common/lib/libc/stdlib/random.c:482:6 can result in signed integer overflow.
This bug was reported by UBSan runs.
The change has been tested using the following program to generate random numbers
in both the old and the new library and can be used to verify the correctness of the
library after the change.
#include <stdio.h>
#include <stdlib.h>
#define COUNT 1000 * 1000
int
main(void)
{
int i;
FILE *fp = fopen("numbers.txt", "w");
srandom(0xdeadbeef);
for(i = 0; i < COUNT; i++) {
fprintf(fp, "%ld\n", random());
}
fclose(fp);
return 0;
}
Reviewed by: riastradh@ , kamil@
Instead of implicid promotion to signed int,
explicitly cast the arguments to unsigned int.
_rand48.c:53:27, signed integer overflow:
58989 * 58970 cannot be represented in type 'int'
_rand48.c:53:38, signed integer overflow:
-2093025904 + -1496809120 cannot be represented in type 'int'
_rand48.c:53:57, signed integer overflow:
57068 * 42787 cannot be represented in type 'int'
New and old code produce the same code as tested with:
#include <stdio.h>
#include <stdlib.h>
#define COUNT 1000 * 1000
int
main(void)
{
FILE *fp;
int i;
fp = fopen("numbers.txt", "w+");
if (!fp)
abort();
for(i = 0; i < COUNT; i++) {
fprintf(fp, "%f\n", drand48());
fprintf(fp, "%ld\n", lrand48());
fprintf(fp, "%ld\n", mrand48());
}
fclose(fp);
return 0;
}
boot.c:150:29, left shift of 255 by 24 places cannot be represented in type 'int'
boot.c:153:29, left shift of 255 by 24 places cannot be represented in type 'int'
Until we get ZFS integrated into our boot loader, this is the next best
thing. The idea is simple - have a small FFS partition with a kernel,
modules and this ramdisk. Once the ramdisk boots it will mount the FFS
partition read only, copy the needed ZFS modules to the ramdisk and then
unmount the partition. Then we import the ZFS root pool, mount the
ZFS root filesystem and then pivot to it.
Because the initial FFS partition is not mounted at this point, we
can mount it in /altroot so we can replace the kernel and modules with
newer ones so it's easily maintainable.
This ZFS boot strapper currently makes the following assumptions:
* The device NAME=boot is the FFS with kernel, modules and this ramdisk.
* The ZFS root pool and root filesystem are called rpool/ROOT.
A boot.cfg menu entry can then be added like so:
menu=Boot ZFS root:fs /ramdisk-zfsroot.fs;boot
false positive with kMSan.
Here, LLVM reorders the conditions and checks 'vattr' before 'error'. But
if 'error' is non-zero then 'vattr' is not initialized, and kMSan notices
the uninitialized memory read.
to the number of channels supported by the hardware or less, if the hardware
supports multi channels.
- On monaural or stereo hardware, userland apps can always set 1ch or 2ch.
The kernel (audio layer) can convert mono-stereo each other.
- On 3ch (2.1ch) hardware, for example, userland apps can set 1, 2, or 3ch,
but not 4ch or more.
This allows userland apps to know actual number of channels supported by
the hardware in the same way as before.
PR kern/54973.
t_modctl.c:114:16, member access within misaligned address 0x71bf5bcede84
for type 'struct modstat_t'
t_modctl.c:116:13, load of misaligned address 0x7e81bc3c9104 for type
'struct modstat_t' which requires 8 byte alignment
t_builtin.c:174:16, member access within misaligned address 0x741271c25004
for type 'struct modstat_t'
t_builtin.c:175:4, member access within misaligned address 0x741271c251c4
for type 'struct modstat_t'
hash_page.c:792:2, left shift of 1 by 31 places cannot be represented in type 'int'
hash_page.c:855:2, left shift of 1 by 31 places cannot be represented in type 'int'
hash_page.c:779:3, left shift of 1 by 31 places cannot be represented in type 'int'
