ubsan: memcpy illegal invocation #74930
Description
Description
per ubsan on x86_64 ubuntu linux memcpy called with at least 1 null pointer arg, with 0 length. AddBlob is asked to add an empty blob, which memcpy's 0 bytes. Easy fix.
(gdb) where
#0 __ubsan::ScopedReport::~ScopedReport (this=this@entry=0x7fffffffb760, __in_chrg=<optimized out>)
at ../../../../src/libsanitizer/ubsan/ubsan_diag.cpp:388
#1 0x00007ffff7991c81 in handleNonNullArg (Data=Data@entry=0x7ffff6cfaa60, Opts=..., IsAttr=IsAttr@entry=true)
at ../../../../src/libsanitizer/ubsan/ubsan_handlers.cpp:740
#2 0x00007ffff7994a44 in __ubsan::__ubsan_handle_nonnull_arg (Data=Data@entry=0x7ffff6cfaa60)
at ../../../../src/libsanitizer/ubsan/ubsan_handlers.cpp:744
#3 0x00007ffff4b85118 in StgBlobPool::AddBlob (this=0x5555557c9c50, pData=<optimized out>, pnOffset=0x7fffffffbaac)
at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/utilcode/stgpool.cpp:1566
#4 0x00007ffff5d5afbc in StgBlobPool::InitNew (this=this@entry=0x5555557c9c50, cbSize=<optimized out>, cItems=<optimized out>,
fAddEmptryItem=fAddEmptryItem@entry=1) at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/utilcode/stgpool.cpp:1432
#5 0x00007ffff5c0a44f in MetaData::BlobHeapRW::InitializeEmpty_WithItemsCount (cItemsCount=<optimized out>, cbAllocationSize=200,
this=0x5555557c9c50) at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/md/inc/../heaps/blobheap.h:127
#6 CMiniMdRW::InitNew (this=this@entry=0x5555557c8700) at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/md/enc/metamodelrw.cpp:1935
#7 0x00007ffff5b8a002 in CLiteWeightStgdbRW::InitNew (this=this@entry=0x5555557c8700)
at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/md/enc/liteweightstgdbrw.cpp:520
#8 0x00007ffff5acddae in RegMeta::CreateNewMD (this=this@entry=0x5555557c3b10)
at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/md/compiler/regmeta.cpp:247
#9 0x00007ffff5a0a850 in Disp::DefineScope (this=<optimized out>, rclsid=..., dwCreateFlags=0, riid=..., ppIUnk=0x7fffffffbfc0)
at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/md/compiler/disp.cpp:101
#10 0x00007ffff4ed1e97 in (anonymous namespace)::DefineEmitScope (iid=..., ppEmit=0x7fffffffbfc0)
at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/vm/assembly.cpp:104
#11 Assembly::CreateDynamic (pBinder=0x5555555b3870, pAssemblyNameParts=pAssemblyNameParts@entry=0x7fffffffc408,
hashAlgorithm=hashAlgorithm@entry=0, access=access@entry=1, pKeepAlive=pKeepAlive@entry=0x7fffffffc2d8)
at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/vm/assembly.cpp:418
#12 0x00007ffff4ebd384 in AppDomain_CreateDynamicAssembly (assemblyLoadContext=..., pAssemblyNameParts=0x7fffffffc408, hashAlgorithm=0, access=1,
retAssembly=...) at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/vm/appdomainnative.cpp:32
#13 0x00007fff74d7c633 in ?? ()
#14 0x000000003754b4c8 in ?? ()
#15 0x00007ffff60a9c88 in vtable for InlinedCallFrame () from /home/robhenry/git-work-e2/robhenry-perf/dotnet_teche/published7.0/libcoreclr.so
#16 0xffffffffffffffff in ?? ()
#17 0x0000000000000000 in ?? ()
(gdb) frame 4
#4 0x00007ffff5d5afbc in StgBlobPool::InitNew (this=this@entry=0x5555557c9c50, cbSize=<optimized out>, cItems=<optimized out>,
fAddEmptryItem=fAddEmptryItem@entry=1) at /mnt/robhenry/dotnet/clang11.a/runtime/src/coreclr/utilcode/stgpool.cpp:1432
1432 IfFailRet(AddBlob(&emptyBlob, &nIndex_Ignore));
(gdb)
Reproduction Steps
run ubsan, or by inspection
Expected behavior
do not call memcpy with null pointers
Actual behavior
bad call to memcpy
Regression?
No response
Known Workarounds
No response
Configuration
No response