Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segfault in classify_node #362

Open
clesmian opened this issue Aug 8, 2023 · 1 comment
Open

Segfault in classify_node #362

clesmian opened this issue Aug 8, 2023 · 1 comment

Comments

@clesmian
Copy link

clesmian commented Aug 8, 2023
edited

When executing c2m on poc.txt, a segfault occurs

POC

n(){
   char* p;
   int m={};
}

ASAN Output

poc:3:16: warning -- empty initializer list                                                                                                AddressSanitizer:DEADLYSIGNAL
=================================================================
==1993431==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x55747d0e3b5f bp 0x0ff417ddcb05 sp 0x7fa0beee1270 T1)                                                                       ==1993431==The signal is caused by a READ memory access.
==1993431==Hint: address points to the zero page.                                                         #0 0x55747d0e3b5e in classify_node c2mir/c2mir.c:8137
    #1 0x55747d0e3b5e in gen c2mir/c2mir.c:11622                                                          #2 0x55747d0fec30 in gen_initializer c2mir/c2mir.c:11376
    #3 0x55747d0fa5bb in gen c2mir/c2mir.c:12364                                                          #4 0x55747d0e9e85 in gen c2mir/c2mir.c:11631
    #5 0x55747d0ea86e in gen c2mir/c2mir.c:12492
    #6 0x55747d0efca2 in gen c2mir/c2mir.c:12454                                                          #7 0x55747d0e9e85 in gen c2mir/c2mir.c:11631                                                          #8 0x55747d0ea86e in gen c2mir/c2mir.c:12492
    #9 0x55747d103e24 in top_gen c2mir/c2mir.c:10551
    #10 0x55747d103e24 in gen_mir c2mir/c2mir.c:12881
    #11 0x55747d103e24 in c2mir_compile c2mir/c2mir.c:13492
    #12 0x55747d108d6a in compile c2mir/c2mir-driver.c:498
    #13 0x7fa0c255f608 in start_thread /build/glibc-SzIz7B/glibc-2.31/nptl/pthread_create.c:477
    #14 0x7fa0c2484132 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x11f132)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV c2mir/c2mir.c:8137 in classify_node
Thread T1 created by T0 here:
    #0 0x7fa0c2709815 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cc:208                                                                                                #1 0x55747d01d6f8 in init_compilers c2mir/c2mir-driver.c:540
    #2 0x55747d01d6f8 in main c2mir/c2mir-driver.c:656
                                                                                                      ==1993431==ABORTING

Found while fuzzing d51b45f, verified with cf3c9c1
@clesmian clesmian changed the title Segfault in classify_node Segfault in classify_node Aug 8, 2023
vnmakarov added a commit that referenced this issue Aug 8, 2023
@vnmakarov
Fix issue #362.
61b7add
@vnmakarov
Copy link
Owner

I fixed this one by 61b7add

vnmakarov added a commit that referenced this issue Aug 9, 2023
@vnmakarov
Fix issue #362.
5bf2ce0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vnmakarov @clesmian