qemu: fix UBSAN errors in tcg and arm translation #1907

StalkR · 2023-11-14T09:25:35Z

follow-up to #1904 to target dev branch instead of master

For the fix in tcp-op.h:

SanitizerError
UndefinedBehaviorSanitizer: out-of-bounds-index unicorn/qemu/include/tcg/tcg-op.h:49:9 in

Details unicorn/qemu/include/tcg/tcg-op.h:49:9: runtime error: index 66 out of bounds for type 'int[17]'
    #0 0x7f0637b2656d in gen_uc_tracecode unicorn/qemu/include/tcg/tcg-op.h:49:9
    #1 0x7f0637b98b72 in thumb_tr_translate_insn unicorn/qemu/target/arm/translate.c
    #2 0x7f0637adef12 in translator_loop_arm unicorn/qemu/accel/tcg/translator.c:124:9
    #3 0x7f0637b21df6 in gen_intermediate_code_arm unicorn/qemu/target/arm/translate.c:11775:5
    #4 0x7f0637adc01b in tb_gen_code_arm unicorn/qemu/accel/tcg/translate-all.c:1636:5
    #5 0x7f0637ac3dbc in tb_find unicorn/qemu/accel/tcg/cpu-exec.c:259:14
    #6 0x7f0637ac3dbc in cpu_exec_arm unicorn/qemu/accel/tcg/cpu-exec.c:600:18
    #7 0x7f0637a72c5c in tcg_cpu_exec unicorn/qemu/softmmu/cpus.c:96:17
    #8 0x7f0637a72c5c in resume_all_vcpus_arm unicorn/qemu/softmmu/cpus.c:215:13
    #9 0x7f0637a72f98 in vm_start_arm unicorn/qemu/softmmu/cpus.c:234:5
    #10 0x7f0638903426 in uc_emu_start unicorn/uc.c:880:5

For the fix in arm/translate.c:

SanitizerError
UndefinedBehaviorSanitizer: signed-integer-overflow unicorn/qemu/target/arm/translate.c:7777:13

Details
unicorn/qemu/target/arm/translate.c:7777:13: runtime error: signed integer overflow: 255 * 16843009 cannot be represented in type 'int'
    #0 0x7fc28eda0389 in t32_expandimm_imm unicorn/qemu/target/arm/translate.c:7777:13
    #1 0x7fc28eda0389 in disas_t32_extract_s_rri_rot unicorn/qemu/target/arm/decode-t32.inc.c:845:14
    #2 0x7fc28ed9dbad in disas_t32 unicorn/qemu/target/arm/decode-t32.inc.c:1621:21
    #3 0x7fc28ed98cd0 in disas_thumb2_insn unicorn/qemu/target/arm/translate.c:11105:9
    #4 0x7fc28ed98cd0 in thumb_tr_translate_insn unicorn/qemu/target/arm/translate.c:11582:9
    #5 0x7fc28ecdef12 in translator_loop_arm unicorn/qemu/accel/tcg/translator.c:124:9
    #6 0x7fc28ed21df6 in gen_intermediate_code_arm unicorn/qemu/target/arm/translate.c:11775:5
    #7 0x7fc28ecdc01b in tb_gen_code_arm unicorn/qemu/accel/tcg/translate-all.c:1636:5
    #8 0x7fc28ecc3dbc in tb_find unicorn/qemu/accel/tcg/cpu-exec.c:259:14
    #9 0x7fc28ecc3dbc in cpu_exec_arm unicorn/qemu/accel/tcg/cpu-exec.c:600:18
    #10 0x7fc28ec72c5c in tcg_cpu_exec unicorn/qemu/softmmu/cpus.c:96:17
    #11 0x7fc28ec72c5c in resume_all_vcpus_arm unicorn/qemu/softmmu/cpus.c:215:13
    #12 0x7fc28ec72f98 in vm_start_arm unicorn/qemu/softmmu/cpus.c:234:5
    #13 0x7fc28faeb426 in uc_emu_start unicorn/uc.c:880:5

wtdcode · 2023-11-14T10:21:12Z

Cool, let's wait and see

wtdcode · 2023-11-14T13:16:59Z

Thanks and welcome!

qemu: fix UBSAN errors in tcg and arm translation

db63f2d

StalkR mentioned this pull request Nov 14, 2023

qemu: fix ASAN errors in tcg and arm translation #1904

Closed

wtdcode merged commit c0adcfb into unicorn-engine:dev Nov 14, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

qemu: fix UBSAN errors in tcg and arm translation #1907

qemu: fix UBSAN errors in tcg and arm translation #1907

StalkR commented Nov 14, 2023

wtdcode commented Nov 14, 2023

wtdcode commented Nov 14, 2023

qemu: fix UBSAN errors in tcg and arm translation #1907

qemu: fix UBSAN errors in tcg and arm translation #1907

Conversation

StalkR commented Nov 14, 2023

wtdcode commented Nov 14, 2023

wtdcode commented Nov 14, 2023