search

quickjs-ng / quickjs

QuickJS, the Next Generation: a mighty JavaScript engine
https://quickjs-ng.github.io/quickjs/
MIT License
975 stars 80 forks source link

UBSAN error with clang-18: `call to function js_realloc_rt through pointer to incorrect function type` #452

Closed andrjohns closed 3 months ago

andrjohns commented 3 months ago

Building quickjs-ng with clang-18 and -DCONFIG_UBSAN=ON, the following dummy program gives a UBSAN error:

#include "quickjs.h"
#include <string.h>

int main() {
  JSRuntime* rt = JS_NewRuntime();
  JSContext* ctx = JS_NewContext(rt);

  const char* str = "1 + 2\0";
  JSValue val = JS_Eval(ctx, str, strlen(str), "", 0);

  JS_FreeValue(ctx, val);
  JS_FreeContext(ctx);
  JS_FreeRuntime(rt);

  return 0;
}
> clang-18 -fsanitize=undefined ubsan_test.c build/libqjs.a -lm -o ubsan_test
> ./ubsan_test
/quickjs/cutils.c:124:19: runtime error: call to function js_realloc_rt through pointer to incorrect function type 'void *(*)(void *, void *, unsigned long)'
(/quickjs/ubsan_test+0xa7f40): note: js_realloc_rt defined here
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /quickjs/cutils.c:124:19