Closed Bug 1614375 Opened 5 years ago Closed 5 years ago

ubsan pointer-overflow errors with clang 10

Tracking

(firefox78 fixed)

Status:

RESOLVED FIXED

Milestone:

mozilla78

Tracking Flags:

Tracking

Status

firefox78

---

fixed

People

(Reporter: away, Assigned: away)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

UBSan pointer-overflow suppressions for clang-10 5 years ago (Away) 47 bytes, text/x-phabricator-request		Details \| Review

(Away)

Assignee

Description

•

5 years ago

There are various instances of this error showing up in try pushes, but the most prevalent one (which makes pretty much every linux asan test orange) is:

xmlparse.c:1942:24: runtime error: applying zero offset to null pointer

https://searchfox.org/mozilla-central/rev/a1592902acabf9bded973067133baaac1457f3d3/parser/expat/lib/xmlparse.c#1942

(Away)

Assignee

Comment 1

•

5 years ago

The amount of pointer-overflow diagnostics has increased considerably in LLVM 10: https://github.com/llvm/llvm-project/commit/536b0ee40ab97f2878dc124a321cf9108ee3d233

(Away)

Assignee

Updated

•

5 years ago

Blocks: clang-10

Jeff Walden [:Waldo]

Comment 2

•

5 years ago

Slightly tangentially, the error mentioned in comment 0 is specified to be UB in some versions of C++, but C++17 specifically relaxed things in this regard: "If the value 0 is added to or subtracted from a null pointer value, the result is a null pointer value." C++17 [expr.add]p7.

But xmlparse.c is obviously not C++, and neither C11 nor C18 seem to include the language C++17 has to make clear that adding zero to a null pointer results in a null pointer.

(Away)

Assignee

Comment 3

•

5 years ago

Yeah, the commit message from clang says:

To make things more fun, in C (6.5.6p8), applying *any* offset to null pointer
is undefined, although Clang front-end pessimizes the code by not lowering
that info, so this UB is "harmless".

(Away)

Assignee

Comment 4

•

5 years ago

Attached file UBSan pointer-overflow suppressions for clang-10 — Details

Phabricator Automation

Updated

•

5 years ago

Assignee: nobody → dmajor

Status: NEW → ASSIGNED

Pulsebot

Comment 5

•

5 years ago

Pushed by dmajor@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/aa44cf2c1455 UBSan pointer-overflow suppressions for clang-10 r=tsmith

Cosmin Sabou [:CosminS]

Comment 6

•

5 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/aa44cf2c1455

Status: ASSIGNED → RESOLVED

Closed: 5 years ago

status-firefox78: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla78

Pulsebot

Comment 7

•

5 years ago

Pushed by dmajor@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/8311d3bf80c0 bustage fix, add a couple more suppressions for straggler failures

Andreea Pavel [:apavel]

Comment 8

•

5 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/8311d3bf80c0

You need to log in before you can comment on or make changes to this bug.

Bugzilla

ubsan pointer-overflow errors with clang 10

Categories

(Firefox Build System :: General, defect)

Tracking

(firefox78 fixed)

People

(Reporter: away, Assigned: away)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Updated

Comment 2

Comment 3

Comment 4

Updated

Comment 5

Comment 6

Comment 7

Comment 8

Attachment

General

Description

File Name

Content Type