search

google / sanitizers

AddressSanitizer, ThreadSanitizer, MemorySanitizer
Other
11.41k stars 1.03k forks source link

ubsan: False positive in function check on macOS #1750

Closed jschwartzentruber closed 5 months ago

jschwartzentruber commented 5 months ago

function check is failing with incorrect function type even though the reported function type is expected. For example:

/Users/truber/src/m/u/intl/icu/source/common/umutex.h:171:9: runtime error: call to function icu_73::initData(UErrorCode&) through pointer to incorrect function type 'void (*)(UErrorCode &)'
uinit.cpp:38: note: icu_73::initData(UErrorCode&) defined here
    #0 0x2f613e6e4 in icu_73::umtx_initOnce(icu_73::UInitOnce&, void (*)(UErrorCode&), UErrorCode&) umutex.h:171
    #1 0x2f62ba970 in u_init_73 uinit.cpp:72
    #2 0x2f58c3890 in mozilla::intl::ICU4CLibrary::Initialize() ICU4CLibrary.cpp:23
    #3 0x3134c2ee4 in JS::detail::InitWithFailureDiagnostic(bool, JS::detail::FrontendOnly) Initialization.cpp:190
    #4 0x2f547d0e0 in JS_InitWithFailureDiagnostic() Initialization.h:85
    #5 0x2f545f64c in InitializeJS() XPCOMInit.cpp:235
    #6 0x2f545e7cc in NS_InitXPCOM XPCOMInit.cpp:434
    #7 0x3129b397c in (anonymous namespace)::ScopedXPCOM::ScopedXPCOM(char const*, nsIDirectoryServiceProvider*) FuzzerTestHarness.h:70
    #8 0x3129b37f8 in (anonymous namespace)::ScopedXPCOM::ScopedXPCOM(char const*, nsIDirectoryServiceProvider*) FuzzerTestHarness.h:66
    #9 0x3129b3534 in mozilla::_InitFuzzer::InitXPCOM() FuzzerRunner.cpp:23
    #10 0x3129b3090 in mozilla::FuzzerRunner::Run(int*, char***) FuzzerRunner.cpp:45
    #11 0x31280e190 in XREMain::XRE_mainStartup(bool*) nsAppRunner.cpp:4684
    #12 0x31281eee0 in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) nsAppRunner.cpp:5940
    #13 0x31281f98c in XRE_main(int, char**, mozilla::BootstrapConfig const&) nsAppRunner.cpp:6009
    #14 0x312853ec4 in mozilla::BootstrapImpl::XRE_main(int, char**, mozilla::BootstrapConfig const&) Bootstrap.cpp:45
    #15 0x102422d3c in do_main(int, char**, char**) nsBrowserApp.cpp:227
    #16 0x102420fbc in main nsBrowserApp.cpp:445
    #17 0x1ac75fe4c  (<unknown module>)
    #18 0x3d177ffffffffffc  (<unknown module>)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /Users/truber/src/m/u/intl/icu/source/common/umutex.h:171:9 in

Firefox bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1874251

glandium commented 5 months ago

This is actually not a sanitizer problem. See https://github.com/llvm/llvm-project/issues/90010.

jschwartzentruber commented 5 months ago

Thanks!