Open Bug 1280514 Opened 9 years ago Updated 2 years ago

GetTotalSystemMemory from Hal module returns wrong value due to unsigned integer overflow

Categories

(Core :: Hardware Abstraction Layer (HAL), defect)

Product:
Core
Component:
Hardware Abstraction Layer (HAL)
Type:
defect

Tracking

()

Status:
UNCONFIRMED
Tracking Flags:
Tracking Status
firefox47 --- affected
firefox48 --- affected
firefox49 --- affected
firefox50 --- affected

People

(Reporter: chefmax7, Unassigned)

References

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/48.0.2564.82 Chrome/48.0.2564.82 Safari/537.36 Steps to reproduce: I've built Firefox with my home-made unsigned integer overflow tool (based on UBSan, just like -fsanitize=unsigned-integer-overflow with Clang) on x86_64-unknown-linux-gnu. Actual results: I've got this runtime warning: /home/max/src/firefox/hal/linux/LinuxMemory.cpp:35:25: runtime error: unsigned integer overflow: 16123468 * 1024 cannot be represented in type 'unsigned int' This happens because my box has 16Gb of RAM and 16123468 * 1024 simply doesn't fit into uint32_t.
Component: Untriaged → Hardware Abstraction Layer (HAL)
Product: Firefox → Core
Perhaps we can just use uint64_t as a return value type?
Chris, do you know someone at Mozilla aware of memory allocation in HAL?
Flags: needinfo?(cpeterson)
George, UBSan is warning about an unsigned integer overflow from your fix for bug 920160: https://hg.mozilla.org/mozilla-central/rev/ce0759a746fb#l11.39
Blocks: 920160
status-firefox47: --- → affected
status-firefox48: --- → affected
status-firefox49: --- → affected
status-firefox50: --- → affected
Flags: needinfo?(cpeterson) → needinfo?(gwright)
Yes, we should just switch this to uint64_t
Flags: needinfo?(gwright)
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.