Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[libunwind] Undefined behavior pointer arithmetic with null pointer #91144

Closed
avdv opened this issue May 5, 2024 · 2 comments · Fixed by #98648
Closed

[libunwind] Undefined behavior pointer arithmetic with null pointer #91144

avdv opened this issue May 5, 2024 · 2 comments · Fixed by #98648
Assignees
@DanielKristofKiss
Labels
libunwind

Comments

@avdv
Copy link

avdv commented May 5, 2024

I am using libunwind and when compiling my program with -fsanitize=undefined I get several reports of undefined behavior:

native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:286:17: runtime error: applying non-zero offset 156 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:286:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:286:17: runtime error: member access within null pointer of type 'unwind_info_section_header_index_entry'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:286:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:291:17: runtime error: member access within null pointer of type 'unwind_info_section_header_index_entry'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:291:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:296:17: runtime error: member access within null pointer of type 'unwind_info_section_header_index_entry'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:296:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:296:17: runtime error: applying non-zero offset 12 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:296:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:337:17: runtime error: applying non-zero offset 2040 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:337:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:343:9: runtime error: applying non-zero offset 160 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:343:9 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:291:17: runtime error: applying non-zero offset 228 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:291:17 in

Each of these is using the arrayoffsetof macro, which is defined like this:

#define arrayoffsetof(type, index, field) ((size_t)(&((type *)0)[index].field))
avdv added a commit to avdv/scalals that referenced this issue May 5, 2024
@avdv
Use release-fast instead of debug
77db165 
In debug mode, zig cc enables `-fsanitize-debug` which causes the program to
get killed with SIGILL or SIGTRAP because of undefined behavior.

See ziglang/zig#4830 and llvm/llvm-project#91144
avdv added a commit to avdv/scalals that referenced this issue May 6, 2024
@avdv
Use release-fast instead of debug
497c395 
In debug mode, zig cc enables `-fsanitize-debug` which causes the program to
get killed with SIGILL or SIGTRAP because of undefined behavior.

See ziglang/zig#4830 and llvm/llvm-project#91144
@avdv avdv mentioned this issue May 6, 2024
Closed
@DanielKristofKiss DanielKristofKiss mentioned this issue Jul 12, 2024
Merged
@DanielKristofKiss
Copy link
Member

@avdv Could you try the #98648 patch?

@avdv
Copy link
Author

avdv commented Jul 14, 2024

@avdv Could you try the #98648 patch?

@DanielKristofKiss thank you for looking into that issue! Unfortunately, I won't be able to try your patch for some time. I'll report back when possible and nobody beats me to it.

@DanielKristofKiss DanielKristofKiss self-assigned this Aug 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DanielKristofKiss DanielKristofKiss

Labels
libunwind
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[libunwind] Undefined behaviour pointer arithmetic with null pointer DanielKristofKiss/llvm-project
3 participants
@avdv @DanielKristofKiss @EugeneZelenko