From nobody Sun Jan 16 08:19:53 2022 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 10075196AD36 for ; Sun, 16 Jan 2022 08:20:04 +0000 (UTC) (envelope-from marklmi@yahoo.com) Received: from sonic301-21.consmr.mail.gq1.yahoo.com (sonic301-21.consmr.mail.gq1.yahoo.com [98.137.64.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jc7J30FZnz3t5M for ; Sun, 16 Jan 2022 08:20:02 +0000 (UTC) (envelope-from marklmi@yahoo.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1642321195; bh=Ell9GTCSgE+1kEo+4BnVbCk7wVrPJaC47alPs5rdOFs=; h=From:Subject:Date:To:References:From:Subject:Reply-To; b=gqpPuGkuB/84o+R43aj1AyaMhfWWyNMmaqUyNelI6zsLn1Z5AjBmL1e7FLBvsSJYHMKwVx1oC9XaE+abj1gH4vPZN7ASca5i93cjF474t5U63W/mUFa6G8IPhuZya3+V97rMrWYIHH7N3gl8+AhQ99Z0xqoqnMMkndPRe1yrqQ5GaQ33K3qLjMg/5NfkyVubQNdCcLK49ZkMJCUXnuZziPQ9OzSW2PGvkaUYmVnhpYAOlimol/dEWDR3SSBK/41QZ83v8W5lNtURPxdwfItTbgBuQMcESbbDbEVT3DEE1QMKQrbysF6/gBs3xNV4k2eaXCrzKnvPMRSytPmT+JRbtA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1642321195; bh=xfbyg4IxRifEBdNufQlHXBWcZZsZ6JRU46xwsP/aWGN=; h=X-Sonic-MF:From:Subject:Date:To:From:Subject; b=FGj1UuQA86a4U2dwq2BmYZQoafnRFgkYvCMKekYv2yVwIJsoM+dlSuDnNOTuQCsH9pWcsz3B4jkjtVnTsQ5E2yvevzHZ++1WrcNBx+tNnZ7jf0FmunNIHXFL6WuFAZUI/v0qJmeiAR8tEmf7x15X4E9WXFgHp267SsF2TW+ODqeMrwmypL0j/hwE/flxgIpUv9dY05lxWOfNWLerFg4Rncm0yr4aA4WqKQgWudlxYyAaSmJ1Y0t03n5OwMyEv5H63rbOax5A9PTRfJY8CpirqVUZbn0AGKN9ZJJsqD5Q6Qd/KLTZ0KvylWildGhjtwvE4eAlD8Qb9FyG+oCMDrRtvg== X-YMail-OSG: KKaquK8VM1mfvT5bLz4YEu176URJvCzuS2DhFC1Set_EfkM1NHEhU4MavtwAKl7 FInS_ZU5czdx5ZSU7GlR4eA7lMyiGs43VRSVHS8xlzG.xc2n1bCDAmyXHu3wwvAvo224vVjNTyIj fb0YWV0lvs.gftFoiPLvPrHIZzk5aJHnYnJqgj_vqjb9oZCe7v3ZueZEwx154SISIrOGsl2TUYoG KkqebHldlxQHyyqmw8jZkKC7jhV9xU2zjz07S4SN6npQQLFM6o6uBufKDQ4pWEXOz1AosD7nbye. R_FUgwShnwR1.5lsmBemaJhRO2tPlNYSsFBtDamHFdILzsXhMEIFZ0ykOJUeTGizl36yVxmNUiZL LR7WKt3oGfZurjh3ZMjnYMhGL5b.LM7DPnrLzxqQipS1YTRgb6SLtZIR0Wmamc626fu7Gpqa0i6z rKUgH51ntXqqVmffas.Nt3mN.R5FOPCbcH6AEh5l6olHNlRiAqXhEn3T881IBUjGdU1YQoNl1i5v ySqwmzvh_8SXwh4iOdpU8mKt2X6thEkKRh7Igj1..2JtpCzg6Gat.4S.MS03YUrSTRJz89SuIX.A 6T.1IHC1swKGnuIK83w4ucuymiqPGOpm5IXWNRBpT3ALDOQcKum7ZpFR2oAg3hktKH9j7Rb_hP9o .aOd8WG1GERaKbBhpFjEFfv1DUIx.bAQvV5E_FPiOyw0CmqUhLNZBUcuZQ9s1TnKTDV_Zw4BPzYG gU7H8tQcW4hEHpABi_Oec4mKSsJ9TaCvRNhEPgsv_atX0HIisiyOIdmG63sakUvD6S5fm4BBtKvh vpNgdZH14Etd2tMnN_buAZtqHpL79fLabEBsIYqZIEvKUN_nBLAUGeyHT8xFoqhcbqrFiT8787Fo MwCf.9r0_x_VDhpHRObeGJV2X4sreLgRhWYW93iIfr21vyp5usnY._iPvCMD5coLNgMDjqVOwfvA _k1e4Lsap6kKXjQTIROyPXW2r6mFIORnaFBhHCQnGKiDebHdvuedTwLFD9kgUB6o2WRxboKXHWVY 6TC19u7w02EPckMyhjD3CAbJuok4sLbSdLXdMvu.yT4k5m.7SmCRqPruaICQLkirNN.WkEkNfGEp rKdCS3pbR9zbsE1gC289H3yVK2BYXt9bv9crszazDNn0sT9zz4ELZOgl0HABxTRneBc7sXdjvpDI XiuO1ui.OnDS_OREgWgeCvoXQQ0AS2yIKDOtQXpaZQCNd24ljEnigKHBE392eaAQHR7Lu8tDfZob wkmbxvR.oKGAujlpoY0jB_zqdfaXmOkl2CKvW9aI9xmnZcf6pD_2Vi3ATYtPb.Gpaf3lvc339_zh maYujCTQIPiZyg_sSek0mja_4damOZKHLFYUqg59iOqnEeWio30wXa16SjrXYUc2rk6UfixyAA36 .HClxWmn94upKLAZDJsvaCmleYsx1xfqJFcpjI5M.sM5diMcoZ5YFJYoJpq9XM.IG.ZHp9uiLBzq WLYMTHbbVpNuzobzEmkE0OfIDfjHYjiiaBMeC8G5ignU8ltguSD0tKYYzpfCWUxW5IL3NLuorppa lylFwGV8a0lvhAz.JIDG7dc5_m1VfLjY8D6R69VG6592Q1X3g2Et4rRnzXsJCr2JqZV6QTi5ZV3T 1cabFTZtrkoX7D6nlTAgQx4G14iQWAKrWGzfduSN5cyF5DAfMtE7gSxHMWS4yGoS4oWJpkgQDN0g f2olikjqJQrFVw9t1W9NjXtFL3Sr2F1mPNqKAhygN_afdv5KERwHEiyWFg8zteneyfh_RYk4QLBU HrevLQooLYKPTPDjCeZyk4EgfcLVYUJCgtiZ_CGlL3_F4tieDQC2Zpm4dMehQynhLzuKxS4Q5Pfk XIKDUFTf2M6z5tfZMRjhIYyzEgsNFqVA_YwfeXtWK6qKr2YcFR_r3Y4LsLDHwC1fKM3qVQV4womr 2hkf2dQdODutRJB.9Wv30N2HN4JdisRr2_OTXwAmLtlhLlDSpTRek4KxvShy6lyzBMuocyvqOlKO 369TWpijdcKWtOJodZUsiDQfE9UDLHLcfRUNzTbyG9bTAUi9ScXkPOYTF398l5QS5UCvp6wxeBQB 4ITBeweN5tAl8puHcN8j_kFKJdaoR3IRVRm7AQnC2ac0gvxdcUzr.HqIUrB1Wws61QkCT84dlac. _7__WsP567DRI_70DZy.1w3tQnX20jZJi5DqgZCJzYRZ4GlI_XzxFSfhob8DYD9RiMxZ.4NGZIfR wI2utBJtH7An0ogxbW1qSKXNdbQdZFUGtZu_ED1l4gn6C0qda7OcZwMg9dYBU1Xj546n8nWjv9A- - X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic301.consmr.mail.gq1.yahoo.com with HTTP; Sun, 16 Jan 2022 08:19:55 +0000 Received: by kubenode516.mail-prod1.omega.gq1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 23f3c3217e96111754d5496053a97b25; Sun, 16 Jan 2022 08:19:54 +0000 (UTC) From: Mark Millard Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\)) Subject: UBSAN report from kyua run in WITH_UBSAN= based world (via chroot): /bin/sh 's waitcmdloop does NULL+0 undefined behavior Message-Id: <701C64F9-B51D-4DD7-BA74-5BFE580BF562@yahoo.com> Date: Sun, 16 Jan 2022 00:19:53 -0800 To: freebsd-current X-Mailer: Apple Mail (2.3654.120.0.1.13) References: <701C64F9-B51D-4DD7-BA74-5BFE580BF562.ref@yahoo.com> X-Rspamd-Queue-Id: 4Jc7J30FZnz3t5M X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yahoo.com header.s=s2048 header.b=gqpPuGku; dmarc=pass (policy=reject) header.from=yahoo.com; spf=pass (mx1.freebsd.org: domain of marklmi@yahoo.com designates 98.137.64.147 as permitted sender) smtp.mailfrom=marklmi@yahoo.com X-Spamd-Result: default: False [-1.50 / 15.00]; FREEMAIL_FROM(0.00)[yahoo.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[yahoo.com:+]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36647, ipnet:98.137.64.0/20, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; NEURAL_SPAM_SHORT(1.00)[1.000]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[98.137.64.147:from]; MLMMJ_DEST(0.00)[freebsd-current]; RWL_MAILSPIKE_POSSIBLE(0.00)[98.137.64.147:from]; RCVD_COUNT_TWO(0.00)[2] X-ThisMailContainsUnwantedMimeParts: N # /bin/sh /usr/tests/bin/sh/builtins/wait6.0 /usr/main-src/bin/sh/jobs.c:590:35: runtime error: applying zero offset = to null pointer SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior = /usr/main-src/bin/sh/jobs.c:590:35 in=20 /usr/main-src/bin/sh/jobs.c:601:22: runtime error: applying zero offset = to null pointer SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior = /usr/main-src/bin/sh/jobs.c:601:22 in=20 So: # lldb /bin/sh /usr/tests/bin/sh/builtins/wait6.0 (lldb) target create "/bin/sh" Current executable set to '/bin/sh' (x86_64). (lldb) settings set -- target.run-args = "/usr/tests/bin/sh/builtins/wait6.0" (lldb) run Process 66125 launched: '/bin/sh' (x86_64) Process 66125 stopped * thread #1, name =3D 'sh', stop reason =3D Nullptr with offset frame #0: 0x0000000001135850 sh`::__ubsan_on_report() at = ubsan_monitor.cpp:39 36 } 37 =09 38 SANITIZER_WEAK_DEFAULT_IMPL -> 39 void __ubsan::__ubsan_on_report(void) {} 40 =09 41 void __ubsan::__ubsan_get_current_report_data(const char = **OutIssueKind, 42 const char = **OutMessage, (lldb) bt * thread #1, name =3D 'sh', stop reason =3D Nullptr with offset * frame #0: 0x0000000001135850 sh`::__ubsan_on_report() at = ubsan_monitor.cpp:39 frame #1: 0x0000000001130011 = sh`__ubsan::Diag::~Diag(this=3D0x00007fffffffcc60) at = ubsan_diag.cpp:354:29 frame #2: 0x0000000001134f44 = sh`handlePointerOverflowImpl(Data=3D, Base=3D, = Result=3D, Opts=3D(FromUnrecoverableHandler =3D false, pc =3D= 18263566, bp =3D 140737488343328)) at ubsan_diag.h:0:21 frame #3: 0x0000000001134a7a = sh`::__ubsan_handle_pointer_overflow(Data=3D, = Base=3D, Result=3D) at = ubsan_handlers.cpp:815:3 frame #4: 0x000000000116ae0e sh`waitcmdloop(job=3D0x0000000000000000) = at jobs.c:590:35 frame #5: 0x000000000114528a sh`evalcommand(cmd=3D, = flags=3D0, backcmd=3D0x0000000000000000) at eval.c:1107:16 frame #6: 0x000000000113eeb8 sh`evaltree(n=3D0x00006150000000d8, = flags=3D) at eval.c:289:4 frame #7: 0x000000000117a317 sh`cmdloop(top=3D) at = main.c:228:4 frame #8: 0x0000000001179789 sh`main(argc=3D2, argv=3D) = at main.c:175:3 frame #9: 0x00000000010b35dd sh`_start(ap=3D, = cleanup=3D) at crt1_c.c:73:7 (lldb) thread info -s thread #1: tid =3D 101020, 0x0000000001135850 sh`::__ubsan_on_report() = at ubsan_monitor.cpp:39, name =3D 'sh', stop reason =3D Nullptr with = offset { "col": 35, "description": "nullptr-with-offset", "filename": "/usr/main-src/bin/sh/jobs.c", "instrumentation_class": "UndefinedBehaviorSanitizer", "line": 590, "memory_address": 0, "summary": "Applying zero offset to null pointer", "tid": 101020, "trace": [] } (lldb) up 4 frame #4: 0x000000000116ae0e sh`waitcmdloop(job=3D0x0000000000000000) at = jobs.c:590:35 587 return retval; 588 } 589 } else { -> 590 for (jp =3D jobtab ; jp < jobtab + = njobs; jp++) 591 if (jp->used && jp->state =3D=3D = JOBDONE) { 592 if (! iflag || ! = jp->changed) 593 freejob(jp); (lldb) c Process 66125 resuming /usr/main-src/bin/sh/jobs.c:590:35: runtime error: applying zero offset = to null pointer SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior = /usr/main-src/bin/sh/jobs.c:590:35 in=20 Process 66125 stopped * thread #1, name =3D 'sh', stop reason =3D Nullptr with offset frame #0: 0x0000000001135850 sh`::__ubsan_on_report() at = ubsan_monitor.cpp:39 36 } 37 =09 38 SANITIZER_WEAK_DEFAULT_IMPL -> 39 void __ubsan::__ubsan_on_report(void) {} 40 =09 41 void __ubsan::__ubsan_get_current_report_data(const char = **OutIssueKind, 42 const char = **OutMessage, (lldb) bt * thread #1, name =3D 'sh', stop reason =3D Nullptr with offset * frame #0: 0x0000000001135850 sh`::__ubsan_on_report() at = ubsan_monitor.cpp:39 frame #1: 0x0000000001130011 = sh`__ubsan::Diag::~Diag(this=3D0x00007fffffffcc60) at = ubsan_diag.cpp:354:29 frame #2: 0x0000000001134f44 = sh`handlePointerOverflowImpl(Data=3D, Base=3D, = Result=3D, Opts=3D(FromUnrecoverableHandler =3D false, pc =3D= 18264444, bp =3D 140737488343328)) at ubsan_diag.h:0:21 frame #3: 0x0000000001134a7a = sh`::__ubsan_handle_pointer_overflow(Data=3D, = Base=3D, Result=3D) at = ubsan_handlers.cpp:815:3 frame #4: 0x000000000116b17c sh`waitcmdloop(job=3D0x0000000000000000) = at jobs.c:601:22 frame #5: 0x000000000114528a sh`evalcommand(cmd=3D, = flags=3D0, backcmd=3D0x0000000000000000) at eval.c:1107:16 frame #6: 0x000000000113eeb8 sh`evaltree(n=3D0x00006150000000d8, = flags=3D) at eval.c:289:4 frame #7: 0x000000000117a317 sh`cmdloop(top=3D) at = main.c:228:4 frame #8: 0x0000000001179789 sh`main(argc=3D2, argv=3D) = at main.c:175:3 frame #9: 0x00000000010b35dd sh`_start(ap=3D, = cleanup=3D) at crt1_c.c:73:7 (lldb) thread info -s thread #1: tid =3D 101020, 0x0000000001135850 sh`::__ubsan_on_report() = at ubsan_monitor.cpp:39, name =3D 'sh', stop reason =3D Nullptr with = offset { "col": 22, "description": "nullptr-with-offset", "filename": "/usr/main-src/bin/sh/jobs.c", "instrumentation_class": "UndefinedBehaviorSanitizer", "line": 601, "memory_address": 0, "summary": "Applying zero offset to null pointer", "tid": 101020, "trace": [] } (lldb) up 4 frame #4: 0x000000000116b17c sh`waitcmdloop(job=3D0x0000000000000000) at = jobs.c:601:22 598 } 599 } 600 for (jp =3D jobtab ; ; jp++) { -> 601 if (jp >=3D jobtab + njobs) { = /* no running procs */ 602 return 0; 603 } 604 if (jp->used && jp->state =3D=3D = 0) (lldb) c Process 66125 resuming /usr/main-src/bin/sh/jobs.c:601:22: runtime error: applying zero offset = to null pointer SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior = /usr/main-src/bin/sh/jobs.c:601:22 in=20 Process 66125 exited with status =3D 0 (0x00000000)=20 =3D=3D=3D Mark Millard marklmi at yahoo.com