Null pointer dereference in beam_jit_bs_construct_fail_info #7282
Closed
Description
Describe the bug
Running the following code:
f(_V0) ->
<<
(atom_to_binary(ok)):(case _V0 of
_V3 when
is_number(_V3);
is_boolean((is_integer(_V3) andalso 18446744073709551615) bxor 0) orelse
(ok /= {})
->
0;
_ ->
ok
end)/binary
>>.
start() ->
f(ok).with the following commands:
erlc -W0 ~/minimized/segv.erl
cerl -asan -pa . -noshell -s segv start -s init stop
results in the following error message:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==852348==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000526cdd bp 0x7f94637fa930 sp 0x7f94637fa8e0 T7)
==852348==The signal is caused by a READ memory access.
==852348==Hint: address points to the zero page.
#0 0x526cdc in beam_jit_bs_construct_fail_info(process*, unsigned long, unsigned long, unsigned long) beam/jit/beam_jit_common.cpp:1061
#1 0x7f944f80029e (/memfd:vmem (deleted)+0x29e)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV beam/jit/beam_jit_common.cpp:1061 in beam_jit_bs_construct_fail_info(process*, unsigned long, unsigned long, unsigned long)
Thread T7 (erts_sched_4) created by T0 here:
#0 0x7f9466052eb3 in __interceptor_pthread_create (/lib64/libasan.so.5+0x52eb3)
#1 0x11d025c in ethr_thr_create pthread/ethread.c:401
#2 0x48998a in erts_start_schedulers beam/erl_process.c:8816
#3 0xbe0cee in erl_start beam/erl_init.c:2563
#4 0x46023a in main sys/unix/erl_main.c:33
#5 0x7f9463c3ad84 in __libc_start_main (/lib64/libc.so.6+0x3ad84)
==852348==ABORTING
Affected versions
master
Additional context
There is no symptom without asan.