From 1c493056387e3cdf99b2acc1b16fddff9244fdf7 Mon Sep 17 00:00:00 2001 From: Cathal Tummon Date: Tue, 7 Jun 2022 22:05:56 +0200 Subject: [PATCH 01/10] Ignore UBSan errors for expected overflows --- nano/lib/CMakeLists.txt | 1 + nano/lib/numbers.hpp | 3 +++ nano/lib/ubsan_warnings.hpp | 6 ++++++ nano/node/xorshift.hpp | 5 +++++ 4 files changed, 15 insertions(+) create mode 100644 nano/lib/ubsan_warnings.hpp diff --git a/nano/lib/CMakeLists.txt b/nano/lib/CMakeLists.txt index f679c7b913..d1e5ee8b45 100644 --- a/nano/lib/CMakeLists.txt +++ b/nano/lib/CMakeLists.txt @@ -75,6 +75,7 @@ add_library( tlsconfig.cpp tomlconfig.hpp tomlconfig.cpp + ubsan_warnings.hpp utility.hpp utility.cpp walletconfig.hpp diff --git a/nano/lib/numbers.hpp b/nano/lib/numbers.hpp index dc3c2b1d2f..ca0cb21425 100644 --- a/nano/lib/numbers.hpp +++ b/nano/lib/numbers.hpp @@ -1,5 +1,7 @@ #pragma once +#include + #include namespace nano @@ -274,6 +276,7 @@ namespace std template <> struct hash<::nano::uint256_union> { + __IGNORE_UBSAN_UINT_OVERFLOW__ size_t operator() (::nano::uint256_union const & data_a) const { return data_a.qwords[0] + data_a.qwords[1] + data_a.qwords[2] + data_a.qwords[3]; diff --git a/nano/lib/ubsan_warnings.hpp b/nano/lib/ubsan_warnings.hpp new file mode 100644 index 0000000000..8bbdc225f9 --- /dev/null +++ b/nano/lib/ubsan_warnings.hpp @@ -0,0 +1,6 @@ +#if defined(_WIN32) +#define __IGNORE_UBSAN_UINT_OVERFLOW__ +#else +#define __IGNORE_UBSAN_UINT_OVERFLOW__ \ + __attribute__ ((no_sanitize ("unsigned-integer-overflow"))) +#endif \ No newline at end of file diff --git a/nano/node/xorshift.hpp b/nano/node/xorshift.hpp index 2653802d31..37a3d808b4 100644 --- a/nano/node/xorshift.hpp +++ b/nano/node/xorshift.hpp @@ -1,4 +1,7 @@ #pragma once + +#include + #include namespace nano @@ -8,6 +11,8 @@ class xorshift1024star final public: std::array s; unsigned p{ 0 }; + + __IGNORE_UBSAN_UINT_OVERFLOW__ uint64_t next () { auto p_l (p); From 7421bad4a7c7640e97ffa0159afbd432633969c4 Mon Sep 17 00:00:00 2001 From: Cathal Tummon Date: Sat, 18 Jun 2022 12:57:36 +0200 Subject: [PATCH 02/10] Add more preprocessor checks --- CMakeLists.txt | 1 + nano/lib/numbers.hpp | 2 +- nano/lib/ubsan_warnings.hpp | 19 +++++++++++++++---- nano/node/xorshift.hpp | 2 +- 4 files changed, 18 insertions(+), 6 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0af358ddff..f9e8021364 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -254,6 +254,7 @@ else() endif() add_definitions(-DED25519_NO_INLINE_ASM) add_definitions(-DROCKSDB_UBSAN_RUN) + add_definitions(-DNANO_ASAN_ENABLED) elseif(${USING_TSAN}) add_compile_options(-fsanitize=thread) if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") diff --git a/nano/lib/numbers.hpp b/nano/lib/numbers.hpp index ca0cb21425..c97d7e7653 100644 --- a/nano/lib/numbers.hpp +++ b/nano/lib/numbers.hpp @@ -276,7 +276,7 @@ namespace std template <> struct hash<::nano::uint256_union> { - __IGNORE_UBSAN_UINT_OVERFLOW__ + __IGNORE_ASAN_WARNINGS__ size_t operator() (::nano::uint256_union const & data_a) const { return data_a.qwords[0] + data_a.qwords[1] + data_a.qwords[2] + data_a.qwords[3]; diff --git a/nano/lib/ubsan_warnings.hpp b/nano/lib/ubsan_warnings.hpp index 8bbdc225f9..7ba7457b84 100644 --- a/nano/lib/ubsan_warnings.hpp +++ b/nano/lib/ubsan_warnings.hpp @@ -1,6 +1,17 @@ -#if defined(_WIN32) -#define __IGNORE_UBSAN_UINT_OVERFLOW__ +#if defined(NANO_ASAN_ENABLED) +#if defined(__clang__) +#if __has_feature(memory_sanitizer) +#define __IGNORE_ASAN_WARNINGS__ \ + __attribute__ ((no_sanitize_memory)) #else -#define __IGNORE_UBSAN_UINT_OVERFLOW__ \ - __attribute__ ((no_sanitize ("unsigned-integer-overflow"))) +#define __IGNORE_ASAN_WARNINGS__ +#endif +#elif defined(__GNUC__) +#define __IGNORE_ASAN_WARNINGS__ \ + __attribute__ ((no_sanitize_memory)) +#else +#define __IGNORE_ASAN_WARNINGS__ +#endif +#else +#define __IGNORE_ASAN_WARNINGS__ #endif \ No newline at end of file diff --git a/nano/node/xorshift.hpp b/nano/node/xorshift.hpp index 37a3d808b4..33ec58dd79 100644 --- a/nano/node/xorshift.hpp +++ b/nano/node/xorshift.hpp @@ -12,7 +12,7 @@ class xorshift1024star final std::array s; unsigned p{ 0 }; - __IGNORE_UBSAN_UINT_OVERFLOW__ + __IGNORE_ASAN_WARNINGS__ uint64_t next () { auto p_l (p); From 98d4bfa50a2ef76567484d25d31e46e0f559da4a Mon Sep 17 00:00:00 2001 From: Cathal Tummon Date: Sat, 18 Jun 2022 14:24:45 +0200 Subject: [PATCH 03/10] Use correct attribute flag --- nano/lib/numbers.hpp | 2 +- nano/lib/ubsan_warnings.hpp | 18 +++--------------- nano/node/xorshift.hpp | 2 +- 3 files changed, 5 insertions(+), 17 deletions(-) diff --git a/nano/lib/numbers.hpp b/nano/lib/numbers.hpp index c97d7e7653..ba4144b898 100644 --- a/nano/lib/numbers.hpp +++ b/nano/lib/numbers.hpp @@ -276,7 +276,7 @@ namespace std template <> struct hash<::nano::uint256_union> { - __IGNORE_ASAN_WARNINGS__ + ATTRIBUTE_NO_SANITIZE_ADDRESS size_t operator() (::nano::uint256_union const & data_a) const { return data_a.qwords[0] + data_a.qwords[1] + data_a.qwords[2] + data_a.qwords[3]; diff --git a/nano/lib/ubsan_warnings.hpp b/nano/lib/ubsan_warnings.hpp index 7ba7457b84..c98af95964 100644 --- a/nano/lib/ubsan_warnings.hpp +++ b/nano/lib/ubsan_warnings.hpp @@ -1,17 +1,5 @@ -#if defined(NANO_ASAN_ENABLED) -#if defined(__clang__) -#if __has_feature(memory_sanitizer) -#define __IGNORE_ASAN_WARNINGS__ \ - __attribute__ ((no_sanitize_memory)) +#if defined(__clang__) || defined (__GNUC__) +# define ATTRIBUTE_NO_SANITIZE_ADDRESS __attribute__((no_sanitize_address)) #else -#define __IGNORE_ASAN_WARNINGS__ -#endif -#elif defined(__GNUC__) -#define __IGNORE_ASAN_WARNINGS__ \ - __attribute__ ((no_sanitize_memory)) -#else -#define __IGNORE_ASAN_WARNINGS__ -#endif -#else -#define __IGNORE_ASAN_WARNINGS__ +# define ATTRIBUTE_NO_SANITIZE_ADDRESS #endif \ No newline at end of file diff --git a/nano/node/xorshift.hpp b/nano/node/xorshift.hpp index 33ec58dd79..a3c667af2f 100644 --- a/nano/node/xorshift.hpp +++ b/nano/node/xorshift.hpp @@ -12,7 +12,7 @@ class xorshift1024star final std::array s; unsigned p{ 0 }; - __IGNORE_ASAN_WARNINGS__ + ATTRIBUTE_NO_SANITIZE_ADDRESS uint64_t next () { auto p_l (p); From 2f0e44c537e8545e4961ee5b45e74387dbeca404 Mon Sep 17 00:00:00 2001 From: Cathal Tummon Date: Sat, 18 Jun 2022 15:31:55 +0200 Subject: [PATCH 04/10] Revert CMakeLists.txt --- CMakeLists.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index f9e8021364..0af358ddff 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -254,7 +254,6 @@ else() endif() add_definitions(-DED25519_NO_INLINE_ASM) add_definitions(-DROCKSDB_UBSAN_RUN) - add_definitions(-DNANO_ASAN_ENABLED) elseif(${USING_TSAN}) add_compile_options(-fsanitize=thread) if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") From cd31abfa12767c7621772561702835314dc6a288 Mon Sep 17 00:00:00 2001 From: Cathal Tummon Date: Mon, 20 Jun 2022 22:00:36 +0200 Subject: [PATCH 05/10] Update ASAN blacklist and add ignore expected integer overflows --- CMakeLists.txt | 10 +++++++++- asan_blacklist | 1 - asan_blacklist.in | 5 +++++ nano/lib/CMakeLists.txt | 2 +- nano/lib/asan_warnings.hpp | 9 +++++++++ nano/lib/numbers.hpp | 4 ++-- nano/lib/ubsan_warnings.hpp | 5 ----- nano/node/xorshift.hpp | 4 ++-- 8 files changed, 28 insertions(+), 12 deletions(-) delete mode 100644 asan_blacklist create mode 100644 asan_blacklist.in create mode 100644 nano/lib/asan_warnings.hpp delete mode 100644 nano/lib/ubsan_warnings.hpp diff --git a/CMakeLists.txt b/CMakeLists.txt index 0af358ddff..9562ff0f49 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -248,7 +248,15 @@ else() if(${USING_ASAN} OR ${USING_ASAN_INT}) if(${USING_ASAN_INT}) - add_compile_options(-fsanitize=address,undefined,integer) + if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") + configure_file(asan_blacklist.in asan_blacklist) + add_compile_options(-fsanitize=address,undefined,integer) + add_compile_options( + "-fsanitize-blacklist=${CMAKE_BINARY_DIR}/asan_blacklist") + else() + message(WARNING "ASAN_INT is only supported with clang, defaulting to ASAN") + add_compile_options(-fsanitize=address,undefined) + endif() else() add_compile_options(-fsanitize=address,undefined) endif() diff --git a/asan_blacklist b/asan_blacklist deleted file mode 100644 index 08933b31f1..0000000000 --- a/asan_blacklist +++ /dev/null @@ -1 +0,0 @@ -src:*ed25519* \ No newline at end of file diff --git a/asan_blacklist.in b/asan_blacklist.in new file mode 100644 index 0000000000..66aae5f511 --- /dev/null +++ b/asan_blacklist.in @@ -0,0 +1,5 @@ +src:${BOOST_ROOT}/* +src:${PROJECT_SOURCE_DIR}/crypto/* +src:${PROJECT_SOURCE_DIR}/diskhash/* +src:${PROJECT_SOURCE_DIR}/lmdb/* +src:${PROJECT_SOURCE_DIR}/rocksdb/* diff --git a/nano/lib/CMakeLists.txt b/nano/lib/CMakeLists.txt index d1e5ee8b45..11fc77c2c8 100644 --- a/nano/lib/CMakeLists.txt +++ b/nano/lib/CMakeLists.txt @@ -19,6 +19,7 @@ endif() add_library( nano_lib ${platform_sources} + asan_warnings.hpp asio.hpp asio.cpp blockbuilders.hpp @@ -75,7 +76,6 @@ add_library( tlsconfig.cpp tomlconfig.hpp tomlconfig.cpp - ubsan_warnings.hpp utility.hpp utility.cpp walletconfig.hpp diff --git a/nano/lib/asan_warnings.hpp b/nano/lib/asan_warnings.hpp new file mode 100644 index 0000000000..e588443841 --- /dev/null +++ b/nano/lib/asan_warnings.hpp @@ -0,0 +1,9 @@ +#if defined(__clang__) +#if defined(__has_feature) +#if __has_feature(address_sanitizer) +#define ATTRIBUTE_NO_SANITIZE_UINT_OVERFLOW __attribute__ ((no_sanitize ("unsigned-integer-overflow"))) +#endif +#endif +#else +#define ATTRIBUTE_NO_SANITIZE_UINT_OVERFLOW +#endif \ No newline at end of file diff --git a/nano/lib/numbers.hpp b/nano/lib/numbers.hpp index ba4144b898..111d40eb2d 100644 --- a/nano/lib/numbers.hpp +++ b/nano/lib/numbers.hpp @@ -1,6 +1,6 @@ #pragma once -#include +#include #include @@ -276,7 +276,7 @@ namespace std template <> struct hash<::nano::uint256_union> { - ATTRIBUTE_NO_SANITIZE_ADDRESS + ATTRIBUTE_NO_SANITIZE_UINT_OVERFLOW size_t operator() (::nano::uint256_union const & data_a) const { return data_a.qwords[0] + data_a.qwords[1] + data_a.qwords[2] + data_a.qwords[3]; diff --git a/nano/lib/ubsan_warnings.hpp b/nano/lib/ubsan_warnings.hpp deleted file mode 100644 index c98af95964..0000000000 --- a/nano/lib/ubsan_warnings.hpp +++ /dev/null @@ -1,5 +0,0 @@ -#if defined(__clang__) || defined (__GNUC__) -# define ATTRIBUTE_NO_SANITIZE_ADDRESS __attribute__((no_sanitize_address)) -#else -# define ATTRIBUTE_NO_SANITIZE_ADDRESS -#endif \ No newline at end of file diff --git a/nano/node/xorshift.hpp b/nano/node/xorshift.hpp index a3c667af2f..843b132a38 100644 --- a/nano/node/xorshift.hpp +++ b/nano/node/xorshift.hpp @@ -1,6 +1,6 @@ #pragma once -#include +#include #include @@ -12,7 +12,7 @@ class xorshift1024star final std::array s; unsigned p{ 0 }; - ATTRIBUTE_NO_SANITIZE_ADDRESS + ATTRIBUTE_NO_SANITIZE_UINT_OVERFLOW uint64_t next () { auto p_l (p); From b8b9fa0723eb44ebe1d9f1833e91acf8ea13463f Mon Sep 17 00:00:00 2001 From: Cathal Tummon Date: Mon, 20 Jun 2022 22:28:30 +0200 Subject: [PATCH 06/10] Add new line EOF --- nano/lib/asan_warnings.hpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nano/lib/asan_warnings.hpp b/nano/lib/asan_warnings.hpp index e588443841..763ace8019 100644 --- a/nano/lib/asan_warnings.hpp +++ b/nano/lib/asan_warnings.hpp @@ -6,4 +6,4 @@ #endif #else #define ATTRIBUTE_NO_SANITIZE_UINT_OVERFLOW -#endif \ No newline at end of file +#endif From 4c4999b98124fcd5a409ee79a12f83588775468d Mon Sep 17 00:00:00 2001 From: Cathal Tummon Date: Mon, 20 Jun 2022 22:54:49 +0200 Subject: [PATCH 07/10] Use asan_blacklist for ASAN/ASAN_INT, GCC+Clang --- CMakeLists.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 9562ff0f49..4a1f47d456 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -247,12 +247,10 @@ else() endif() if(${USING_ASAN} OR ${USING_ASAN_INT}) + configure_file(asan_blacklist.in asan_blacklist) if(${USING_ASAN_INT}) if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") - configure_file(asan_blacklist.in asan_blacklist) add_compile_options(-fsanitize=address,undefined,integer) - add_compile_options( - "-fsanitize-blacklist=${CMAKE_BINARY_DIR}/asan_blacklist") else() message(WARNING "ASAN_INT is only supported with clang, defaulting to ASAN") add_compile_options(-fsanitize=address,undefined) @@ -260,6 +258,8 @@ else() else() add_compile_options(-fsanitize=address,undefined) endif() + add_compile_options( + "-fsanitize-blacklist=${CMAKE_BINARY_DIR}/asan_blacklist") add_definitions(-DED25519_NO_INLINE_ASM) add_definitions(-DROCKSDB_UBSAN_RUN) elseif(${USING_TSAN}) From 462e55900490ec3575baa6bf1de460177f9705f8 Mon Sep 17 00:00:00 2001 From: Cathal Tummon Date: Mon, 20 Jun 2022 23:45:12 +0200 Subject: [PATCH 08/10] Format + Linker flag --- CMakeLists.txt | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 4a1f47d456..86f267f5b7 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -251,15 +251,16 @@ else() if(${USING_ASAN_INT}) if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") add_compile_options(-fsanitize=address,undefined,integer) + add_compile_options( + "-fsanitize-blacklist=${CMAKE_BINARY_DIR}/asan_blacklist") else() - message(WARNING "ASAN_INT is only supported with clang, defaulting to ASAN") + message( + WARNING "ASAN_INT is only supported with clang, defaulting to ASAN") add_compile_options(-fsanitize=address,undefined) endif() else() add_compile_options(-fsanitize=address,undefined) endif() - add_compile_options( - "-fsanitize-blacklist=${CMAKE_BINARY_DIR}/asan_blacklist") add_definitions(-DED25519_NO_INLINE_ASM) add_definitions(-DROCKSDB_UBSAN_RUN) elseif(${USING_TSAN}) @@ -333,8 +334,13 @@ else() endif() if(${USING_ASAN_INT}) - set(PLATFORM_LINK_FLAGS - "${PLATFORM_LINK_FLAGS} -fsanitize=address,undefined,integer") + if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") + set(PLATFORM_LINK_FLAGS + "${PLATFORM_LINK_FLAGS} -fsanitize=address,undefined,integer") + else() + set(PLATFORM_LINK_FLAGS + "${PLATFORM_LINK_FLAGS} -fsanitize=address,undefined") + endif() elseif(${USING_ASAN}) set(PLATFORM_LINK_FLAGS "${PLATFORM_LINK_FLAGS} -fsanitize=address,undefined") From 12339f922efd8649679bc1248fc00d363948a921 Mon Sep 17 00:00:00 2001 From: Cathal Tummon Date: Mon, 20 Jun 2022 23:59:22 +0200 Subject: [PATCH 09/10] Tidy up CMakeLists --- CMakeLists.txt | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 86f267f5b7..cbb6d64663 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -247,12 +247,16 @@ else() endif() if(${USING_ASAN} OR ${USING_ASAN_INT}) - configure_file(asan_blacklist.in asan_blacklist) + + if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") + configure_file(asan_blacklist.in asan_blacklist) + add_compile_options( + "-fsanitize-blacklist=${CMAKE_BINARY_DIR}/asan_blacklist") + endif() + if(${USING_ASAN_INT}) if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") add_compile_options(-fsanitize=address,undefined,integer) - add_compile_options( - "-fsanitize-blacklist=${CMAKE_BINARY_DIR}/asan_blacklist") else() message( WARNING "ASAN_INT is only supported with clang, defaulting to ASAN") @@ -261,6 +265,7 @@ else() else() add_compile_options(-fsanitize=address,undefined) endif() + add_definitions(-DED25519_NO_INLINE_ASM) add_definitions(-DROCKSDB_UBSAN_RUN) elseif(${USING_TSAN}) From 3b4b6a4fa121040f3811f2af12f3f5b800bcd0ab Mon Sep 17 00:00:00 2001 From: Cathal Tummon Date: Tue, 21 Jun 2022 10:11:39 +0200 Subject: [PATCH 10/10] Run cmake-format, add missing #defines --- CMakeLists.txt | 2 +- nano/lib/asan_warnings.hpp | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index cbb6d64663..e9eb8792c8 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -265,7 +265,7 @@ else() else() add_compile_options(-fsanitize=address,undefined) endif() - + add_definitions(-DED25519_NO_INLINE_ASM) add_definitions(-DROCKSDB_UBSAN_RUN) elseif(${USING_TSAN}) diff --git a/nano/lib/asan_warnings.hpp b/nano/lib/asan_warnings.hpp index 763ace8019..1e9ae054b5 100644 --- a/nano/lib/asan_warnings.hpp +++ b/nano/lib/asan_warnings.hpp @@ -2,7 +2,11 @@ #if defined(__has_feature) #if __has_feature(address_sanitizer) #define ATTRIBUTE_NO_SANITIZE_UINT_OVERFLOW __attribute__ ((no_sanitize ("unsigned-integer-overflow"))) +#else +#define ATTRIBUTE_NO_SANITIZE_UINT_OVERFLOW #endif +#else +#define ATTRIBUTE_NO_SANITIZE_UINT_OVERFLOW #endif #else #define ATTRIBUTE_NO_SANITIZE_UINT_OVERFLOW