-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Assertion `(U)bits < (int)safeint_internal::int_traits< T >::bitCount' failed. #1829
Comments
The issue here is that we do not cleanly reject shifts beyond the width of an integer; instead this might be rejected by an assertion in SafeInt when building in debug mode. We should reject this cleanly for all build types at runtime via an exception. All these cases are expected to fail: print uint8(0)<<8;
print uint16(0)<<16;
print uint32(0)<<32;
print uint64(0)<<64;
print int8(0)<<8;
print int16(0)<<16;
print int32(0)<<32;
print int64(0)<<64; Even though there is deliberate handling for undefined shifts in SafeInt I filed dcleblanc/SafeInt#63 to see whether they could be convinced to switch to a throwing versions. |
If the shift is by a I'm still wondering if |
Yeah, for one there are no automatic coercions from |
Upstream has a PR open to move unsafe bitfshifts from assertion to exception. If this lands soon a bump would fix our issue (would still be good to add some tests); if it does not we could hook into the existing mechanism, see here. I haven't audited which other places invoke |
Do we know if SafeInt is going to merge this? |
I pinged upstream on whether they could merge their fix. I also tried to customize |
Running the following code through
spicyc -d -j
triggers an assertion. Haven't looked further, but seems the expression should fit 64bit, or a reasonable RuntimeError raised.Without
-d
, it printssaslLen, 87
which seems to indicate onlyrem[2]
is taken into account? The other uint8 values are all shifted to 0? Is this something one needs to worry about, or should shifting promote they type? A better result comes with:This was found while fuzzing Zeek's LDAP analyzer locally. It employs such a shift here:
Zeek's fuzzers are build with
assert()
enabled.The text was updated successfully, but these errors were encountered: