[Insight-developers] Undefined Behavior and clang

Sean McBride sean at rogue-research.com
Thu Aug 11 12:02:07 EDT 2011 

Bradley, and all,

My clang dashboard is now building with no errors or warnings (thanks to all).  But many many tests are failing due to a clang bug (probably).  Since this is the case, I've gone ahead and enabled these two flags:

-fcatch-undefined-behavior -ftrapv

they catch undefined behaviour (like overflowing signed ints) and cause a crash.  In cdash, this shows up as an "ILLEGAL"-type failure, and there are several today after I enabled the flag:

<http://www.cdash.org/CDash/viewTest.php?onlyfailed&buildid=1419913>

I tried itkSampleClassifierFilterTest4 is gdb, and indeed undefined behaviour is invoked:

Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/operand.
itk::Statistics::NormalVariateGenerator::FastNorm (this=0x102aba630) at /Users/builder/kitware/ITK/Modules/Numerics/Statistics/src/itkNormalVariateGenerator.cxx:328
328	  m_Lseed = 69069 * m_Lseed + 33331;

(gdb) bt
#0  itk::Statistics::NormalVariateGenerator::FastNorm (this=0x102aba630) at /Users/builder/kitware/ITK/Modules/Numerics/Statistics/src/itkNormalVariateGenerator.cxx:328
#1  0x0000000100453c7f in itk::Statistics::NormalVariateGenerator::GetVariate (this=0x102aba630) at /Users/builder/kitware/ITK/Modules/Numerics/Statistics/src/itkNormalVariateGenerator.cxx:111
#2  0x000000010027a2f9 in itkSampleClassifierFilterTest4 () at /Users/builder/kitware/ITK/Modules/Segmentation/Classifiers/test/itkSampleClassifierFilterTest4.cxx:78
#3  0x0000000100031b48 in main (ac=1, av=0x7fff5fbff6c0) at /Users/builder/kitware/ITK-clang-dbg-x86_64-static/Modules/Segmentation/Classifiers/test/ITKClassifiersTestDriver.cxx:207

(gdb) list
323	nextpair:
324	  m_Lseed = 69069 * m_Lseed + 33331;
325	  m_Irs = ( m_Irs <= 0 ) ? ( ( m_Irs << 1 ) ^ 333556017 ) : ( m_Irs << 1 );
326	  r = m_Irs + m_Lseed;
327	  tx = m_Rcons * r;
328	  m_Lseed = 69069 * m_Lseed + 33331;
329	  m_Irs = ( m_Irs <= 0 ) ? ( ( m_Irs << 1 ) ^ 333556017 ) : ( m_Irs << 1 );
330	  r = m_Irs + m_Lseed;
331	  ty = m_Rcons * r;
332	  tr = tx * tx + ty * ty;

(gdb) p m_Lseed
$1 = 7009300

m_Lseed is declared as an 'int' (which on my platform is 32 bit).  69069 * 7009300 overflows a 32 bit signed int and is therefore undefined behaviour, where the compiler is free to generate any code it wants (in this case, a crash).

I'm going to leave these flags on because they don't really generate any noise since so many tests are already failing.  So far, I have yet to see this tool generate any false positives, and so these failures should be investigated (by anyone who has the time and inclination, which, at this moment, is not me. :()

Cheers,

Sean


On Tue, 2 Aug 2011 10:25:56 -0400, Bradley Lowekamp said:

>I found the articles you linked to on the VXL dev list regarding 
>undefined behavior very interesting:
>
>
>On Jul 29, 2011, at 4:34 PM, Sean McBride wrote:
>
>> Hi all,
>> 
>> I recently read this 3 part blog article by the architect of llvm/
>clang, which I highly recommend:
>> 
>> <http://blog.llvm.org/2011/05/what-every-c-programmer-should-know.html>
>> <http://blog.llvm.org/2011/05/what-every-c-programmer-should-know_14.html>
>> <http://blog.llvm.org/2011/05/what-every-c-programmer-should-know_21.html>

More information about the Insight-developers mailing list