Re: [ft-devel] Curb the scaling

From:

Kostya Serebryany

Subject:

Date:

Fri, 13 Oct 2017 11:00:39 -0700

On Fri, Oct 13, 2017 at 7:43 AM, Alexei Podtelezhnikov <address@hidden> wrote:

> [*] Actually, what's ugly is the macro syntax. I would like to have
> compiler support like
>
> foo = bar + baz __attribute__ ((allowed_overflow));
>
> so that the mathematical operators are not hidden.

I would like to address this to Kostya. Please do tell us how to
inform ftfuzzer that the overflow is acceptable here. Perhaps, we can
add a special comment /* ftfuzzer overflow */ or something. GCC has a
special flag -fwrapv or make sure that the overflow wraps around.

This is not about fuzzing, but about run-time checking.

In this case, the error is coming from ubsan: https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html

You may shut it down with an attribute on a function:

https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#disabling-instrumentation-with-attribute-no-sanitize-undefined

But this is risky -- integer overflows do indeed cause lots of trouble, even those that look benign.

Just recently my teammate spent a week debugging a production issue caused by a signed integer overflow

(for various reasons that code was not checked with ubsan -- now it is)

--kcc

[ft-devel] Curb the scaling, Alexei Podtelezhnikov, 2017/10/03

Re: [ft-devel] Curb the scaling, Werner LEMBERG, 2017/10/04
- Re: [ft-devel] Curb the scaling, Alexei Podtelezhnikov, 2017/10/12
  - Re: [ft-devel] Curb the scaling, Werner LEMBERG, 2017/10/12
  - Re: [ft-devel] Curb the scaling, Alexei Podtelezhnikov, 2017/10/12
  - Re: [ft-devel] Curb the scaling, Werner LEMBERG, 2017/10/13
  - Re: [ft-devel] Curb the scaling, Alexei Podtelezhnikov, 2017/10/13
  - Re: [ft-devel] Curb the scaling, Kostya Serebryany <=
  - Re: [ft-devel] Curb the scaling, Alexei Podtelezhnikov, 2017/10/13
  - Re: [ft-devel] Curb the scaling, Werner LEMBERG, 2017/10/13