Re: NULL pointer arithmetic issues
On 22.02.2020 19:39, Joerg Sonnenberger wrote: > On Sat, Feb 22, 2020 at 05:25:42PM +0100, Kamil Rytarowski wrote: >> When running the ATF tests under MKLIBCSANITIZER [1], there are many >> NULL pointer arithmetic issues . > > Which flags are the sanitizers using? Because I wouldn't be surprised if > they just hit _PSLIST_VALIDATE_PTRS and friends. > > Joerg > This patch did not help. I double checked that this branch is really taken. Index: sys/sys/pslist.h === RCS file: /cvsroot/src/sys/sys/pslist.h,v retrieving revision 1.7 diff -u -r1.7 pslist.h --- sys/sys/pslist.h1 Dec 2019 15:28:19 - 1.7 +++ sys/sys/pslist.h22 Feb 2020 20:51:42 - @@ -32,6 +32,7 @@ #ifndef_SYS_PSLIST_H #define_SYS_PSLIST_H +#include #include #include @@ -288,7 +289,9 @@ * Type-safe macros for convenience. */ -#if defined(__COVERITY__) || defined(__LGTM_BOT__) +#if defined(__COVERITY__) || defined(__LGTM_BOT__) || \ + __has_feature(undefined_behavior_sanitizer) || \ + defined(__SANITIZE_UNDEFINED__) #define_PSLIST_VALIDATE_PTRS(P, Q) 0 #define_PSLIST_VALIDATE_CONTAINER(P, T, F) 0 #else signature.asc Description: OpenPGP digital signature
Re: NULL pointer arithmetic issues
On Sat, Feb 22, 2020 at 05:25:42PM +0100, Kamil Rytarowski wrote: > When running the ATF tests under MKLIBCSANITIZER [1], there are many > NULL pointer arithmetic issues . Which flags are the sanitizers using? Because I wouldn't be surprised if they just hit _PSLIST_VALIDATE_PTRS and friends. Joerg
NULL pointer arithmetic issues
When running the ATF tests under MKLIBCSANITIZER [1], there are many NULL pointer arithmetic issues . http://netbsd.org/~kamil/mksanitizer-reports/ubsan-2020-02-22-null-pointer.txt These issues are in macros like: - IN_ADDRHASH_READER_FOREACH() - IN_ADDRLIST_WRITER_INSERT_TAIL() - IFADDR_READER_FOREACH() - etc These macros wrap internally pserialize-safe linked lists. What's the proper approach to address this issue? These reports are responsible for around half of all kinds of the remaining Undefined Behavior unique issues when executing ATF tests. [1] ./build.sh -N0 -U -V MAKECONF=/dev/null -V HAVE_LLVM=yes -V MKGCC=no -V MKLLVM=yes -V MKLIBCSANITIZER=yes -j8 -u -O /public/netbsd-llvm distribution signature.asc Description: OpenPGP digital signature
Re: fault(4)
On 08.02.2020 11:47, Maxime Villard wrote: > > Running ATF with kASan+LOCKDEBUG+fault with {N=32 scope=GLOBAL} already > gives > an instant crash: > > kernel diagnostic assertion "radix_tree_empty_tree_p(>pm_pvtree)" > failed: file ".../sys/arch/x86/x86/pmap.c" > There is a number of similar reports on syzbot. > Looks like radixtree.c doesn't handle allocation failures very well > somewhere. > > fault(4) seems like the kind of feature that would be useful for > stress-testing > and fuzzing. As you can see in the diff, its code is extremely simple. > > Maxime > > [1] https://m00nbsd.net/garbage/fault/fault.diff This tool is a must have but I defer review to others.