Bug #52550 [Com]: integer undefined behaviors executed during "make test"

regehr at cs dot utah dot edu Thu, 02 Sep 2010 20:53:01 -0700

Edit report at http://bugs.php.net/bug.php?id=52550&edit=1


 ID:                 52550
 Comment by:         regehr at cs dot utah dot edu
 Reported by:        regehr at cs dot utah dot edu
 Summary:            integer undefined behaviors executed during "make
                     test"
 Status:             Analyzed
 Type:               Bug
 Package:            *General Issues
 Operating System:   linux
 PHP Version:        trunk-SVN-2010-08-06 (snap)
 Block user comment: N

 New Comment:

Below are some updated results from our integer undefined behavior
checker.  These are from php-trunk-201009022030 on x86-64 Linux.



The .log files from "make test" can be found here:



http://www.cs.utah.edu/~regehr/php-trunk-201009022030.test-logs.tar.gz



Basically you just want to grep for "CLANG UNDEFINED" in these files.



Summary:



</home/regehr/z/php-trunk-201009022030/Zend/zend_hash.h, (350:2)> : Op:
+, Reason : Signed Addition Overflow, BINARY OPERATION: left (int64):
9223372036854775800 right (int64): 8 



</home/regehr/z/php-trunk-201009022030/Zend/zend_hash.h, (350:2)> : Op:
-, Reason : Signed Subtraction Overflow, UNARY OPERATION: left (int64):
0 right (int64): -9223372036854775808 



</home/regehr/z/php-trunk-201009022030/Zend/zend_operators.c, (1181:2)>
: Op: <<, Reason : Signed Left Shift: Right operand is negative or is
greater than or equal to the width of the promoted left operand, BINARY
OPERATION: left (int64): 0 right (int64): 65 



</home/regehr/z/php-trunk-201009022030/Zend/zend_operators.c, (1194:2)>
: Op: >>, Reason : Signed Right Shift: Right operand is negative or is
greater than or equal to the width of the promoted left operand, BINARY
OPERATION: left (int64): 0 right (int64): 65 



</home/regehr/z/php-trunk-201009022030/Zend/zend_operators.c, (766:31)>
: Op: +, Reason : Signed Addition Overflow, BINARY OPERATION: left
(int64): 9223372036854775807 right (int64): 1 



</home/regehr/z/php-trunk-201009022030/Zend/zend_operators.c, (828:31)>
: Op: -, Reason : Signed Subtraction Overflow, BINARY OPERATION: left
(int64): -9223372036854775808 right (int64): 1 



</home/regehr/z/php-trunk-201009022030/Zend/zend_operators.c, (877:5)> :
Op: *, Reason : Signed Multiplication Overflow, BINARY OPERATION: left
(int64): 9223372036854775807 right (int64): 7 



</home/regehr/z/php-trunk-201009022030/ext/date/lib/parse_tz.c,
(133:35)> : Op: *, Reason : Signed Multiplication Overflow, BINARY
OPERATION: left (int32): 255 right (int32): 16777216 



</home/regehr/z/php-trunk-201009022030/ext/standard/math.c, (616:5)> :
Op: *, Reason : Signed Multiplication Overflow, BINARY OPERATION: left
(int64): 2147483647 right (int64): 4611686014132420609 



</home/regehr/z/php-trunk-201009022030/ext/standard/math.c, (620:5)> :
Op: *, Reason : Signed Multiplication Overflow, BINARY OPERATION: left
(int64): 110075314176 right (int64): 110075314176


Previous Comments:
------------------------------------------------------------------------
[2010-08-08 17:45:04] il...@php.net

Automatic comment from SVN on behalf of iliaa
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=301991
Log: Additional fix for bug #52550 &amp; fix test &amp; warning from
previous fixes

------------------------------------------------------------------------
[2010-08-06 23:53:31] regehr at cs dot utah dot edu

FYI there are a few bogus errors in the list I posted earlier. 
Obviously (35 - 33) is well-defined in C.  Sorry about that.  It should
be easy to recognize and ignore these.

------------------------------------------------------------------------
[2010-08-06 22:04:30] il...@php.net

Automatic comment from SVN on behalf of iliaa
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=301939
Log: Another fix for issue indentified in bug #52550

------------------------------------------------------------------------
[2010-08-06 21:55:12] il...@php.net

Automatic comment from SVN on behalf of iliaa
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=301938
Log: Fixed issues inside str_pad() identified by bug #52550

------------------------------------------------------------------------
[2010-08-06 21:42:55] regehr at cs dot utah dot edu

The tool isn't yet available.  It is a modified version of LLVM's Clang
compiler and it still has some rough edges that we're working out. 
However, we'll contribute it to the LLVM project fairly soon, at which
point it'll be really easy to run as you suggest.  In the meantime I'd
be happy to rerun it in a few weeks or whenever seems good to you.

------------------------------------------------------------------------


The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at

    http://bugs.php.net/bug.php?id=52550


-- 
Edit this bug report at http://bugs.php.net/bug.php?id=52550&edit=1

Bug #52550 [Com]: integer undefined behaviors executed during "make test"

Reply via email to