[pcre-dev] [Bug 2380] PCRE 8.43 and Undefined Behavior sanit…

Top Page

Reply to this message
Author: admin
Date:  
To: pcre-dev
Old-Topics: [pcre-dev] [Bug 2380] New: PCRE 8.43 and Undefined Behavior sanitizer findings
Subject: [pcre-dev] [Bug 2380] PCRE 8.43 and Undefined Behavior sanitizer findings
https://bugs.exim.org/show_bug.cgi?id=2380

YangCONG <yangcong11@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |yangcong11@???


--- Comment #5 from YangCONG <yangcong11@???> ---
(In reply to Jeffrey Walton from comment #0)
> I used CFLAGS="-DNDEBUG -g2 -O1 -fsanitize=undefined". I built the library,
> then ran a 'make test V=1'. The output presented to the user looks OK.
> However, it looks like UBsan found some undefined behavior:
>
>
> pcre-8.43$ grep -IR 'runtime error'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcre_jit_compile.c:8510:96: runtime error: left shift of
> negative value -1
> RunTest.log:pcre_jit_compile.c:3941:15: runtime error: left shift of 197 by
> 24 places cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcre_compile.c:8683:48: runtime error: left shift of 1 by 31
> places cannot be represented in type 'int'
> RunTest.log:pcre_compile.c:8070:45: runtime error: left shift of 1 by 31
> places cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcre_compile.c:8683:48: runtime error: left shift of 1 by 31
> places cannot be represented in type 'int'
> RunTest.log:pcre_compile.c:8070:45: runtime error: left shift of 1 by 31
> places cannot be represented in type 'int'
> RunTest.log:pcretest.c:4448:17: runtime error: null pointer passed as
> argument 1, which is declared to never be null
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcre_jit_compile.c:8510:96: runtime error: left shift of
> negative value -2
> RunTest.log:pcre_compile.c:8683:48: runtime error: left shift of 1 by 31
> places cannot be represented in type 'int'
> RunTest.log:pcre_compile.c:8070:45: runtime error: left shift of 1 by 31
> places cannot be represented in type 'int'
> RunTest.log:pcre_jit_compile.c:3941:15: runtime error: left shift of 255 by
> 24 places cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcre_jit_compile.c:3941:15: runtime error: left shift of 201 by
> 24 places cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5338:33: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> RunTest.log:pcretest.c:5403:32: runtime error: left shift of 1 by 31 places
> cannot be represented in type 'int'
> pcretest.c:/* Textual explanations for runtime error codes */
> pcre_jit_test.log:........................pcre_jit_compile.c:3941:15:
> runtime error: left shift of 255 by 24 places cannot be represented in type
> 'int'
> pcre_jit_test.log:...................................................
> pcre_jit_compile.c:8510:96: runtime error: left shift of negative value -1
>
>
> "left shift of 1 by 31" is a common finding. It can usually be cleared with
> '1U << 31'. Some of the others, like pcre_jit_compile.c:3941, will need to
> be analyzed. Often it is a matter of switching to unsigned types.
>
> Be careful of these in the long run. The compiler is free to drop the code.
> My personal experience is, little findings like these are the cause of
> obscure failures, like self test failures on 32-bit MIPS with GCC 4.5-4.7
> (other platforms will be OK).


Refer to your method,I used CFLAGS="-DNDEBUG -g2 -O1 -fsanitize=undefined".
When compiling with make, link 'ld' failure,then I add
LDFLAGS="-fsanitize=undefined", it's OK.
But I have a question, as you said, these "runtime error" failures only on
32-bit MIPS with GCC 4.5-4.7 (other platforms will be OK) ,what is the reason?
whether these failures produced by UBsan can be ignored?

--
You are receiving this mail because:
You are on the CC list for the bug.