, and is > already in newer versions of coreutils. You would be much better off > doing your testing on the latest coreutils.git instead of old versions.
On a related note I just noticed a false positive -fsanitize=undefined failure with gcc 4.9.2 which the attached should avoid. An alternative to the attached approach might be to avoid unaligned accesses altogether by getting readisaac() to memcpy only unaligned slop? cheers, Pádraig.
>From 1a2954c8b996b33a529bbda463647fd5eb1940d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A1draig=20Brady?= <[email protected]> Date: Wed, 3 Dec 2014 21:06:11 +0000 Subject: [PATCH] maint: avoid -fsanitize=undefined warning in rand-isaac * gl/lib/rand-isaac.c (isaac_refill): readisaac() purposefully passes unaligned pointers to avoid memory copies. This is only done on platforms where this is defined, so avoid the associated runtime warning generated with -fsanitize=undefined: lib/rand-isaac.c:125:182: runtime error: store to misaligned address 0x63100003d7fd for type 'isaac_word', which requires 8 byte alignment 0x63100003d7fd: note: pointer points here 47 ce ed a4 be be be 00 00 00 00 00 00 00 00 ... ^ --- gl/lib/rand-isaac.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/gl/lib/rand-isaac.c b/gl/lib/rand-isaac.c index c03242f..a7a8ea0 100644 --- a/gl/lib/rand-isaac.c +++ b/gl/lib/rand-isaac.c @@ -35,6 +35,18 @@ #include "rand-isaac.h" #include <limits.h> +#include <string.h> + +/* If we can make unaligned accesses then don't have + -fsanitize=undefined warn about it. */ +#undef ATTRIBUTE_NO_WARN_SANITIZE_UNDEFINED +#if !_STRING_ARCH_unaligned ||__GNUC__ < 4 \ + ||(__GNUC__ == 4 && __GNUC_MINOR__ < 9) +# define ATTRIBUTE_NO_WARN_SANITIZE_UNDEFINED /* empty */ +#else +# define ATTRIBUTE_NO_WARN_SANITIZE_UNDEFINED __attribute__ \ + ((__no_sanitize_undefined__)) +#endif /* The minimum of two sizes A and B. */ static inline size_t @@ -81,7 +93,7 @@ ind (isaac_word const *m, isaac_word x) } /* Use and update *S to generate random data to fill RESULT. */ -void +void ATTRIBUTE_NO_WARN_SANITIZE_UNDEFINED isaac_refill (struct isaac_state *s, isaac_word result[ISAAC_WORDS]) { /* Caches of S->a and S->b. */ -- 2.1.0
