Closed Bug 1404189 Opened 8 years ago Closed 8 years ago

fsanitize=enum (ubsan) runtime errors in js/src/jit/RegisterSets.h

Categories

(Core :: JavaScript Engine: JIT, defect, P3)

Product:
Core
Component:
JavaScript Engine: JIT
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1404251

People

(Reporter: arthur, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [tor][js:techdebt])

Attachments

(1 file)

0001-Bug-1404189-Fix-ubsan-runtime-error-for-ABIArg-Kind-.patch
1.93 KB, patch
Details | Diff | Splinter Review
When I run mozilla-central's automated tests with fsanitize=enum, I get errors like the following: js/src/jit/RegisterSets.h:1378:9: runtime error: load of value 4294967295, which is not a valid value for type 'Kind' An ABIArg::Kind enum is being initialized to -1 even though that is not an allowed value.
Here's a proposed patch that suppresses the ubsan runtime error. try server: https://treeherder.mozilla.org/#/jobs?repo=try&revision=a91637e0710c
Attachment #8913541 - Flags: review?(jdemooij)
Comment on attachment 8913541 [details] [diff] [review] 0001-Bug-1404189-Fix-ubsan-runtime-error-for-ABIArg-Kind-.patch Review of attachment 8913541 [details] [diff] [review]: ----------------------------------------------------------------- (I need to fix an error in the patch.)
Attachment #8913541 - Flags: review?(jdemooij)
(In reply to Arthur Edelstein (Tor Browser dev) [:arthuredelstein] from comment #2) > (I need to fix an error in the patch.) I guess the missing |default| cases in switch-statements? Been there, done that: https://hg.mozilla.org/try/rev/6ecaee02e534c217fcaa5f07db72172bea5dd5df :-) (I have a not yet published queue which should fix most UBSan issues in SpiderMonkey: https://treeherder.mozilla.org/#/jobs?repo=try&revision=5014dec2f36c49fc079d6b1bf2714d8d1aae6cb2)
(In reply to André Bargull [:anba] from comment #3) > (In reply to Arthur Edelstein (Tor Browser dev) [:arthuredelstein] from > comment #2) > > (I need to fix an error in the patch.) > > I guess the missing |default| cases in switch-statements? Been there, done > that: > https://hg.mozilla.org/try/rev/6ecaee02e534c217fcaa5f07db72172bea5dd5df :-) Yeah, exactly. Do you want to push your patch forward at this point? > (I have a not yet published queue which should fix most UBSan issues in > SpiderMonkey: > https://treeherder.mozilla.org/#/ > jobs?repo=try&revision=5014dec2f36c49fc079d6b1bf2714d8d1aae6cb2) Nice!
Blocks: 1404547
Priority: -- → P3
Whiteboard: [tor] → [tor][js:techdebt]
Fixed in bug 1404251, along some other UBSan issues.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: