Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unsafe math operations #4261

Open
angusluckmann opened this issue Apr 6, 2020 · 10 comments
Open

Unsafe math operations #4261

angusluckmann opened this issue Apr 6, 2020 · 10 comments
Assignees
@medvednikov
Labels
Bug This tag is applied to issues which reports bugs. OS: Android Bugs/feature requests, that are specific to Android OS. Security Bugs/feature requests, that are related to either vlib modules or the language as a whole. Status: Confirmed This bug has been confirmed to be valid by a contributor. Status: Needs More Info The issue author is expected to provide more information.

Comments

@angusluckmann
Copy link

angusluckmann commented Apr 6, 2020
edited
Loading

V version: 0.1.24
OS: Android 9, Termux (could have probably been any other)

What did you do?

fn add(num1 int, num2 int) int {
	return (num1   num2)
}

fn sub(num1 int, num2 int) int {
	return (num1 - num2)
}

fn mul(num1 int, num2 int) int {
	return (num1 * num2)
}

fn div(num1 int, num2 int) int {
	return (num1 / num2)
}

fn main() {
	// Define necessary constants
	max_possible_int32 := int(2147483647)
	min_possible_int32 := int(-2147483648)

	// Check direct addition
	println("========== DIRECT ADDITION TEST ==========")
	mut res := int(max_possible_int32   max_possible_int32)
	println(res)
	println("")

	// Check direct substraction
	println("========== DIRECT SUBSTRACTION TEST ==========")
	res = int(min_possible_int32 - max_possible_int32)
	println(res)
	println("")

	//Check direct multiplication
	println("========== DIRECT MULTIPLICATION TEST ==========")
	res = int(max_possible_int32 * max_possible_int32)
	println(res)
	println("")

	// Check indirect addition
	println("========== INDIRECT ADDITION TEST ==========")
	mut tmp := add(max_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check indirect substraction
	println("========== INDIRECT SUBSTRACTION TEST ==========")
	tmp = sub(min_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check indirect multiplication
	println("========== INDIRECT MULTIPLICATION TEST ==========")
	tmp = mul(max_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check direct division
	println("========== DIRECT DIVISION TEST ==========")
	mydiv := int(1/0)
	println(mydiv)
	println("")

	// Check indirect division
	println("========== INDIRECT DIVISION TEST ==========")
	mydiv := div(1,0)
	println(mydiv)
	println("")
}

What did you expect to see?
4 compiler errors/warnings and 4 runtime errors

What did you see instead?
1 compiler error (direct division test) and the program spitting out 7 wrong values to the screen.
(and a bunch of compiler warnings saying that "casting int to int is not needed")
@angusluckmann
Copy link
Author

Sorry if I created the issue the wrong way. I'm new to Github Issues :)

@danieldaeschle
Copy link
Member

try it with the new compiler v0.1.26 please!

@M4SSD35TRUCT10N M4SSD35TRUCT10N added Bug This tag is applied to issues which reports bugs. Security Bugs/feature requests, that are related to either vlib modules or the language as a whole. labels Apr 6, 2020
@M4SSD35TRUCT10N M4SSD35TRUCT10N added this to the Beta Release milestone Apr 6, 2020
@M4SSD35TRUCT10N M4SSD35TRUCT10N added Status: Confirmed This bug has been confirmed to be valid by a contributor. Status: Needs More Info The issue author is expected to provide more information. OS: Android Bugs/feature requests, that are specific to Android OS. labels Apr 6, 2020
@angusluckmann
Copy link
Author

angusluckmann commented Apr 7, 2020
edited
Loading

V version: 0.1.26 4e01bf4.78440be
Discoveries:
Now I get a weird C error on the division function (even if I don't call it).
And all the tests (even the direct division test) seem to run through.

More info:

I did a build through ...

git clone https://github.com/vlang/v
cd v
make

In that state I got the C error and an error on the direct division test.

Then I ran ...
v up
And after the update, the C error was still there, but the direct division test passed with a weird number (-973237312)

The version number mentioned above is the one after the v up command.

@angusluckmann
Copy link
Author

I obviously added the v command to path with ...
export PATH=$PWD:$PATH
... and checked the version correctness with ...
v --version

@danieldaeschle
Copy link
Member

thank you. the new error should be reproduceable.

can you paste the new error which you get?

@angusluckmann
Copy link
Author

Just for the record, I'm gonna repeat some of the information to some them up.
V version: V 0.1.26 4e01bf4.78440be
Source Code:

fn add(num1 int, num2 int) int {
	return (num1   num2)
}

fn sub(num1 int, num2 int) int {
	return (num1 - num2)
}

fn mul(num1 int, num2 int) int {
	return (num1 * num2)
}

fn div(num1 int, num2 int) int {
	return (num1 / num2)
}

fn main() {
	// Define necessary constants
	max_possible_int32 := int(2147483647)
	min_possible_int32 := int(-2147483648)

	// Check direct addition
	println("========== DITECT ADDITION TEST ==========")
	mut res := int(max_possible_int32   max_possible_int32)
	println(res)
	println("")

	// Check direct substraction
	println("========== DIRECT SUBSTRACTION TEST ==========")
	res = int(min_possible_int32 - max_possible_int32)
	println(res)
	println("")

	//Check direct multiplication
	println("========== DIRECT MULTIPLICATION TEST ==========")
	res = int(max_possible_int32 * max_possible_int32)
	println(res)
	println("")

	// Check indirect addition
	println("========== INDIRECT ADDITION TEST ==========")
	mut tmp := add(max_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check indirect substraction
	println("========== INDIRECT SUBSTRACTION TEST ==========")
	tmp = sub(min_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check indirect multiplication
	println("========== INDIRECT MULTIPLICATION TEST ==========")
	tmp = mul(max_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check direct division
	println("========== DIRECT DIVISION TEST ==========")
	mydiv := int(1/0)
	println(mydiv)
	println("")

	// Check indirect division
	println("========== INDIRECT DIVISION TEST ==========")
	mydiv = div(1,0)
	println(mydiv)
	println("")
}

Compiler output:

==================
                          ^
/data/data/com.termux/files/home/vtest2/tmp.c:4519:5: error: conflicting types for 'div'
int div(int num1, int num2) {
    ^
/data/data/com.termux/files/usr/include/stdlib.h:183:7: note: previous declaration is here
div_t div(int __numerator, int __denominator) __attribute_const__;
      ^                                         /data/data/com.termux/files/home/vtest2/tmp.c:4556:8: error: assigning to 'int' from incompatible type 'div_t'                                          mydiv = div(1, 0);
              ^ ~~~~~~~~~
/data/data/com.termux/files/home/vtest2/tmp.c:4552:23: warning: division by zero is undefined [-Wdivision-by-zero]
        int mydiv = ((int)(1 / 0));
...
==================
(Use `v -cg` to print the entire error message)

builder error: C error.

Please make sure that:
- You have all V dependencies installed.
- You did not declare a C function that was not included. (Try commenting your code that involves C interop)
- You are running the latest version of V. (Try running `v up` and rerunning your command)

If you're confident that all of the above is true, please try running V with the `-cg` option which enables more debugging capabilities.

@angusluckmann
Copy link
Author

Second experiment

V version: V 0.1.26 4e01bf4.78440be
Source Code:

fn add(num1 int, num2 int) int {
	return (num1   num2)
}

fn sub(num1 int, num2 int) int {
	return (num1 - num2)
}

fn mul(num1 int, num2 int) int {
	return (num1 * num2)
}

fn div(num1 int, num2 int) int {
	return (num1 / num2)
}

fn main() {
	// Define necessary constants
	max_possible_int32 := int(2147483647)
	min_possible_int32 := int(-2147483648)

	// Check direct addition
	println("========== DITECT ADDITION TEST ==========")
	mut res := int(max_possible_int32   max_possible_int32)
	println(res)
	println("")

	// Check direct substraction
	println("========== DIRECT SUBSTRACTION TEST ==========")
	res = int(min_possible_int32 - max_possible_int32)
	println(res)
	println("")

	//Check direct multiplication
	println("========== DIRECT MULTIPLICATION TEST ==========")
	res = int(max_possible_int32 * max_possible_int32)
	println(res)
	println("")

	// Check indirect addition
	println("========== INDIRECT ADDITION TEST ==========")
	mut tmp := add(max_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check indirect substraction
	println("========== INDIRECT SUBSTRACTION TEST ==========")
	tmp = sub(min_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check indirect multiplication
	println("========== INDIRECT MULTIPLICATION TEST ==========")
	tmp = mul(max_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check direct division
	println("========== DIRECT DIVISION TEST ==========")
	mydiv := int(1/0)
	println(mydiv)
	println("")

	// Check indirect division
	// println("========== INDIRECT DIVISION TEST ==========")
	// mydiv = div(1,0)
	// println(mydiv)
	// println("")
}

Compiler output (probably the same as last one):

==================                                                        ^
/data/data/com.termux/files/home/vtest2/tmp02.c:4519:5: error: conflicting types for 'div'
int div(int num1, int num2) {
    ^
/data/data/com.termux/files/usr/include/stdlib.h:183:7: note: previous declaration is here
div_t div(int __numerator, int __denominator) __attribute_const__;
      ^                                         /data/data/com.termux/files/home/vtest2/tmp02.c:4552:23: warning: division by zero is undefined [-Wdivision-by-zero]                                    int mydiv = ((int)(1 / 0));
                             ^ ~
/data/data/com.termux/files/home/vtest2/tmp02.c:6440:407: warning: integer literal is too large to be represented in a signed integer type, interpreting as unsigned [-Wimplicitly-unsigned-literal]
((u64)(1)), ((u64)(10)), ((u64)(100)), ((u64)(1000)), ((u64)(10000)), ((u64)(100000)), ((u64)(1000000)), ((u64)(10000000)), ((u64)(100000000)), ((u64)(1000000000)), ((u64)(10000000000)), ((u64)(100000000000)), ((u64)(1000000000000)), ((u64)(10000000000000)), ((u64)(100000000000000)), ((u64)(1000000000000000)), ((u64)(10000000000000000)), ((u64)(100000000000000000)), ((u64)(1000000000000000000)), ((u64)(10000000000000000000)),
...
==================
(Use `v -cg` to print the entire error message)

builder error: C error.

Please make sure that:
- You have all V dependencies installed.
- You did not declare a C function that was not included. (Try commenting your code that involves C interop)
- You are running the latest version of V. (Try running `v up` and rerunning your command)

If you're confident that all of the above is true, please try running V with the `-cg` option which enables more debugging capabilities.

@angusluckmann
Copy link
Author

Third experiment

V version: V 0.1.26 4e01bf4.78440be
Source Code:

fn add(num1 int, num2 int) int {
	return (num1   num2)
}

fn sub(num1 int, num2 int) int {
	return (num1 - num2)
}

fn mul(num1 int, num2 int) int {
	return (num1 * num2)
}

/*
fn div(num1 int, num2 int) int {
	return (num1 / num2)
}
*/

fn main() {
	// Define necessary constants
	max_possible_int32 := int(2147483647)
	min_possible_int32 := int(-2147483648)

	// Check direct addition
	println("========== DITECT ADDITION TEST ==========")
	mut res := int(max_possible_int32   max_possible_int32)
	println(res)
	println("")

	// Check direct substraction
	println("========== DIRECT SUBSTRACTION TEST ==========")
	res = int(min_possible_int32 - max_possible_int32)
	println(res)
	println("")

	//Check direct multiplication
	println("========== DIRECT MULTIPLICATION TEST ==========")
	res = int(max_possible_int32 * max_possible_int32)
	println(res)
	println("")

	// Check indirect addition
	println("========== INDIRECT ADDITION TEST ==========")
	mut tmp := add(max_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check indirect substraction
	println("========== INDIRECT SUBSTRACTION TEST ==========")
	tmp = sub(min_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check indirect multiplication
	println("========== INDIRECT MULTIPLICATION TEST ==========")
	tmp = mul(max_possible_int32, max_possible_int32)
	println(tmp)
	println("")

	// Check direct division
	println("========== DIRECT DIVISION TEST ==========")
	mydiv := int(1/0)
	println(mydiv)
	println("")

	// Check indirect division
	// println("========== INDIRECT DIVISION TEST ==========")
	// mydiv = div(1,0)
	// println(mydiv)
	// println("")
}

Compiler output: none (just successfully compiling)
Program output:

========== DITECT ADDITION TEST ==========
-2

========== DIRECT SUBSTRACTION TEST ==========
1

========== DIRECT MULTIPLICATION TEST ==========
1

========== INDIRECT ADDITION TEST ==========
-2

========== INDIRECT SUBSTRACTION TEST ==========
1                                               
========== INDIRECT MULTIPLICATION TEST ==========
1

========== DIRECT DIVISION TEST ==========
-65227424

@angusluckmann
Copy link
Author

That should be it.

@Ivo-Balbaert
Copy link
Contributor

The Direct Division Test now (v 0.1.27) gives a V error as it should: mydiv := int(1/0) // error: division by zero.
Is this issue now solved?

@ArtemkaKun ArtemkaKun removed this from the Beta Release milestone May 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@medvednikov medvednikov

Labels
Bug This tag is applied to issues which reports bugs. OS: Android Bugs/feature requests, that are specific to Android OS. Security Bugs/feature requests, that are related to either vlib modules or the language as a whole. Status: Confirmed This bug has been confirmed to be valid by a contributor. Status: Needs More Info The issue author is expected to provide more information.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@medvednikov @Ivo-Balbaert @M4SSD35TRUCT10N @angusluckmann @danieldaeschle @ArtemkaKun