Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tricore: fix runtime errors of integer overflow #2204

Merged
merged 1 commit into from
Nov 29, 2023
Merged

tricore: fix runtime errors of integer overflow #2204

merged 1 commit into from
Nov 29, 2023

Conversation

imbillow
Copy link
Contributor

closes #2188

Also added SafeInt(https://github.com/dcleblanc/SafeInt) library for overflow checking, it's a header file ONLY library so I guess it should be fine?

@imbillow imbillow force-pushed the tc-fix-ub branch 2 times, most recently from bca5f69 to f811f2c Compare November 20, 2023 03:19
@XVilka
Copy link
Contributor

XVilka commented Nov 20, 2023

@kabeor @Rot127 what are your thoughts on this?

Rot127
Rot127 requested changes Nov 21, 2023
View reviewed changes
Copy link
Collaborator

@Rot127 Rot127 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally I approve this. Though I am not sure if the safe_math library is not a little too much.

I guess, it makes sense for TriCore to use it, because the LLVM implementation is not part of the LLVM-project and has therefore lower quality standards.
Though for archs of the officially supported archs we can be fairly certain that they handled these things.
So the library can't be used for them.

And even if we decide to replace every arithmetic operation in ARM, AArch64 etc. with the safe version, we would need to implement an additional automation step. It will take quite some work.

So the main question is, is it worth to add all of safe_math just for two or three archs? I tend to think no.

I would propose two options:

  1. Minimize the amount of code added: Maybe we can keep only the functions which are needed for TriCore and add a comment in the safe_math files where to get get the other functions if needed.
  2. (My favorite). TriCore has a max. instructions width of 32bit, right? If yes, we can just run every byte sequence (0x0 - 0xffffffff) once on this code here (with safe_math). On my machine this takes roughly 5h.
    If, after an overflow, CS aborts,you can implement a check for this specific case.
    After all cases are fixed, we can remove safe_math again, because all the cases where it overflows are handled. Would this work?

@imbillow imbillow requested a review from Rot127 November 25, 2023 14:50
XVilka
XVilka approved these changes Nov 26, 2023
View reviewed changes
Copy link
Contributor

@XVilka XVilka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Rot127 take a look again please

Rot127
Rot127 approved these changes Nov 27, 2023
View reviewed changes
Copy link
Collaborator

@Rot127 Rot127 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice. Way cleaner now! Just address the last two things please.

arch/TriCore/TriCoreInstPrinter.c Outdated Show resolved Hide resolved
arch/TriCore/TriCoreInstPrinter.c
int64_t disp = MCOperand_getImm(MO);
int64_t res = (int64_t)(MI->address) +
((0b111111111111111111111111111 << 5) |
(to_u32(disp) << 1));
Copy link
Collaborator

@Rot127 Rot127 Nov 27, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Run clang-format please, this has spaces in it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've already run clang-format, even though I'm using version 17.0.1.

@XVilka
Copy link
Contributor

XVilka commented Nov 28, 2023

@kabeor I think this one could be merged now. cc @Rot127

Rot127
Rot127 approved these changes Nov 28, 2023
View reviewed changes
Copy link
Collaborator

@Rot127 Rot127 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kabeor Your turn :)

@kabeor
Copy link
Member

kabeor commented Nov 29, 2023

LGTM, thanks! Merged.

@kabeor kabeor merged commit ce0b1b6 into capstone-engine:next Nov 29, 2023
11 checks passed
@imbillow imbillow deleted the tc-fix-ub branch June 9, 2024 14:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Rot127 Rot127 Rot127 approved these changes

@XVilka XVilka XVilka approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

tricore: runtime errors of integer overflow (detected by UBSAN)
4 participants
@imbillow @XVilka @kabeor @Rot127