Open Bug 1280514 Opened 8 years ago Updated 2 years ago

GetTotalSystemMemory from Hal module returns wrong value due to unsigned integer overflow


(Core :: Hardware Abstraction Layer (HAL), defect)




Tracking Status
firefox47 --- affected
firefox48 --- affected
firefox49 --- affected
firefox50 --- affected


(Reporter: chefmax7, Unassigned)



User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/48.0.2564.82 Chrome/48.0.2564.82 Safari/537.36

Steps to reproduce:

I've built Firefox with my home-made unsigned integer overflow tool (based on UBSan, just like -fsanitize=unsigned-integer-overflow with Clang) on x86_64-unknown-linux-gnu.

Actual results:

I've got this runtime warning:

/home/max/src/firefox/hal/linux/LinuxMemory.cpp:35:25: runtime error: unsigned integer overflow: 16123468 * 1024 cannot be represented in type 'unsigned int'

This happens because my box has 16Gb of RAM and 16123468 * 1024 simply doesn't fit into uint32_t.
Component: Untriaged → Hardware Abstraction Layer (HAL)
Product: Firefox → Core
Perhaps we can just use uint64_t as a return value type?
Chris, do you know someone at Mozilla aware of memory allocation in HAL?
Flags: needinfo?(cpeterson)
George, UBSan is warning about an unsigned integer overflow from your fix for bug 920160:
Blocks: 920160
Flags: needinfo?(cpeterson) → needinfo?(gwright)
Yes, we should just switch this to uint64_t
Flags: needinfo?(gwright)
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.