Open Bug 1593387 Opened 5 years ago Updated 2 years ago

call to function moz_malloc_usable_size through pointer to incorrect function type in src/xpcom/ds/PLDHashTable.cpp:676

Categories

(Core :: XPCOM, defect)

defect

Tracking

()

Tracking Status
firefox72 --- affected

People

(Reporter: tsmith, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: csectype-undefined)

This is triggered with an UBSan build. To enable this check add the following to your mozconfig:

ac_add_options --enable-address-sanitizer
ac_add_options --enable-undefined-sanitizer="function"
ac_add_options --disable-jemalloc

This issue can be triggered by running gtests.

[ RUN      ] PLDHashTableTest.LazyStorage
src/xpcom/ds/PLDHashTable.cpp:676:10: runtime error: call to function moz_malloc_usable_size through pointer to incorrect function type 'unsigned long (*)(const void *)'
src/memory/mozalloc/mozalloc.cpp:136: note: moz_malloc_usable_size defined here
    #0 0x7fc6b1608a71 in PLDHashTable::ShallowSizeOfExcludingThis(unsigned long (*)(void const*)) const src/xpcom/ds/PLDHashTable.cpp:676:10
    #1 0x7fc6afb7f17d in PLDHashTableTest_LazyStorage_Test::TestBody() src/xpcom/tests/gtest/TestPLDHash.cpp:160:3
    #2 0x7fc6b0541065 in testing::Test::Run() src/testing/gtest/gtest/src/gtest.cc:2519:5
    #3 0x7fc6b05429f3 in testing::TestInfo::Run() src/testing/gtest/gtest/src/gtest.cc:2695:11
    #4 0x7fc6b0543ba7 in testing::TestCase::Run() src/testing/gtest/gtest/src/gtest.cc:2813:28
    #5 0x7fc6b0559227 in testing::internal::UnitTestImpl::RunAllTests() src/testing/gtest/gtest/src/gtest.cc:5179:43
    #6 0x7fc6b05588a7 in testing::UnitTest::Run() src/testing/gtest/gtest/src/gtest.cc:4788:10
    #7 0x7fc6b058da82 in RUN_ALL_TESTS() src/objdir-ff-ubsan/dist/include/gtest/gtest.h:2342:46
    #8 0x7fc6b058da82 in mozilla::RunGTestFunc(int*, char**) src/testing/gtest/mozilla/GTestRunner.cpp:158
    #9 0x7fc6bec38eb0 in XREMain::XRE_mainStartup(bool*) src/toolkit/xre/nsAppRunner.cpp:3774:16
    #10 0x7fc6bec47b41 in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) src/toolkit/xre/nsAppRunner.cpp:4708:12
    #11 0x7fc6bec493eb in XRE_main(int, char**, mozilla::BootstrapConfig const&) src/toolkit/xre/nsAppRunner.cpp:4802:21
    #12 0x5624eda4001c in do_main(int, char**, char**) src/browser/app/nsBrowserApp.cpp:218:22
    #13 0x5624eda3f3ff in main src/browser/app/nsBrowserApp.cpp:300:16
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.