zig build with safety on get "Illegal instruction" when using c "container_of"

[sogwms]

Zig Version

0.10.1

Steps to Reproduce and Observed Behavior

m.c file

#define rt_container_of(ptr, type, member)  ((type *)((char *)(ptr) - (unsigned long)(&((type *)0)->member)))

struct rt_object
{
    char       name[8];                       /**< name of kernel object */
    char type;                                    /**< type of kernel object */
    char flag;                                    /**< flag of kernel object */

    unsigned int  list;                       /**< list node of kernel object */
};

static struct rt_object ko;

unsigned int getRootAddr() {
    char *cp = &ko.flag;

    return (unsigned int)(rt_container_of(cp, struct rt_object, flag));
}

m.h

unsigned int getRootAddr();

main.zig

const std = @import("std");

const rt = @cImport({
    @cInclude("m.h");
});

pub fn main() !void {
    // Prints to stderr (it's a shortcut based on `std.io.getStdErr()`)
    std.debug.print("All your {s} are belong to us.\n", .{"codebase"});
    var rtt = rt.getRootAddr();

    // stdout is for the actual output of your application, for example if you
    // are implementing gzip, then only the compressed bytes should be sent to
    // stdout, not any debugging messages.
    const stdout_file = std.io.getStdOut().writer();
    var bw = std.io.bufferedWriter(stdout_file);
    const stdout = bw.writer();

    try stdout.print("var {?}.\n", .{rtt});

    try bw.flush(); // don't forget to flush!
}

build.zig

...
exe.addIncludePath("src");
exe.addCSourceFile("src/m.c", &[_][]const u8{"-std=c11"});
...

when run "zig build" and then run the generated .exe:

but if build without safety check, it's ok:

Expected Behavior

zig build with safety on should work well

[nektro]

https://github.com/ziglang/zig/wiki/FAQ#why-do-i-get-illegal-instruction-when-using-with-zig-cc-to-build-c-code

[ehaas]

The rt_container_of macro contains a NULL pointer dereference (((struct rt_object *)0)->flag when macro expanded), which is undefined behavior. You can use offsetof for a portable way to do what that portion of the macro is trying to do.

[sogwms]

Thanks for the solutions. Actually I am working on an embedded project mixing zig and c, the "rt_container_of" is almost everywhere in the c source code. It's really hard to locate the cause of "Illegal instruction" considering it's a runtime error and just results in “hard-fault” on baremetal not even a panic which can print useful debug message.

Hopefully the "Illegal instruction" can be a panic in the future.

[ifreund]

Thanks for the solutions. Actually I am working on an embedded project mixing zig and c, the "rt_container_of" is almost everywhere in the c source code. It's really hard to locate the cause of "Illegal instruction" considering it's a runtime error and just results in “hard-fault” on baremetal not even a panic which can print useful debug message.

Hopefully the "Illegal instruction" can be a panic in the future.

That improvement is tracked by #5163