[3.10] bpo-46913: Fix test_ctypes, test_hashlib, test_faulthandler on UBSan (GH-31675)
* bpo-46913: Fix test_faulthandler.test_sigfpe() on UBSAN (GH-31662)
Disable undefined behavior sanitizer (UBSAN) on
faulthandler_sigfpe().
(cherry picked from commit 4173d677a1d7c72bb32d292fbff1b4cf073d615c)
* bpo-46913: Fix test_faulthandler.test_read_null() on UBSan (GH31672)
Disable undefined behavior sanitizer (UBSan) on
faulthandler._read_null().
(cherry picked from commit 65b92ccdec2ee4a99e54aaf7ae2d9bbc2ebfe549)
* bpo-46913: test_hashlib skips _sha3 tests on UBSan (GH-31673)
If Python is built with UBSan, test_hashlib skips tests on the _sha3
extension which currently has undefined behaviors.
This change allows to run test_hashlib to check for new UBSan regression,
but the known _sha3 undefined behavior must be fixed.
(cherry picked from commit 6d0d7d2b8c1e04fd51c6cb29cc09a41b60b97b7b)
* bpo-46913: Skip test_ctypes.test_shorts() on UBSan (GH-31674)
If Python is built with UBSan, test_ctypes now skips test_shorts().
This change allows to run test_ctypes to check for new UBSan regression,
but the known test_shorts() undefined behavior must be fixed.
(cherry picked from commit ad1b04451d3aca2c6fa6dbe2891676a4e0baac49)
diff --git a/Lib/ctypes/test/test_bitfields.py b/Lib/ctypes/test/test_bitfields.py
index 992b8c4..66acd62 100644
--- a/Lib/ctypes/test/test_bitfields.py
+++ b/Lib/ctypes/test/test_bitfields.py
@@ -1,5 +1,6 @@
from ctypes import *
from ctypes.test import need_symbol
+from test import support
import unittest
import os
@@ -39,6 +40,8 @@ def test_ints(self):
setattr(b, name, i)
self.assertEqual(getattr(b, name), func(byref(b), name.encode('ascii')))
+ # bpo-46913: _ctypes/cfield.c h_get() has an undefined behavior
+ @support.skip_if_sanitizer(ub=True)
def test_shorts(self):
b = BITS()
name = "M"
diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py
index 110eb48..ea31f8b 100644
--- a/Lib/test/test_hashlib.py
+++ b/Lib/test/test_hashlib.py
@@ -64,6 +64,10 @@ def get_fips_mode():
requires_blake2 = unittest.skipUnless(_blake2, 'requires _blake2')
+# bpo-46913: Don't test the _sha3 extension on a Python UBSAN build
+SKIP_SHA3 = support.check_sanitizer(ub=True)
+requires_sha3 = unittest.skipUnless(not SKIP_SHA3, 'requires _sha3')
+
def hexstr(s):
assert isinstance(s, bytes), repr(s)
@@ -125,6 +129,8 @@ def __init__(self, *args, **kwargs):
self.constructors_to_test = {}
for algorithm in algorithms:
+ if SKIP_SHA3 and algorithm.startswith('sha3_'):
+ continue
self.constructors_to_test[algorithm] = set()
# For each algorithm, test the direct constructor and the use
@@ -177,14 +183,15 @@ def add_builtin_constructor(name):
add_builtin_constructor('blake2s')
add_builtin_constructor('blake2b')
- _sha3 = self._conditional_import_module('_sha3')
- if _sha3:
- add_builtin_constructor('sha3_224')
- add_builtin_constructor('sha3_256')
- add_builtin_constructor('sha3_384')
- add_builtin_constructor('sha3_512')
- add_builtin_constructor('shake_128')
- add_builtin_constructor('shake_256')
+ if not SKIP_SHA3:
+ _sha3 = self._conditional_import_module('_sha3')
+ if _sha3:
+ add_builtin_constructor('sha3_224')
+ add_builtin_constructor('sha3_256')
+ add_builtin_constructor('sha3_384')
+ add_builtin_constructor('sha3_512')
+ add_builtin_constructor('shake_128')
+ add_builtin_constructor('shake_256')
super(HashLibTestCase, self).__init__(*args, **kwargs)
@@ -383,6 +390,7 @@ def test_no_unicode_blake2(self):
self.check_no_unicode('blake2b')
self.check_no_unicode('blake2s')
+ @requires_sha3
def test_no_unicode_sha3(self):
self.check_no_unicode('sha3_224')
self.check_no_unicode('sha3_256')
@@ -418,6 +426,7 @@ def test_blocksize_name(self):
self.check_blocksize_name('sha384', 128, 48)
self.check_blocksize_name('sha512', 128, 64)
+ @requires_sha3
def test_blocksize_name_sha3(self):
self.check_blocksize_name('sha3_224', 144, 28)
self.check_blocksize_name('sha3_256', 136, 32)
@@ -438,6 +447,7 @@ def check_sha3(self, name, capacity, rate, suffix):
self.assertEqual(m._rate_bits, rate)
self.assertEqual(m._suffix, suffix)
+ @requires_sha3
def test_extra_sha3(self):
self.check_sha3('sha3_224', 448, 1152, b'\x06')
self.check_sha3('sha3_256', 512, 1088, b'\x06')
@@ -777,36 +787,44 @@ def test_blake2s_vectors(self):
key = bytes.fromhex(key)
self.check('blake2s', msg, md, key=key)
+ @requires_sha3
def test_case_sha3_224_0(self):
self.check('sha3_224', b"",
"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7")
+ @requires_sha3
def test_case_sha3_224_vector(self):
for msg, md in read_vectors('sha3_224'):
self.check('sha3_224', msg, md)
+ @requires_sha3
def test_case_sha3_256_0(self):
self.check('sha3_256', b"",
"a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a")
+ @requires_sha3
def test_case_sha3_256_vector(self):
for msg, md in read_vectors('sha3_256'):
self.check('sha3_256', msg, md)
+ @requires_sha3
def test_case_sha3_384_0(self):
self.check('sha3_384', b"",
"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2a"+
"c3713831264adb47fb6bd1e058d5f004")
+ @requires_sha3
def test_case_sha3_384_vector(self):
for msg, md in read_vectors('sha3_384'):
self.check('sha3_384', msg, md)
+ @requires_sha3
def test_case_sha3_512_0(self):
self.check('sha3_512', b"",
"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a6"+
"15b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26")
+ @requires_sha3
def test_case_sha3_512_vector(self):
for msg, md in read_vectors('sha3_512'):
self.check('sha3_512', msg, md)
diff --git a/Misc/NEWS.d/next/Tests/2022-03-03-17-36-24.bpo-46913.vxETIE.rst b/Misc/NEWS.d/next/Tests/2022-03-03-17-36-24.bpo-46913.vxETIE.rst
new file mode 100644
index 0000000..65fed1c
--- /dev/null
+++ b/Misc/NEWS.d/next/Tests/2022-03-03-17-36-24.bpo-46913.vxETIE.rst
@@ -0,0 +1,3 @@
+Fix test_faulthandler.test_sigfpe() if Python is built with undefined
+behavior sanitizer (UBSAN): disable UBSAN on the faulthandler_sigfpe()
+function. Patch by Victor Stinner.
diff --git a/Modules/faulthandler.c b/Modules/faulthandler.c
index 350f4cf..e03f6d9 100644
--- a/Modules/faulthandler.c
+++ b/Modules/faulthandler.c
@@ -29,6 +29,23 @@
#define PUTS(fd, str) _Py_write_noraise(fd, str, strlen(str))
+
+// clang uses __attribute__((no_sanitize("undefined")))
+// GCC 4.9+ uses __attribute__((no_sanitize_undefined))
+#if defined(__has_feature) // Clang
+# if __has_feature(undefined_behavior_sanitizer)
+# define _Py_NO_SANITIZE_UNDEFINED __attribute__((no_sanitize("undefined")))
+# endif
+#endif
+#if defined(__GNUC__) \
+ && ((__GNUC__ >= 5) || (__GNUC__ == 4) && (__GNUC_MINOR__ >= 9))
+# define _Py_NO_SANITIZE_UNDEFINED __attribute__((no_sanitize_undefined))
+#endif
+#ifndef _Py_NO_SANITIZE_UNDEFINED
+# define _Py_NO_SANITIZE_UNDEFINED
+#endif
+
+
_Py_IDENTIFIER(enable);
_Py_IDENTIFIER(fileno);
_Py_IDENTIFIER(flush);
@@ -1014,7 +1031,7 @@ faulthandler_suppress_crash_report(void)
#endif
}
-static PyObject *
+static PyObject* _Py_NO_SANITIZE_UNDEFINED
faulthandler_read_null(PyObject *self, PyObject *args)
{
volatile int *x;
@@ -1103,17 +1120,20 @@ faulthandler_fatal_error_c_thread(PyObject *self, PyObject *args)
Py_RETURN_NONE;
}
-static PyObject *
+static PyObject* _Py_NO_SANITIZE_UNDEFINED
faulthandler_sigfpe(PyObject *self, PyObject *args)
{
+ faulthandler_suppress_crash_report();
+
/* Do an integer division by zero: raise a SIGFPE on Intel CPU, but not on
PowerPC. Use volatile to disable compile-time optimizations. */
volatile int x = 1, y = 0, z;
- faulthandler_suppress_crash_report();
z = x / y;
+
/* If the division by zero didn't raise a SIGFPE (e.g. on PowerPC),
raise it manually. */
raise(SIGFPE);
+
/* This line is never reached, but we pretend to make something with z
to silence a compiler warning. */
return PyLong_FromLong(z);