[PATCH v5] fix issues reported by GCC undefined sanitizer #2044
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
odpbuild
changed the title
JereLeppanen
force-pushed
the
dev/sanitizer-undefined
branch
from
21fa40d
to
5096613
Compare
odpbuild
changed the title
|
v2:
|
JannePeltonen
requested changes
Apr 8, 2024
JereLeppanen
force-pushed
the
dev/sanitizer-undefined
branch
from
5096613
to
c16a3e6
Compare
odpbuild
changed the title
|
All comments processed in v3. |
| @@ -58,21 +58,21 @@ static int32_t _random_data(uint8_t *buf, uint32_t len, uint64_t *seed) | |||
| } | |||
|
|
|||
| for (uint32_t i = 0; i < len / 4; i++) { | |||
| *(uint32_t *)(uintptr_t)buf = xorshift64s32(seed); | |||
| *(odp_una_u32_t *)buf = xorshift64s32(seed); | |||
There was a problem hiding this comment.
Not assuming alignment here can throw away the work done to align the pointer if _ODP_UNALIGNED is zero. If the CPU does not support unaligned accesses, the compiler may have to resort to using multiple store instructions here, even though it is not really necessary.
I would suggest doing something like this here:
for (uint32_t i = 0; i < len / 4; i++) {
if (_ODP_UNALIGNED)
*(uint32_t *)(uintptr_t)buf = xorshift64s32(seed);
else
*(odp_una_u32_t *)buf = xorshift64s32(seed);
buf += 4;
}
There was a problem hiding this comment.
I did it a bit differently, in v4. But maybe there's no real need to optimize the no-unaligned case, and we could just remove the whole thing?
There was a problem hiding this comment.
Maybe, but since it is already there and you fixed the alignment issues, I think it can as well stay.
|
Minor improvement proposal to _random_data(). With that, Reviewed-by: Janne Peltonen janne.peltonen@nokia.com |
JereLeppanen
force-pushed
the
dev/sanitizer-undefined
branch
from
c16a3e6
to
75c981e
Compare
odpbuild
changed the title
JannePeltonen
approved these changes
Apr 16, 2024
If _odp_pool_create() fails, free ring_shm if it has been reserved. If adjust_size() fails, instead of returning immediately, first free the reserved resources, including ring_shm. Also, for consistency, set ring pointer to NULL whenever ring_shm is freed. Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
In cache_flush(), if the pool's ring is NULL, i.e. the pool is not reserved, return immediately and don't try to flush the cache. This avoids taking the address of a member of the ring struct via a NULL pointer, which is undefined behavior. Fixes GCC undefined sanitizer error: odp_pool.c:138:7: runtime error: member access within null pointer of type 'struct pool_ring_t' Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
…ot NULL Don't copy capabilities if the destination pointer is NULL. In these cases size is also zero, so nothing is copied anyway. However, memcpy() destination is declared to never be NULL, so calling it with NULL destination is undefined behavior. Fixes GCC undefined sanitizer errors: odp_crypto_openssl.c:1911:2: runtime error: null pointer passed as argument 1, which is declared to never be null odp_crypto_openssl.c:2013:2: runtime error: null pointer passed as argument 1, which is declared to never be null Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
With an empty thread mask, thr_tbl[] in schedule_group_create() ends up being zero size, which is undefined behavior. Fix by using a static array size. Fixes GCC undefined sanitizer error: odp_schedule_basic.c:1922:6: runtime error: variable length array bound evaluates to non-positive value 0 Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
…umber of events is zero If packet_free_multi_ev() is called with zero events, the pkt_hdrs[] array ends up being zero size, which is undefined behavior. Fix by returning early if number of events is zero. Fixes GCC undefined sanitizer error: odp_packet.c:702:20: runtime error: variable length array bound evaluates to non-positive value 0 Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
Avoid undefined behavior in bit shifts in reflect_u*() functions by using types of sufficient width for the values being shifted. Fixes GCC undefined sanitizer error: odp_hash_crc_gen.c:90:16: runtime error: left shift of 237 by 24 places cannot be represented in type 'int' Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
Since the data is not necessarily aligned, use unaligned types to read it, in order to avoid undefined behavior. Fixes GCC undefined sanitizer errors: hash_crc32.h:35:24: runtime error: load of misaligned address 0x0000005e12d4 for type 'const uint64_t', which requires 8 byte alignment hash_crc32.h:40:14: runtime error: load of misaligned address 0x0000005ff879 for type 'const uint32_t', which requires 4 byte alignment hash_crc32.h:51:47: runtime error: load of misaligned address 0x0000005e67af for type 'const uint16_t', which requires 2 byte alignment Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
An ethernet header being parsed may not be aligned in memory, so use unaligned types to read it, in order to avoid undefined behavior. Fixes GCC undefined sanitizer errors: odp_parse.c:43:30: runtime error: load of misaligned address 0x7fc1d4675093 for type 'const uint16_t', which requires 2 byte alignment odp_parse.c:49:21: runtime error: load of misaligned address 0x7fc1d4674655 for type 'const uint16_t', which requires 2 byte alignment odp_parse.c:52:21: runtime error: load of misaligned address 0x7fc1d4674657 for type 'const uint16_t', which requires 2 byte alignment odp_parse.c:72:30: runtime error: load of misaligned address 0x7fc1d4674667 for type 'const uint16_t', which requires 2 byte alignment Also, remove unnecessary intermediate casts to const void * and uintptr_t. Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
Align allocation of queue_blk_t, in order to avoid unaligned access to queue_blk_t members, which is undefined behavior. Fixes many GCC undefined sanitizer errors, for example: odp_pkt_queue.c:66:22: runtime error: member access within misaligned address 0x7fe5c3d1f010 for type 'struct queue_blk_t', which requires 64 byte alignment Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
Random data destination may not be aligned. Use unaligned types to write the random data, in order to avoid undefined behavior. Fixes GCC undefined sanitizer errors: odp_random_std.c:61:31: runtime error: store to misaligned address 0x7fffc1307109 for type 'uint32_t', which requires 4 byte alignment odp_random_std.c:69:32: runtime error: store to misaligned address 0x7fffc1307109 for type 'uint16_t', which requires 2 byte alignment Also, remove some unnecessary intermediate casts to uintptr_t. Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
… if header and trailer lengths are zero If write_header_and_trailer() is called with both header_len and trailer_len zero, the buffer[] array ends up being zero size, which is undefined behavior. Fix by returning early in that case. Fixes GCC undefined sanitizer error: crypto_op_test.c:165:10: runtime error: variable length array bound evaluates to non-positive value 0 Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
…n session_create() When calling session_create() with cipher or auth key length zero, the cipher_key_data[] and/or auth_key_data[] arrays end up being zero size, which is undefined behavior. Fix by using static array sizes. Fixes GCC undefined sanitizer errors: odp_crypto_test_inp.c:191:10: runtime error: variable length array bound evaluates to non-positive value 0 odp_crypto_test_inp.c:192:10: runtime error: variable length array bound evaluates to non-positive value 0 Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
…ft in calc_ipv4_5tuple_hash() Avoid undefined behavior in bit shift in calc_ipv4_5tuple_hash() by casting to an unsigned integer of sufficient width before the shift operation. Fixes GCC undefined sanitizer error: odp_pktio_ordered.c:336:24: runtime error: left shift of negative value -25535 Also, use unsigned types in ipv4_tuple5_t. This avoids potential implementation defined results in calc_flow_idx() when assigning unsigned values to a tuple. Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
…t data Packet data may not be aligned. Use unaligned type when accessing packet data in order to avoid undefined behavior. Fixes multiple GCC undefined sanitizer errors, for example: odp_cpu_bench.c:206:11: runtime error: store to misaligned address 0x7fde78bda1aa for type 'uint32_t', which requires 4 byte alignment Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
In open_pktios(), if the number of rx or tx threads is zero, the pktin[] or pktout[] arrays end up being zero size, which is undefined behavior. Fix by using a static array size. Also, move the arrays into a smaller scope. Fixes GCC undefined sanitizer error: odp_packet_gen.c:790:20: runtime error: variable length array bound evaluates to non-positive value 0 Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
Avoid undefined behavior in bit shift in hash() by casting to an unsigned integer of sufficient width before the shift operation. Fixes GCC undefined sanitizer error: odp_ipfragreass_reassemble.c:92:23: runtime error: left shift of 40448 by 16 places cannot be represented in type 'int' Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
In parse_ipv4_string(), use unsigned variables and scanf formatters to avoid negative values, and cast to uint32_t in order to avoid undefined behavior in bit shift operations. Fixes GCC undefined sanitizer error: odp_ipsec_misc.h:192:47: runtime error: left shift of 192 by 24 places cannot be represented in type 'int' Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
Round node size up to the hash node alignment requirement. Fixes GCC undefined sanitizer errors: hashtable.c:203:22: runtime error: member access within misaligned address 0x7f92c156007b for type 'struct odph_hash_node', which requires 8 byte alignment hashtable.c:204:22: runtime error: member access within misaligned address 0x7f92c156007b for type 'struct odph_hash_node', which requires 8 byte alignment hashtable.c:205:4: runtime error: member access within misaligned address 0x7f92c156007b for type 'struct odph_hash_node', which requires 8 byte alignment hashtable.c:266:13: runtime error: member access within misaligned address 0x7f92c156007b for type 'struct odph_hash_node', which requires 8 byte alignment hashtable.c:267:25: runtime error: member access within misaligned address 0x7f92c156007b for type 'struct odph_hash_node', which requires 8 byte alignment hashtable.c:271:2: runtime error: member access within misaligned address 0x7f92c156007b for type 'struct odph_hash_node', which requires 8 byte alignment odph_list_internal.h:31:13: runtime error: member access within misaligned address 0x7f92c156007b for type 'struct odph_list_object', which requires 8 byte alignment odph_list_internal.h:32:13: runtime error: member access within misaligned address 0x7f92c156007b for type 'struct odph_list_object', which requires 8 byte alignment odph_list_internal.h:40:12: runtime error: member access within misaligned address 0x7f92c156007b for type 'struct odph_list_object', which requires 8 byte alignment odph_list_internal.h:41:12: runtime error: member access within misaligned address 0x7f92c156007b for type 'struct odph_list_object', which requires 8 byte alignment Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
Add undefined sanitizier to the sanitizer job. Signed-off-by: Jere Leppänen <jere.leppanen@nokia.com> Reviewed-by: Janne Peltonen <janne.peltonen@nokia.com>
JereLeppanen
force-pushed
the
dev/sanitizer-undefined
branch
from
75c981e
to
e513e83
Compare
odpbuild
changed the title
|
v5: Rebase. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.