search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
27.77k stars 11.44k forks source link

[libunwind] Undefined behavior pointer arithmetic with null pointer #91144

Closed avdv closed 1 month ago

avdv commented 4 months ago

I am using libunwind and when compiling my program with -fsanitize=undefined I get several reports of undefined behavior:

native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:286:17: runtime error: applying non-zero offset 156 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:286:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:286:17: runtime error: member access within null pointer of type 'unwind_info_section_header_index_entry'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:286:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:291:17: runtime error: member access within null pointer of type 'unwind_info_section_header_index_entry'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:291:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:296:17: runtime error: member access within null pointer of type 'unwind_info_section_header_index_entry'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:296:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:296:17: runtime error: applying non-zero offset 12 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:296:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:337:17: runtime error: applying non-zero offset 2040 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:337:17 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:343:9: runtime error: applying non-zero offset 160 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:343:9 in 
native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:291:17: runtime error: applying non-zero offset 228 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior native/native-code-nativelib_native0.4_3-0.4.17-2/scala-native/platform/posix/libunwind/UnwindCursor.hpp:291:17 in

Each of these is using the arrayoffsetof macro, which is defined like this:

#define arrayoffsetof(type, index, field) ((size_t)(&((type *)0)[index].field))
DanielKristofKiss commented 1 month ago

@avdv Could you try the https://github.com/llvm/llvm-project/pull/98648 patch?

avdv commented 1 month ago

@avdv Could you try the https://github.com/llvm/llvm-project/pull/98648 patch?

@DanielKristofKiss thank you for looking into that issue! Unfortunately, I won't be able to try your patch for some time. I'll report back when possible and nobody beats me to it.