[libcxx] r273107 - Fix various undefined behavior found by UBSan.
Eric Fiselier via cfe-commits
cfe-commits at lists.llvm.org
Sun Jun 19 00:08:28 PDT 2016
Author: ericwf
Date: Sun Jun 19 02:08:27 2016
New Revision: 273107
URL: http://llvm.org/viewvc/llvm-project?rev=273107&view=rev
Log:
Fix various undefined behavior found by UBSan.
* Fix non-null violation in strstream.cpp
Overflow was calling memcpy with a null parameter and a size of 0.
* Fix std/atomics/atomics.flag/ tests:
a.test_and_set() was reading from an uninitialized atomic, but wasn't
using the value. The tests now clear the flag before performing the
first test_and_set. This allows UBSAN to test that clear doesn't read
an invalid value.
* Fix std/experimental/algorithms/alg.random.sample/sample.pass.cpp
The tests were dereferencing a past-the-end pointer to an array so that
they could do pointer arithmetic with it. Instead of dereference the iterator
I changed the tests to use the special 'base()' test iterator method.
* Add -fno-sanitize=float-divide-by-zero to suppress division by zero UBSAN diagnostics.
The tests that cause float division by zero are explicitly aware that they
are doing that. Since this is well defined for IEEE floats suppress the warnings
for now.
Modified:
libcxx/trunk/src/strstream.cpp
libcxx/trunk/test/libcxx/test/config.py
libcxx/trunk/test/std/atomics/atomics.flag/atomic_flag_clear.pass.cpp
libcxx/trunk/test/std/atomics/atomics.flag/atomic_flag_clear_explicit.pass.cpp
libcxx/trunk/test/std/atomics/atomics.flag/clear.pass.cpp
libcxx/trunk/test/std/experimental/algorithms/alg.random.sample/sample.pass.cpp
Modified: libcxx/trunk/src/strstream.cpp
URL: http://llvm.org/viewvc/llvm-project/libcxx/trunk/src/strstream.cpp?rev=273107&r1=273106&r2=273107&view=diff
==============================================================================
--- libcxx/trunk/src/strstream.cpp (original)
+++ libcxx/trunk/src/strstream.cpp Sun Jun 19 02:08:27 2016
@@ -11,6 +11,7 @@
#include "algorithm"
#include "climits"
#include "cstring"
+#include "__debug"
_LIBCPP_BEGIN_NAMESPACE_STD
@@ -167,7 +168,10 @@ strstreambuf::overflow(int_type __c)
buf = new char[new_size];
if (buf == nullptr)
return int_type(EOF);
- memcpy(buf, eback(), static_cast<size_t>(old_size));
+ if (old_size != 0) {
+ _LIBCPP_ASSERT(eback(), "overflow copying from NULL");
+ memcpy(buf, eback(), static_cast<size_t>(old_size));
+ }
ptrdiff_t ninp = gptr() - eback();
ptrdiff_t einp = egptr() - eback();
ptrdiff_t nout = pptr() - pbase();
Modified: libcxx/trunk/test/libcxx/test/config.py
URL: http://llvm.org/viewvc/llvm-project/libcxx/trunk/test/libcxx/test/config.py?rev=273107&r1=273106&r2=273107&view=diff
==============================================================================
--- libcxx/trunk/test/libcxx/test/config.py (original)
+++ libcxx/trunk/test/libcxx/test/config.py Sun Jun 19 02:08:27 2016
@@ -620,12 +620,13 @@ class Configuration(object):
blacklist = os.path.join(self.libcxx_src_root,
'test/ubsan_blacklist.txt')
self.cxx.flags += ['-fsanitize=undefined',
- '-fno-sanitize=vptr,function',
+ '-fno-sanitize=vptr,function,float-divide-by-zero',
'-fno-sanitize-recover=all',
'-fsanitize-blacklist=' + blacklist]
self.cxx.compile_flags += ['-O3']
self.env['UBSAN_OPTIONS'] = 'print_stacktrace=1'
self.config.available_features.add('ubsan')
+ self.config.available_features.add('sanitizer-new-delete')
elif san == 'Thread':
self.cxx.flags += ['-fsanitize=thread']
self.config.available_features.add('tsan')
Modified: libcxx/trunk/test/std/atomics/atomics.flag/atomic_flag_clear.pass.cpp
URL: http://llvm.org/viewvc/llvm-project/libcxx/trunk/test/std/atomics/atomics.flag/atomic_flag_clear.pass.cpp?rev=273107&r1=273106&r2=273107&view=diff
==============================================================================
--- libcxx/trunk/test/std/atomics/atomics.flag/atomic_flag_clear.pass.cpp (original)
+++ libcxx/trunk/test/std/atomics/atomics.flag/atomic_flag_clear.pass.cpp Sun Jun 19 02:08:27 2016
@@ -23,12 +23,14 @@ int main()
{
{
std::atomic_flag f;
+ f.clear();
f.test_and_set();
atomic_flag_clear(&f);
assert(f.test_and_set() == 0);
}
{
volatile std::atomic_flag f;
+ f.clear();
f.test_and_set();
atomic_flag_clear(&f);
assert(f.test_and_set() == 0);
Modified: libcxx/trunk/test/std/atomics/atomics.flag/atomic_flag_clear_explicit.pass.cpp
URL: http://llvm.org/viewvc/llvm-project/libcxx/trunk/test/std/atomics/atomics.flag/atomic_flag_clear_explicit.pass.cpp?rev=273107&r1=273106&r2=273107&view=diff
==============================================================================
--- libcxx/trunk/test/std/atomics/atomics.flag/atomic_flag_clear_explicit.pass.cpp (original)
+++ libcxx/trunk/test/std/atomics/atomics.flag/atomic_flag_clear_explicit.pass.cpp Sun Jun 19 02:08:27 2016
@@ -22,38 +22,44 @@
int main()
{
{
- std::atomic_flag f;
- f.test_and_set();
+ std::atomic_flag f; // uninitialized first
+ atomic_flag_clear_explicit(&f, std::memory_order_relaxed);
+ assert(f.test_and_set() == 0);
atomic_flag_clear_explicit(&f, std::memory_order_relaxed);
assert(f.test_and_set() == 0);
}
{
std::atomic_flag f;
- f.test_and_set();
+ atomic_flag_clear_explicit(&f, std::memory_order_release);
+ assert(f.test_and_set() == 0);
atomic_flag_clear_explicit(&f, std::memory_order_release);
assert(f.test_and_set() == 0);
}
{
std::atomic_flag f;
- f.test_and_set();
+ atomic_flag_clear_explicit(&f, std::memory_order_seq_cst);
+ assert(f.test_and_set() == 0);
atomic_flag_clear_explicit(&f, std::memory_order_seq_cst);
assert(f.test_and_set() == 0);
}
{
volatile std::atomic_flag f;
- f.test_and_set();
+ atomic_flag_clear_explicit(&f, std::memory_order_relaxed);
+ assert(f.test_and_set() == 0);
atomic_flag_clear_explicit(&f, std::memory_order_relaxed);
assert(f.test_and_set() == 0);
}
{
volatile std::atomic_flag f;
- f.test_and_set();
+ atomic_flag_clear_explicit(&f, std::memory_order_release);
+ assert(f.test_and_set() == 0);
atomic_flag_clear_explicit(&f, std::memory_order_release);
assert(f.test_and_set() == 0);
}
{
volatile std::atomic_flag f;
- f.test_and_set();
+ atomic_flag_clear_explicit(&f, std::memory_order_seq_cst);
+ assert(f.test_and_set() == 0);
atomic_flag_clear_explicit(&f, std::memory_order_seq_cst);
assert(f.test_and_set() == 0);
}
Modified: libcxx/trunk/test/std/atomics/atomics.flag/clear.pass.cpp
URL: http://llvm.org/viewvc/llvm-project/libcxx/trunk/test/std/atomics/atomics.flag/clear.pass.cpp?rev=273107&r1=273106&r2=273107&view=diff
==============================================================================
--- libcxx/trunk/test/std/atomics/atomics.flag/clear.pass.cpp (original)
+++ libcxx/trunk/test/std/atomics/atomics.flag/clear.pass.cpp Sun Jun 19 02:08:27 2016
@@ -22,50 +22,58 @@
int main()
{
{
- std::atomic_flag f;
- f.test_and_set();
+ std::atomic_flag f; // uninitialized
+ f.clear();
+ assert(f.test_and_set() == 0);
f.clear();
assert(f.test_and_set() == 0);
}
{
std::atomic_flag f;
- f.test_and_set();
+ f.clear(std::memory_order_relaxed);
+ assert(f.test_and_set() == 0);
f.clear(std::memory_order_relaxed);
assert(f.test_and_set() == 0);
}
{
std::atomic_flag f;
- f.test_and_set();
+ f.clear(std::memory_order_release);
+ assert(f.test_and_set() == 0);
f.clear(std::memory_order_release);
assert(f.test_and_set() == 0);
}
{
std::atomic_flag f;
- f.test_and_set();
+ f.clear(std::memory_order_seq_cst);
+ assert(f.test_and_set() == 0);
f.clear(std::memory_order_seq_cst);
assert(f.test_and_set() == 0);
}
{
volatile std::atomic_flag f;
- f.test_and_set();
+ f.clear();
+ assert(f.test_and_set() == 0);
f.clear();
assert(f.test_and_set() == 0);
}
{
volatile std::atomic_flag f;
- f.test_and_set();
+ f.clear(std::memory_order_relaxed);
+ assert(f.test_and_set() == 0);
f.clear(std::memory_order_relaxed);
assert(f.test_and_set() == 0);
}
{
volatile std::atomic_flag f;
- f.test_and_set();
+ f.clear(std::memory_order_release);
+ assert(f.test_and_set() == 0);
f.clear(std::memory_order_release);
assert(f.test_and_set() == 0);
}
{
volatile std::atomic_flag f;
- f.test_and_set();
+ f.clear(std::memory_order_seq_cst);
+ assert(f.test_and_set() == 0);
f.clear(std::memory_order_seq_cst);
assert(f.test_and_set() == 0);
}
Modified: libcxx/trunk/test/std/experimental/algorithms/alg.random.sample/sample.pass.cpp
URL: http://llvm.org/viewvc/llvm-project/libcxx/trunk/test/std/experimental/algorithms/alg.random.sample/sample.pass.cpp?rev=273107&r1=273106&r2=273107&view=diff
==============================================================================
--- libcxx/trunk/test/std/experimental/algorithms/alg.random.sample/sample.pass.cpp (original)
+++ libcxx/trunk/test/std/experimental/algorithms/alg.random.sample/sample.pass.cpp Sun Jun 19 02:08:27 2016
@@ -64,12 +64,12 @@ void test() {
end = std::experimental::sample(PopulationIterator(ia),
PopulationIterator(ia + is),
SampleIterator(oa), os, g);
- assert(&*end - oa == std::min(os, is));
+ assert(end.base() - oa == std::min(os, is));
assert(std::equal(oa, oa + os, oa1));
end = std::experimental::sample(PopulationIterator(ia),
PopulationIterator(ia + is),
SampleIterator(oa), os, g);
- assert(&*end - oa == std::min(os, is));
+ assert(end.base() - oa == std::min(os, is));
assert(std::equal(oa, oa + os, oa2));
}
@@ -85,7 +85,7 @@ void test_empty_population() {
SampleIterator end =
std::experimental::sample(PopulationIterator(ia), PopulationIterator(ia),
SampleIterator(oa), os, g);
- assert(&*end == oa);
+ assert(end.base() == oa);
}
template <template<class> class PopulationIteratorType, class PopulationItem,
@@ -100,7 +100,7 @@ void test_empty_sample() {
SampleIterator end =
std::experimental::sample(PopulationIterator(ia), PopulationIterator(ia + is),
SampleIterator(oa), 0, g);
- assert(&*end == oa);
+ assert(end.base() == oa);
}
template <template<class> class PopulationIteratorType, class PopulationItem,
@@ -119,8 +119,8 @@ void test_small_population() {
end = std::experimental::sample(PopulationIterator(ia),
PopulationIterator(ia + is),
SampleIterator(oa), os, g);
- assert(&*end - oa == std::min(os, is));
- assert(std::equal(oa, &*end, oa1));
+ assert(end.base() - oa == std::min(os, is));
+ assert(std::equal(oa, end.base(), oa1));
}
int main() {
More information about the cfe-commits
mailing list