fix UBSan failures in faulthandler.c

picnixz · picnixz · commit a0b29678c87a · 2025-05-12T17:57:24.000+02:00
- reading from NULL is no more an undefined behavior for C11
- instead of using 1/0 arithmetic, we explicitly raise SIGFPE
diff --git a/Modules/faulthandler.c b/Modules/faulthandler.c
@@ -1069,8 +1069,8 @@ faulthandler_suppress_crash_report(void)
 #endif
 }
 
-static PyObject* _Py_NO_SANITIZE_UNDEFINED
-faulthandler_read_null(PyObject *self, PyObject *args)
+static PyObject*
+faulthandler_read_null(PyObject *self, PyObject *Py_UNUSED(args))
 {
     volatile int *x;
     volatile int y;
@@ -1079,7 +1079,6 @@ faulthandler_read_null(PyObject *self, PyObject *args)
     x = NULL;
     y = *x;
     return PyLong_FromLong(y);
-
 }
 
 static void
@@ -1158,23 +1157,13 @@ faulthandler_fatal_error_c_thread(PyObject *self, PyObject *args)
     Py_RETURN_NONE;
 }
 
-static PyObject* _Py_NO_SANITIZE_UNDEFINED
+static PyObject*
 faulthandler_sigfpe(PyObject *self, PyObject *Py_UNUSED(dummy))
 {
     faulthandler_suppress_crash_report();
-
-    /* Do an integer division by zero: raise a SIGFPE on Intel CPU, but not on
-       PowerPC. Use volatile to disable compile-time optimizations. */
-    volatile int x = 1, y = 0, z;
-    z = x / y;
-
-    /* If the division by zero didn't raise a SIGFPE (e.g. on PowerPC),
-       raise it manually. */
+    /* raise SIGFPE manually to prevent crafted undefined behaviors */
     raise(SIGFPE);
-
-    /* This line is never reached, but we pretend to make something with z
-       to silence a compiler warning. */
-    return PyLong_FromLong(z);
+    Py_UNREACHABLE();
 }
 
 static PyObject *
