chicken-janitors
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

#1846: integer overflow when running 6.0.0pre1 tests (1)


From: Chicken Trac
Subject: #1846: integer overflow when running 6.0.0pre1 tests (1)
Date: Wed, 18 Dec 2024 12:21:21 -0000

#1846: integer overflow when running 6.0.0pre1 tests (1)
--------------------------------+----------------------------
            Reporter:  zerica   |       Type:  defect
              Status:  new      |   Priority:  major
           Milestone:  someday  |  Component:  core libraries
             Version:  6.0.0    |   Keywords:
Estimated difficulty:  trivial  |
--------------------------------+----------------------------
 i'm building chicken with the clang integer ub sanitizers, which trap
 here:

 {{{
 cd tests; sh runtests.sh
 ======================================== repository search path ...
 Illegal instruction (core dumped)
 make: *** [rules.make:1017: check] Error 132
 }}}

 {{{
 * thread #1, name = 'csi', stop reason = signal SIGILL: illegal operand
   * frame #0: 0x0000713d2cf78f30 libchicken.so.12`C_new_symbol_table
 [inlined] C_fast_rand at runtime.c:678:18
     frame #1: 0x0000713d2cf78f30
 libchicken.so.12`C_new_symbol_table(name="", size=749) at
 runtime.c:1066:15
     frame #2: 0x0000713d2cf78494
 libchicken.so.12`CHICKEN_initialize(heap=1048576, stack=1048576,
 symbols=2999, toplevel=0x00006447c8247f60) at runtime.c:732:19
     frame #3: 0x0000713d2cf77faa
 libchicken.so.12`CHICKEN_main(argc=<unavailable>, argv=<unavailable>,
 toplevel=0x00006447c8247f60) at runtime.c:624:7
     frame #4: 0x00006447c8247f4c csi`main(argc=<unavailable>,
 argv=<unavailable>) at csi.c:14957:1 [artificial]
     frame #5: 0x0000713d3141dc1d ld-musl-
 x86_64.so.1`libc_start_main_stage2(main=(csi`main at csi.c:14957),
 argc=<unavailable>, argv=0x00007ffc201673a8) at __libc_start_main.c:95:7
     frame #6: 0x00006447c8247e76 csi`_start + 22
 }}}

 the offending code is:
 {{{
 /* simple linear congruential PRNG, to avoid OpenBSD warnings.
     https://stackoverflow.com/questions/26237419/faster-than-rand
 */

 static int g_seed;

 void C_fast_srand(int seed) { g_seed = seed; }

 /* Output value in range [0, 32767] */
 int C_fast_rand(void)
 {
         g_seed = (214013*g_seed+2531011);
         return (g_seed>>16)&0x7FFF;
 }
 }}}

 which is unsound, since `g_seed` is signed and as such its overflow
 behavior is undefined and can't be relied on to wrap. the following patch
 replaces it with an unsigned type, which is instead defined to wrap on
 overflow:

 {{{
 diff -ruN a/runtime.c b/runtime.c
 --- a/runtime.c 2024-12-09 09:22:07.000000000 +0100
 +++ b/runtime.c 2024-12-18 12:52:42.250955391 +0100
 @@ -668,7 +668,7 @@
      https://stackoverflow.com/questions/26237419/faster-than-rand
  */

 -static int g_seed;
 +static unsigned g_seed;

  void C_fast_srand(int seed) { g_seed = seed; }

 }}}

-- 
Ticket URL: <https://bugs.call-cc.org/ticket/1846>
CHICKEN Scheme <https://www.call-cc.org/>
CHICKEN Scheme is a compiler for the Scheme programming language.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]