Hi Jamey, On 06/02/2016 04:27 PM, Jamey Sharp wrote:
This is *so cool*. With the option you added, I've found all sorts of interesting bugs in my code. :-) I'm crediting csmith in my commit messages when I fix issues it triggered, if anyone happens to want to find such things later. https://github.com/jameysharp/corrode
Nice! Glad it helps :)
I think I've found a bug in csmith, too. It isn't supposed to generate C programs that have undefined behavior, right? Apparently it can generate shifts by a number of bits larger than the size of the integer-promoted left-hand side. In particular, it generated this: (uint16_t)p_9 << (uint16_t)(... , 0xD051L)
Csmith-generated programs are supposed to be undefined-behavior-free. All shift operations are wrapped by functions (or macros) such as lshift_func_int8_t_s_s, which can be found in csmith/runtime/safe_math.h (or safe_math_macros.h). Those functions/macros ensure that relevant operations are "safe" (i.e., the program runs without undefined behavior).
I am wondering if you pass -DUNSAFE to the compiler when you process randomized programs. If not, can you send us something like below in the generated program that has aforementioned undefined behavior?
/* * This is a RANDOMLY GENERATED PROGRAM. * * Generator: csmith 2.3.0 * Git version: 5af4618 * Options: --no-global-variables * Seed: 1021837130 */ We can diagnose the issue with this kind of information. Thanks. - Yang