Undefined behavior

Discussion of chess software programming and technical issues.

Moderators: hgm, Harvey Williamson, bob

Forum rules
This textbox is used to restore diagrams posted with the [d] tag before the upgrade.
User avatar
hgm
Posts: 23385
Joined: Fri Mar 10, 2006 9:06 am
Location: Amsterdam
Full name: H G Muller
Contact:

Undefined behavior

Post by hgm » Fri May 27, 2016 6:56 am

I have been using the MinGW compiler recently, because my virus scanner removed Cygwin from my machine. And I am running into a curious warning:

Code: Select all

C:\cygwin\home\egtb>gcc -O2 4menXQ.c -o XQ.exe
4menXQ.c: In function 'InitXQ':
4menXQ.c:177:37: warning: iteration 45u invokes undefined behavior [-Waggressive
-loop-optimizations]
   for&#40;i=0; i<=BSIZE; i++) sqrNr&#91;Ox88&#91;i&#93;&#93; = i;
                                     ^
4menXQ.c&#58;177&#58;3&#58; note&#58; containing loop
   for&#40;i=0; i<=BSIZE; i++) sqrNr&#91;Ox88&#91;i&#93;&#93; = i;
   ^
Can I safely ignore that, or is it something where a malicious compiler now can feel justified to slip in code to format my hard disk?

mar
Posts: 1981
Joined: Fri Nov 26, 2010 1:00 pm
Location: Czech Republic
Full name: Martin Sedlak

Re: Undefined behavior

Post by mar » Fri May 27, 2016 7:32 am

Code: Select all

for&#40;i=0; i<=BSIZE; i++) sqrNr&#91;Ox88&#91;i&#93;&#93; = i;
Hard to say without context. BSIZE is probably a constant and
Ox88 is a LUT and sqNr probably as well (but bounds/types?).
Or maybe a minimum working example?
Can I safely ignore that, or is it something where a malicious compiler now can feel justified to slip in code to format my hard disk?
I very much doubt this is the case :) Most likely your AV just got a false positive.

User avatar
hgm
Posts: 23385
Joined: Fri Mar 10, 2006 9:06 am
Location: Amsterdam
Full name: H G Muller
Contact:

Re: Undefined behavior

Post by hgm » Fri May 27, 2016 9:52 am

Indeed, they are LUT to translate a contiguous range of square numbers (0 to BSIZE-1) to 0x88-style square numbering of a twice-as-wide board. For the patch I was making I also needed to do the reverse lookup.

This doesn't look as undefined behavior in terms of C semantics to me. So it must be a problem in the optimizer, that is might not have preserved the order of the iterations (which could lead to trouble if Ox88[] contained duplicats). I suppose that a compiler is not allowed to slip in malicious code if the undefined behavior is merely a consequence of its own decision to optimize.

BTW, the AV problem was not due to this code. It occurred on a program that opened a socket for listening. But I was testing it under Cygwin (because I was also compiling it there), so the AV did not only delete the .exe, but also many essential Cygwin components (such as the shell).

Joost Buijs
Posts: 904
Joined: Thu Jul 16, 2009 8:47 am
Location: Almere, The Netherlands

Re: Undefined behavior

Post by Joost Buijs » Fri May 27, 2016 10:05 am

hgm wrote:

Code: Select all

4menXQ.c&#58;177&#58;37&#58; warning&#58; iteration 45u invokes undefined behavior &#91;-Waggressive
-loop-optimizations&#93;
   for&#40;i=0; i<=BSIZE; i++) sqrNr&#91;Ox88&#91;i&#93;&#93; = i;
                                     ^
4menXQ.c&#58;177&#58;3&#58; note&#58; containing loop
   for&#40;i=0; i<=BSIZE; i++) sqrNr&#91;Ox88&#91;i&#93;&#93; = i;
   ^
It probably means that on iteration 45 you'll get an array bound violation, may be the number of elements of Ox88[] is 45?
How large is the constant BSIZE?

mar
Posts: 1981
Joined: Fri Nov 26, 2010 1:00 pm
Location: Czech Republic
Full name: Martin Sedlak

Re: Undefined behavior

Post by mar » Fri May 27, 2016 10:08 am

Just a guess: maybe some of the types is signed 8-bit type when it should be unsigned?
But that would mean the program wouldn't work at all, hmm. The compiler may be wrong with the warning as well.

Joost Buijs
Posts: 904
Joined: Thu Jul 16, 2009 8:47 am
Location: Almere, The Netherlands

Re: Undefined behavior

Post by Joost Buijs » Fri May 27, 2016 10:18 am

Most of the time the compilers are right though, at least it is something that you shouldn't ignore.

Strange AV, I've never had my AV remove anything that it shouldn't, and as a precaution I always have to confirm before it removes something.

User avatar
hgm
Posts: 23385
Joined: Fri Mar 10, 2006 9:06 am
Location: Amsterdam
Full name: H G Muller
Contact:

Re: Undefined behavior

Post by hgm » Fri May 27, 2016 10:27 am

Joost Buijs wrote:It probably means that on iteration 45 you'll get an array bound violation, may be the number of elements of Ox88[] is 45?
How large is the constant BSIZE?
Ah, that is what the 45u means!

Yes, you are right, BSIZE is 45. So the <= should have been <, as the square numbering starts at 0. A bit confusing that it doesn't simply say the array bounds are violated, when it apparently sees that they are.

Anyway, thanks!

Daniel Anulliero
Posts: 682
Joined: Fri Jan 04, 2013 3:55 pm
Location: Nice

Re: Undefined behavior

Post by Daniel Anulliero » Fri May 27, 2016 10:31 am

I had an "undefined behavior" with an array without éléments defined ( like for exemple : table [ ] )
But I don't know if it's the case here ...

mar
Posts: 1981
Joined: Fri Nov 26, 2010 1:00 pm
Location: Czech Republic
Full name: Martin Sedlak

Re: Undefined behavior

Post by mar » Fri May 27, 2016 12:01 pm

Joost Buijs wrote:Strange AV, I've never had my AV remove anything that it shouldn't, and as a precaution I always have to confirm before it removes something.
Yes you can always change this in the settings.

I used to work for an AV company and the problem is AV tests.
We for instance had bad score due to the fact that a guy pressed "ignore threat" instead of "protect me" button and counted it as a detection miss.
So first we hid the ignore button and later on we added silent automatic removal of stuff that was "confirmed malware" according to remote databases.

It's obvious that one has to do well in various comparative tests. That they're usually conducted by incompetent people is another story.

There are always some false positives so one has to balance between low amount of FPs and high detection ratio. Those two don't always go hand in hand.

Joost Buijs
Posts: 904
Joined: Thu Jul 16, 2009 8:47 am
Location: Almere, The Netherlands

Re: Undefined behavior

Post by Joost Buijs » Fri May 27, 2016 1:18 pm

hgm wrote: A bit confusing that it doesn't simply say the array bounds are violated, when it apparently sees that they are.
GCC has very mysterious and cryptic error messages sometimes.
That is why I prefer the Intel compiler over GCC.

Post Reply