[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Tinycc-devel] tcc fails UBSan and ASan
From: |
Giovanni Mascellani |
Subject: |
[Tinycc-devel] tcc fails UBSan and ASan |
Date: |
Sat, 26 Jan 2019 10:48:53 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 |
Hi,
the CodingStyle file suggests that tcc should be UBSan and ASan clean.
However, it appears it is not. Working with mob:
$ ./configure
$ make -j12
$ mv libtcc.a libtcc.a.hide
$ make clean
$ ./configure --extra-cflags="-fsanitize=undefined -g"
--extra-ldflags="-fsanitize=undefined -g"
$ make -j12
This already prints lots of errors when tcc compiles libtcc1.a, mostly
about unaligned struct access. An example:
> tcctools.c:189:21: runtime error: member access within misaligned address
> 0x564f628c4d3c for type 'struct Elf64_Shdr', which requires 8 byte alignment
> 0x564f628c4d3c: note: pointer points here
> 00 00 00 00 01 00 00 00 01 00 00 00 06 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 40 00 00 00
> ^
Similar errors happen for other structs, like TokenString and TokenSym.
Then:
$ make test
Gives other similar errors, also for struct Sym. Also:
> tcctest.c: In function ‘switch_test’:
> tcctest.c:1969:6: error: case label does not reduce to an integer constant
> case 4LL << 61:
> ^~~~
> tcctest.c:1972:6: error: case label does not reduce to an integer constant
> case 5LL << 61:
> ^~~~
I'd say this is correct, this is undefined behaviour. Tests stop here
because of failure, but there could be more in later tests.
Let's do the same for ASan:
$ git clean -fdx
$ ./configure
$ make -j12
$ mv libtcc.a libtcc.a.hide
$ make clean
$ ./configure --extra-cflags="-fsanitize=address -g"
--extra-ldflags="-fsanitize=address -g"
$ make -j12
$ cp libtcc.a.hide libtcc.a
$ ./configure
$ make test
Some use-after-free are found in 07_function, 25_quicksort,
26_character_constants and 80_flexarray. Curiously, nothing is found in
VLA-related tests, while CodingStyle says there could be problems there.
More or less same results are obtained with valgrind.
I can try to fix them, but maybe people more knowledgable than me might
be quicker and produce a more correct fix.
Thanks, Giovanni.
--
Giovanni Mascellani <address@hidden>
Postdoc researcher - Université Libre de Bruxelles
signature.asc
Description: OpenPGP digital signature
- [Tinycc-devel] tcc fails UBSan and ASan,
Giovanni Mascellani <=