Open Bug 1589527 Opened 5 years ago Updated 2 years ago

null pointer passed as argument 2, which is declared to never be null in dist/include/mozilla/Printf.h:181

Categories

(Toolkit :: Startup and Profile System, defect, P3)

Product:
Toolkit
Component:
Startup and Profile System
Type:
defect

Tracking

()

Tracking Flags:
Tracking Status
firefox71 --- wontfix
firefox72 --- affected
firefox73 --- affected

People

(Reporter: tsmith, Unassigned)

References

(Blocks 2 open bugs)

Details

(Keywords: csectype-undefined)

This is triggered with an UBSan build. To enable this check add the following to your mozconfig:

ac_add_options --enable-address-sanitizer
ac_add_options --enable-undefined-sanitizer="nonnull-attribute"
ac_add_options --disable-jemalloc

This issue is triggered during browser startup.

/usr/include/string.h:43:28: note: nonnull attribute specified here
    #0 0x7fa26304f5f3 in mozilla::SprintfState<mozilla::MallocAllocPolicy>::append(char const*, unsigned long) objdir-ff-ubsan/dist/include/mozilla/Printf.h:181:7
    #1 0x56070c692052 in mozilla::PrintfTarget::fill2(char const*, int, int, int) mozglue/misc/Printf.cpp:92:8
    #2 0x56070c6948be in mozilla::PrintfTarget::vprint(char const*, __va_list_tag*) mozglue/misc/Printf.cpp:872:16
    #3 0x7fa26304f072 in mozilla::SprintfState<mozilla::MallocAllocPolicy>::vprint(char const*, __va_list_tag*) objdir-ff-ubsan/dist/include/mozilla/Printf.h:157:35
    #4 0x7fa26312d9c6 in mozilla::UniquePtr<char, mozilla::detail::AllocPolicyBasedFreePolicy<mozilla::MallocAllocPolicy> > mozilla::Smprintf<mozilla::MallocAllocPolicy>(char const*, ...) objdir-ff-ubsan/dist/include/mozilla/Printf.h:212:15
    #5 0x7fa26f9c5e88 in nsProfileLock::LockWithSymlink(nsIFile*, bool) toolkit/profile/nsProfileLock.cpp:306:7
    #6 0x7fa26f9c6f68 in nsProfileLock::Lock(nsIFile*, nsIProfileUnlocker**) toolkit/profile/nsProfileLock.cpp:489:10
    #7 0x7fa26f9c98b4 in nsToolkitProfileLock::Init(nsIFile*, nsIFile*, nsIProfileUnlocker**) toolkit/profile/nsToolkitProfileService.cpp:312:14
    #8 0x7fa26f9c7ad2 in NS_LockProfilePath(nsIFile*, nsIFile*, nsIProfileUnlocker**, nsIProfileLock**) toolkit/profile/nsToolkitProfileService.cpp:1639:23
    #9 0x7fa26f9ed75c in LockProfile(nsINativeAppSupport*, nsIFile*, nsIFile*, nsIToolkitProfile*, nsIProfileLock**) toolkit/xre/nsAppRunner.cpp:1936:12
    #10 0x7fa26f9ea8ac in XREMain::XRE_mainStartup(bool*) toolkit/xre/nsAppRunner.cpp:4060:8
    #11 0x7fa26f9f33e0 in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) toolkit/xre/nsAppRunner.cpp:4722:12
    #12 0x7fa26f9f4123 in XRE_main(int, char**, mozilla::BootstrapConfig const&) toolkit/xre/nsAppRunner.cpp:4816:21
    #13 0x56070c5bfcbc in do_main(int, char**, char**) browser/app/nsBrowserApp.cpp:218:22
    #14 0x56070c5bf39d in main browser/app/nsBrowserApp.cpp:300:16
status-firefox71: affectedwontfix
status-firefox72: --- → affected
status-firefox73: --- → affected
Component: String → Startup and Profile System
Product: Core → Toolkit

The priority flag is not set for this bug.
:mossop, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(dtownsend)
Flags: needinfo?(dtownsend)
Priority: -- → P3
Blocks: 1640253
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.