[tbb-bugs] #12418 [Applications/Tor Browser]: TBBs with UBSan create lots of errors when running

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jul 31 18:03:10 UTC 2017

#12418: TBBs with UBSan create lots of errors when running
 Reporter:  gk                          |          Owner:  tbb-team
     Type:  defect                      |         Status:  assigned
 Priority:  Medium                      |      Milestone:
Component:  Applications/Tor Browser    |        Version:
 Severity:  Normal                      |     Resolution:
 Keywords:  tbb-security, tbb-hardened  |  Actual Points:
Parent ID:                              |         Points:
 Reviewer:                              |        Sponsor:

Comment (by arthuredelstein):

 I started look into the ubsan errors by adding `-fsanitize-undefined` to a
 mozconfig in mozilla-central:

 I pushed to the try server to run all unit tests and talos tests on linux,
 linux64 (debug and optimized)

 Then I wrote scripts to download all logs files from this try server run,
 extract all "runtime errors" reported by ubsan in the logs, and then group
 the runtime errors by their location in the codebase.


 In total there were some 170,000 runtime errors reported in the logs,
 produced by 367 specific locations in the codebase. (Some locations caused
 thousands of 'runtime error' messages each.) I generated a summary table
 that shows these locations and a representative error message. Here it is
 in a Google doc spreadsheet:

 And here is the raw data:

 My next steps are to generate the same table for a clang
 -fsanitize=undefined build, and then start patching and/or whitelisting
 all functions in given category of ubsan error (such as integer overflow).
 If Mozilla can accept these patches, then I imagine we can turn on ubsan
 subflags in the mozilla-central debug builds and also turn them on by
 default in Tor Browser.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12418#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list