Test suite failures with UBSAN #427

thesamesam · 2023-01-07T02:47:16Z

Noticed the following failures when building rsync with Undefined Behavior Sanitizer (UBSAN, -fsanitize=undefined):

When running the test suite:

----- batch-mode log follows
Testing for symlinks using 'test -h'
sending incremental file list
created directory /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/testtmp/batch-mode/chk
./
empty
filelist
nolf
nolf-symlink -> nolf
text
byteorder.h:116:9: runtime error: store to misaligned address 0x56387b21c364 for type 'int64_t', which requires 8 byte alignment
0x56387b21c364: note: pointer points here
  02 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  b0 00 00 00 00 00 00 00
              ^
    #0 0x56387b0b695a in SIVAL64 /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/byteorder.h:116
    #1 0x56387b0b695a in send_msg_success /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/io.c:1081
    #2 0x56387b06edec in recv_files /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/receiver.c:930
    #3 0x56387b08ede5 in do_recv /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1054
    #4 0x56387b08f8e3 in do_server_recv /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1225
    #5 0x56387b08f8e3 in start_server /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1259
    #6 0x56387b08fd14 in child_main /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1232
    #7 0x56387b0f2dc4 in local_child /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/pipe.c:166
    #8 0x56387b03874f in do_cmd /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:644
    #9 0x56387b03874f in start_client /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1586
    #10 0x56387b03874f in main /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1857
    #11 0x7f7e78e34289  (/usr/lib64/libc.so.6+0x23289)
    #12 0x7f7e78e34344 in __libc_start_main (/usr/lib64/libc.so.6+0x23344)
    #13 0x56387b03b450 in _start (/var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/rsync+0xc0450)
[...]

At runtime, I also hit:

installsources: rsyncing source files
flist.c:2370:32: runtime error: null pointer passed as argument 1, which is declared to never be null
    #0 0x55daeb17b44c in send_file_list /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/flist.c:2370
    #1 0x55daeb1db3fd in client_run /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1315
    #2 0x55daeb182bf9 in start_client /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1597
    #3 0x55daeb182bf9 in main /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1857
    #4 0x7f79ac867289  (/usr/lib64/libc.so.6+0x23289)
    #5 0x7f79ac867344 in __libc_start_main (/usr/lib64/libc.so.6+0x23344)
    #6 0x55daeb185b30  (/usr/bin/rsync+0xbeb30)

flist.c:2370:32: runtime error: null pointer passed as argument 2, which is declared to never be null
    #0 0x55daeb19d80d in send_file_list /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/flist.c:2370
    #1 0x55daeb1db3fd in client_run /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1315
    #2 0x55daeb182bf9 in start_client /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1597
    #3 0x55daeb182bf9 in main /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1857
    #4 0x7f79ac867289  (/usr/lib64/libc.so.6+0x23289)
    #5 0x7f79ac867344 in __libc_start_main (/usr/lib64/libc.so.6+0x23344)
    #6 0x55daeb185b30  (/usr/bin/rsync+0xbeb30)
[...]
byteorder.h:83:9: runtime error: load of misaligned address 0x55daebfa0b22 for type 'const uint32_t', which requires 4 byte alignment
0x55daebfa0b22: note: pointer points here
 00 80  00 00 eb c9 00 07 2f 2a  20 54 68 69 73 20 66 69  6c 65 20 77 61 73 20 67  65 6e 65 72 61 74
              ^
    #0 0x55daeb2029f2 in IVALu /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/byteorder.h:83
    #1 0x55daeb2029f2 in IVAL /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/byteorder.h:124
    #2 0x55daeb2029f2 in raw_read_int /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/io.c:939
    #3 0x55daeb205862 in read_a_msg /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/io.c:1485
    #4 0x55daeb206b34 in read_buf /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/io.c:1910
    #5 0x55daeb216aca in simple_recv_token /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/token.c:300
    #6 0x55daeb216aca in recv_token /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/token.c:1071
    #7 0x55daeb1b7071 in receive_data /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/receiver.c:314
    #8 0x55daeb1b9092 in recv_files /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/receiver.c:877
    #9 0x55daeb1da025 in do_recv /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1054
    #10 0x55daeb1dabe0 in do_server_recv /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1225
    #11 0x55daeb1dabe0 in start_server /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1259
    #12 0x55daeb1db0b4 in child_main /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1232
    #13 0x55daeb23b464 in local_child /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/pipe.c:166
    #14 0x55daeb182ba1 in do_cmd /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:644
    #15 0x55daeb182ba1 in start_client /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1586
    #16 0x55daeb182ba1 in main /var/tmp/portage/net-misc/rsync-3.2.7-r1/work/rsync-3.2.7/main.c:1857
    #17 0x7f79ac867289  (/usr/lib64/libc.so.6+0x23289)
    #18 0x7f79ac867344 in __libc_start_main (/usr/lib64/libc.so.6+0x23344)
    #19 0x55daeb185b30  (/usr/bin/rsync+0xbeb30)

This is with GCC 12.2.1_p20221231 and GCC 13.0.0_pre20230101.

Full log: build.log

The text was updated successfully, but these errors were encountered:

WayneD · 2023-01-09T05:47:52Z

Pointer misalignment reports in byteorder.h are not an issue because the code only sets CAREFUL_ALIGNMENT to 0 on a limited set of architectures that do the right thing without requiring alignment. If you're forcing alignment checking, be sure to also force CAREFUL_ALIGNMENT to 1 in that file.

The other issue is a memcmp() call with a 0 length, which was never noticed because a NULL pointer doesn't get dereferenced with a 0 length. I committed a change to avoid such a call.

thesamesam · 2023-01-09T05:56:14Z

Thanks, that makes sense. Appreciated.

rsync sets CAREFUL_ALIGNMENT for architectures which do not support unaligned access. Disable UBSAN for functions which may use unaligned accesses when CAREFUL_ALIGNMENT is set. Bug: RsyncProject#427

rsync sets CAREFUL_ALIGNMENT for architectures which do not support unaligned access. Disable UBSAN for functions which may use unaligned accesses when CAREFUL_ALIGNMENT is set. Bug: RsyncProject#427 Signed-off-by: Sam James <[email protected]>

WayneD closed this as completed Jan 9, 2023

thesamesam mentioned this issue Jan 9, 2023

Disable UBSAN for alignment-sensitive functions when !CAREFUL_ALIGNMENT #428

Open

thesamesam mentioned this issue Jan 9, 2023

UBSAN failures in test suite (part 2) #429

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Test suite failures with UBSAN #427

Test suite failures with UBSAN #427

thesamesam commented Jan 7, 2023

WayneD commented Jan 9, 2023

thesamesam commented Jan 9, 2023

Test suite failures with UBSAN #427

Test suite failures with UBSAN #427

Comments

thesamesam commented Jan 7, 2023

WayneD commented Jan 9, 2023

thesamesam commented Jan 9, 2023