内容简介:It appears that the clang-11.0.0 compiler mis-compiles sqlite3.c version 3.32.1. I havechecked in a change to SQLite that appears to work around the problem. But there might be other bugs. Therefore, use clang-11.0.0 with caution and test your applicatio
It appears that the clang-11.0.0 compiler mis-compiles sqlite3.c version 3.32.1. I havechecked in a change to SQLite that appears to work around the problem. But there might be other bugs. Therefore, use clang-11.0.0 with caution and test your applications carefully!
Details:
OSSFuzz has been reported bug 23003 against SQLite. I could not reproduce the problem on my desktop (Ubuntu with gcc-5.4.0) so I followed the OSSFuzz bug replication procedures and discovered what appears to be a problem with Clang-11.0.0 currently used by OSSFuzz.
The code that is miscompiled is lines 345-347 of the src/utf.c source file , shown below:
c = pMem->flags;
sqlite3VdbeMemRelease(pMem);
pMem->flags = MEM_Str|MEM_Term|(c&(MEM_AffMask|MEM_Subtype));
From the -S output, it looks like Clang-11.0.0 is compiling these three lines as if there were written as:
sqlite3VdbeMemRelease(pMem);
pMem->flags = MEM_Str|MEM_Term|(pMem->flags&(MEM_AffMask|MEM_Subtype));
In other words, Clang seems to be assuming that the sqlite3VdbeMemRelease() function does not change the value of pMem->flags. But it does. My work-around is to do the bit-twiddling of pMem->flags before the function call instead of afterwards:
c = MEM_Str|MEM_Term|(pMem->flags&(MEM_AffMask|MEM_Subtype));
sqlite3VdbeMemRelease(pMem);
pMem->flags = c;
Compiler Version And Build Details:
OSSFuzz reports the compiler used as:
clang version 11.0.0 (https://github.com/llvm/llvm-project.git a6ae333a0c23fc9b0783ca45e2676abac00c6723)
Target: x86_64-unknown-linux-gnu
Thread model: posix
The build script compiles SQLite thusly:
clang -O1 -fno-omit-frame-pointer -gline-tables-only -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-address-use-after-scope -fsanitize=fuzzer-no-link -DSQLITE_MAX_LENGTH=128000000 -DSQLITE_MAX_SQL_LENGTH=128000000 -DSQLITE_MAX_MEMORY=25000000 -DSQLITE_PRINTF_PRECISION_LIMIT=1048576 -DSQLITE_DEBUG=1 -DSQLITE_MAX_PAGE_COUNT=16384 -O1 -g -I. -c -O1 -g ./sqlite3.c -o sqlite3.o
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
数学之美 (第二版)
吴军 / 人民邮电出版社 / 2014-11 / 49.00元
几年前,“数学之美”系列文章原刊载于谷歌黑板报,获得上百万次点击,得到读者高度评价。读者说,读了“数学之美”,才发现大学时学的数学知识,比如马尔可夫链、矩阵计算,甚至余弦函数原来都如此亲切,并且栩栩如生,才发现自然语言和信息处理这么有趣。 在纸本书的创作中,作者吴军博士几乎把所有文章都重写了一遍,为的是把高深的数学原理讲得更加通俗易懂,让非专业读者也能领略数学的魅力。读者通过具体的例子学到的......一起来看看 《数学之美 (第二版)》 这本书的介绍吧!
