summaryrefslogtreecommitdiffstats
path: root/build/sanitizers
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--build/sanitizers/asan_blacklist_win.txt28
-rw-r--r--build/sanitizers/ubsan_enum_blacklist.txt17
-rw-r--r--build/sanitizers/ubsan_function_blacklist.txt9
-rw-r--r--build/sanitizers/ubsan_object_size_blacklist.txt7
-rw-r--r--build/sanitizers/ubsan_pointer_overflow_blacklist.txt30
-rw-r--r--build/sanitizers/ubsan_signed_overflow_blacklist.txt257
-rw-r--r--build/sanitizers/ubsan_unsigned_overflow_blacklist.txt264
7 files changed, 612 insertions, 0 deletions
diff --git a/build/sanitizers/asan_blacklist_win.txt b/build/sanitizers/asan_blacklist_win.txt
new file mode 100644
index 0000000000..3bc19ba437
--- /dev/null
+++ b/build/sanitizers/asan_blacklist_win.txt
@@ -0,0 +1,28 @@
+# This is originally copied from Chromium tools/memory/asan/blacklist_win.txt.
+# The rules in this file are only applied at compile time. If you can modify the
+# source in question, consider function attributes to disable instrumentation.
+
+# Bug 1200740 - ASan crash due to child process function interceptions
+# Sandbox executes some of its code before the ASan RTL gets initialized and
+# maps shadow memory. As a result, instrumented code tries to access unavailable
+# shadow memory and faults.
+fun:*TargetNtSetInformationThread*
+fun:*TargetNtOpenThreadToken*
+fun:*TargetNtOpenThreadTokenEx*
+fun:*TargetNtMapViewOfSection*
+fun:*AutoProtectMemory*sandbox*
+fun:*EatResolverThunk*sandbox*
+fun:*InterceptionAgent*sandbox*
+fun:*ResolverThunk*sandbox*
+fun:*Target*SandboxFactory*sandbox*
+fun:*ProcessState*sandbox*
+src:*pe_image.h
+src:*pe_image.cc
+src:*resolver_32.cc
+src:*resolver_64.cc
+src:*filesystem_interception.cc
+src:*process_thread_interception.cc
+src:*registry_interception.cc
+src:*sandbox_nt_util.cc
+src:*sync_interception.cc
+src:*interceptors_64.cc
diff --git a/build/sanitizers/ubsan_enum_blacklist.txt b/build/sanitizers/ubsan_enum_blacklist.txt
new file mode 100644
index 0000000000..1be9d23d4a
--- /dev/null
+++ b/build/sanitizers/ubsan_enum_blacklist.txt
@@ -0,0 +1,17 @@
+# All entries in this file are to suppress issues reported by enum.
+# Blacklists for other reasons should go in separate blacklist files.
+
+[enum]
+
+# bug 1404151
+src:*/lul/LulDwarfExt.h
+src:*/lul/LulDwarf.cpp
+
+# bug 1405142
+src:*/widget/gtk/*
+
+# bug 1619468
+src:*/security/manager/ssl/nsSiteSecurityService.cpp
+
+# bug 1619484
+src:*/media/webrtc/trunk/webrtc/modules/desktop_capture/desktop_and_cursor_composer.cc
diff --git a/build/sanitizers/ubsan_function_blacklist.txt b/build/sanitizers/ubsan_function_blacklist.txt
new file mode 100644
index 0000000000..58c8f33be4
--- /dev/null
+++ b/build/sanitizers/ubsan_function_blacklist.txt
@@ -0,0 +1,9 @@
+[function]
+# Disable function sanitizer for all C files (new feature in clang 17) until we
+# we can narrow this down. See bug 1841935.
+src:*.c
+
+# RLBox allows automatic handling of differing machine models between the appplication and sandbox.
+# To do this, RLBox carefully changes the types of function pointers to the sandbox with ones suitable for the applicaton.
+# Unfortunately, this triggers the ubsan's check for calling functions with incorrect types. So disabling this.
+fun:*impl_invoke_with_func_ptr*
diff --git a/build/sanitizers/ubsan_object_size_blacklist.txt b/build/sanitizers/ubsan_object_size_blacklist.txt
new file mode 100644
index 0000000000..e61b4eb1ec
--- /dev/null
+++ b/build/sanitizers/ubsan_object_size_blacklist.txt
@@ -0,0 +1,7 @@
+# All entries in this file are to suppress issues reported by object-size.
+# Blacklists for other reasons should go in separate blacklist files.
+
+[object-size]
+
+# bug 1577584
+src:*/gfx/harfbuzz/src/*
diff --git a/build/sanitizers/ubsan_pointer_overflow_blacklist.txt b/build/sanitizers/ubsan_pointer_overflow_blacklist.txt
new file mode 100644
index 0000000000..43b07ddae9
--- /dev/null
+++ b/build/sanitizers/ubsan_pointer_overflow_blacklist.txt
@@ -0,0 +1,30 @@
+# All entries in this file are to suppress issues reported by pointer-overflow.
+# Blacklists for other reasons should go in separate blacklist files.
+
+[pointer-overflow]
+
+# cppunittest
+src:*/mfbt/tests/TestArrayUtils.cpp
+# gtest ImageDecodeToSurface.WebP
+src:*/media/libwebp/src/dec/idec_dec.c
+# gtest ImageDecoders.WebPLargeMultiChunk
+src:*/media/libwebp/src/utils/bit_reader_utils.c
+# gtest MediaDataDecoder.VP9
+src:*/media/ffvpx/libavcodec/avpacket.c
+src:*/media/ffvpx/libavutil/imgutils.c
+# gtest VP8VideoTrackEncoder.FrameEncode
+src:*/media/libvpx/libvpx/vp8/encoder/encodeframe.c
+# gtest ImageDecoders.AVIFSingleChunk
+src:*/third_party/aom/av1/common/quant_common.c
+# crashtest
+src:*/parser/expat/lib/xmlparse.c
+src:*/mfbt/lz4/lz4.c
+src:*/media/libogg/src/ogg_framing.c
+# mochitest gl2c dom/canvas/test/webgl-conf/generated/test_2_conformance2__reading__read-pixels-pack-parameters.html
+src:*/dom/canvas/WebGLContextGL.cpp
+# reftest J1
+src:*/js/src/builtin/TypedObject.cpp
+# jittest Jit6
+src:*/js/src/jit/x86-shared/Assembler-x86-shared.h
+# https://gitlab.freedesktop.org/mesa/mesa/-/issues/4477
+fun:remove_line_continuations
diff --git a/build/sanitizers/ubsan_signed_overflow_blacklist.txt b/build/sanitizers/ubsan_signed_overflow_blacklist.txt
new file mode 100644
index 0000000000..694eaa4737
--- /dev/null
+++ b/build/sanitizers/ubsan_signed_overflow_blacklist.txt
@@ -0,0 +1,257 @@
+# This file contains an extensive compile-time blacklist for silencing highly
+# frequent signed integer overflows in our codebase, found by the use of
+# -fsanitize=signed-integer-overflow. C/C++ say signed integer overflow is
+# undefined behavior, so instances of this need to be fixed. But not all code
+# has been properly written to not overflow, and overflow-checking can have
+# significant compile time and runtime costs, so we will sometimes disable
+# signed overflow checking.
+#
+# The rules in this file are applied at compile time; changes to this list
+# usually require a full rebuild to apply. If you can modify the source in
+# question to exempt specific functions using MOZ_NO_SANITIZE_SIGNED_OVERFLOW,
+# do that instead.
+#
+# The extensive number of entries below is for two reasons.
+#
+# First, compiler instrumentation for signed integer overflows has a cost, at
+# compile time and at runtime. In performance-critical code proven to have no
+# signed overflow, it makes sense to turn off overflow detection to avoid both
+# costs. (Indeed, -fsanitize=signed-integer-overflow is unusably slow without
+# this.)
+#
+# Second, many entries here are overly aggressive to get the build into a state
+# that allows any testing to happen at all. Some of the entries here are for
+# issues that are highly frequent in our test suites -- over 500 times per run.
+# Aggressive entries now let us start using this mode, without having to first
+# fix wide swaths of existing code.
+#
+# Entries should be removed 1) as issues are fixed; and 2) as blacklist entries
+# can be moved out of this centralized file, into source-level blacklist
+# attributes on individual functions.
+
+# All entries in this file are to suppress signed-integer-overflow problems.
+# Blacklists for other reasons should go in separate blacklist files.
+[signed-integer-overflow]
+
+# Overflows in the C++ std headers aren't necessarily bugs, because code inside
+# a language implementation can depend on compiler-specific behavior where C/C++
+# leave the behavior undefined.
+src:*bits/basic_string.h
+
+# Assume everything running through CheckedInt.h is ok. Signed overflows here
+# should generally have been guarded by safe overflow checks, so it's likely
+# safe to exempt it from overflow checking. (This should eventually be verified
+# and functions individually tagged safe so this entry can be removed.)
+src:*/CheckedInt.h
+
+# Exclude bignum
+src:*/mfbt/double-conversion/source/bignum.cc
+
+# Exclude anything within gtests
+src:*/gtest/*
+
+# Atomics can overflow, but without a full stack we can't trace these back
+# to what is actually causing the overflow. Ignoring these for now, as it will
+# be too much effort to determine every single source here.
+src:*/mfbt/Atomics.h
+
+# No reason to instrument certain parts of NSS that explicitely deal with
+# arithmetics and crypto.
+src:*/security/nss/lib/freebl/mpi/*
+src:*/security/nss/lib/freebl/ecl/*
+
+# nsTArray_base<Alloc, Copy>::ShiftData performs overflows
+fun:*nsTArray_base*ShiftData*
+
+### Frequent 0 - 1 overflows
+#
+# We have several code patterns in our codebase that cause these overflows,
+# but they are typically all harmless and could be filtered easily at runtime.
+# However, some of them are so frequent that suppressing them at compile-time
+# makes sense to increase runtime performance.
+#
+src:*/netwerk/base/nsSocketTransportService2.cpp
+src:*/nsCharTraits.h
+# Code in xpcom/base/CycleCollectedJSContext.cpp
+fun:*CycleCollectedJSContext*ProcessMetastableStateQueue*
+# Code in layout/painting/nsDisplayList.cpp
+fun:*nsDisplayOpacity*ShouldFlattenAway*
+# Code in modules/libpref/Preferences.cpp
+fun:*pref_InitInitialObjects*
+# Code in netwerk/base/nsIOService.cpp
+fun:*nsIOService*GetCachedProtocolHandler*
+# Code in layout/xul/nsXULPopupManager.cpp
+fun:*nsXULPopupManager*AdjustPopupsOnWindowChange*
+# Code in dom/base/nsDocument.cpp
+fun:*1nsDocument@@*
+# Code in gfx/layers/ipc/CompositorBridgeChild.cpp
+fun:*CompositorBridgeChild*Destroy*
+# Code in gfx/layers/ipc/ImageBridgeChild.cpp
+fun:*ImageBridgeChild*ShutdownStep1*
+# Code in dom/base/nsGlobalWindow.cpp
+fun:*nsGlobalWindow*ClearControllers*
+# Code in layout/style/AnimationCollection.cpp
+fun:*AnimationCollection*PropertyDtor*
+# Code in layout/style/nsStyleSet.cpp
+fun:*nsStyleSet*AddImportantRules*
+fun:*nsStyleSet*CounterStyleRuleForName*
+
+
+### Misc overflows
+
+# Hot function in protobuf producing overflows
+fun:*CodedInputStream*ReadTagWithCutoff*
+
+
+# SQLite3 is full of overflows :/
+src:*/third_party/sqlite3/src/sqlite3.c
+
+# zlib has some overflows, we can't deal with them right now
+src:*/modules/zlib/src/*
+
+# Our LZ4 implementation uses overflows. By listing it here we might
+# miss some unintended overflows in that implementation, but we can't
+# check for it right now.
+src:*/mfbt/lz4.c
+
+# Apparently this overflows a lot, because it contains some allocators
+# that keep overflowing, not sure why. Disabling by function didn't seem
+# to work here for operator new.
+src:*/xpcom/ds/nsArrayEnumerator.cpp
+
+# Memory usage reporting code in gfx/thebes/gfxASurface.cpp
+# We probably don't care about the frequent overflows there.
+fun:*SurfaceMemoryReporter*AdjustUsedMemory*
+
+# Frequent overflower in gfx/thebes/gfxFontEntry.cpp
+fun:*WeightDistance*
+
+# Another frequent overflower
+fun:*nsTObserverArray_base*AdjustIterators*
+
+# Overflows in Skia
+fun:*SkPathRef*makeSpace*
+fun:*SkPathRef*resetToSize*
+
+# Expat Parser has some overflows
+fun:*nsExpatDriver*ConsumeToken*
+
+# Frequent overflowers in harfbuzz
+fun:*hb_in_range*
+fun:*OT*collect_glyphs*
+
+# These look like harmless layouting-related overflows
+src:*/gfx/cairo/libpixman/src/pixman-region.c
+
+# Code in ipc/chromium/src/base/file_path.cc where a function returns -1
+# being cast to unsigned and then overflowed.
+fun:*FilePath*Append*
+fun:*FilePath*StripTrailingSeparatorsInternal*
+
+# Code in dom/base/nsJSEnvironment.cpp
+fun:*FireForgetSkippable*
+
+# Code in gfx/thebes/gfxSkipChars.h
+fun:*gfxSkipCharsIterator*AdvanceSkipped*
+
+# Code in gfx/thebes/gfxScriptItemizer.cpp
+fun:*gfxScriptItemizer*fixup*
+fun:*gfxScriptItemizer*push*
+
+# Code in dom/base/nsDocument.cpp
+fun:*nsDocument*BlockOnload*
+
+# Code in layout/base/nsCSSFrameConstructor.cpp
+fun:*nsCSSFrameConstructor*FrameConstructionItemList*AdjustCountsForItem*
+
+# Code in nsprpub/lib/ds/plarena.c doing ptrdiffs
+fun:*PL_ArenaRelease*
+
+# This file contains a bunch of arithmetic operations on timestamps that
+# apparently are allowed to overflow.
+src:*/src/widget/SystemTimeConverter.h
+
+# Code in dom/media/flac/FlacDemuxer.cpp purposely uses overflowing arithmetics
+fun:*Frame*FindNext*
+
+# Code in netwerk/base/nsStandardURL.cpp,
+# these methods return signed but the subtraction is first performed unsigned
+fun:*nsStandardURL*ReplaceSegment*
+
+# Code in netwerk/protocol/http/nsHttpChannel.cpp
+# same as previous with the previous entry.
+fun:*nsHttpChannel*ReportNetVSCacheTelemetry*
+
+# Code in layout/tables/nsCellMap.cpp
+# again subtraction then cast to signed.
+fun:*nsTableCellMap*GetColInfoAt*
+
+# Code in layout/generic/nsTextFrame.cpp
+# again subtraction then cast to signed.
+fun:*nsTextFrame*CharacterDataChanged*
+
+# Not sure what is going on in this file, but it doesn't look
+# related to what we are looking for.
+src:*/xpcom/base/CountingAllocatorBase.h
+
+# Code in dom/base/nsDOMNavigationTiming.cpp
+# Timestamp related, probably expecting the overflow
+fun:*nsDOMNavigationTiming*TimeStampToDOM*
+
+# Several unsigned arithmetic operations with -1
+src:*/hal/HalWakeLock.cpp
+
+# Code in layout/generic/nsGfxScrollFrame.cpp that produces
+# somewhat frequent signed integer overflows. Probably harmless
+# because it's layout code.
+fun:*ClampAndAlignWithPixels*
+
+# Likely benign overflow in mozglue/misc/TimeStamp_posix.cpp
+fun:*ClockResolutionNs*
+
+# This header has all sorts of operators that do post-operation
+# overflow and underflow checking, triggering frequent reports
+src:*/mozglue/misc/TimeStamp.h
+
+#
+# Various hashing functions, both regular and cryptographic ones
+#
+src:*/dom/canvas/MurmurHash3.cpp
+src:*/gfx/skia/skia/include/private/SkChecksum.h
+src:*/intl/icu/source/common/unifiedcache.h
+src:*/mfbt/SHA1.cpp
+src:*/modules/zlib/src/adler32.c
+src:*/netwerk/cache2/CacheHashUtils.cpp
+src:*/netwerk/sctp/src/netinet/sctp_sha1.c
+src:*/netwerk/srtp/src/crypto/hash/sha1.c
+src:*/netwerk/sctp/src/netinet/sctp_sha1.c
+src:*/nsprpub/lib/ds/plhash.c
+src:*/security/manager/ssl/md4.c
+src:*/security/nss/lib/dbm/src/h_func.c
+src:*/security/nss/lib/freebl/sha512.c
+src:*/security/nss/lib/freebl/md5.c
+src:*/xpcom/ds/PLDHashTable.cpp
+
+# Hash/Cache function in Skia
+fun:*GradientShaderCache*Build32bitCache*
+
+# Hashing functions in Cairo
+fun:*_hash_matrix_fnv*
+fun:*_hash_mix_bits*
+fun:*_cairo_hash_string*
+fun:*_cairo_hash_bytes*
+
+# intl code hashing functions
+fun:*ustr_hash*CharsN*
+fun:*hashEntry*
+
+# harfbuzz hash/digest functions
+fun:*hb_set_digest_lowest_bits_t*
+
+# Hash function in gfx
+fun:*gfxFontStyle*Hash*
+
+# expat uses a CHAR_HASH macro in several places that causes
+# a high amount of overflows. We should try finding a better
+# way to disable this rather than blacklisting the whole thing.
+src:*/parser/expat/*
diff --git a/build/sanitizers/ubsan_unsigned_overflow_blacklist.txt b/build/sanitizers/ubsan_unsigned_overflow_blacklist.txt
new file mode 100644
index 0000000000..46bb4f6f12
--- /dev/null
+++ b/build/sanitizers/ubsan_unsigned_overflow_blacklist.txt
@@ -0,0 +1,264 @@
+# This file contains an extensive compile-time blacklist for silencing highly
+# frequent *un*signed integer overflows in our codebase, found by the use of
+# -fsanitize=unsigned-integer-overflow. Such overflows are not necessarily
+# bugs -- unsigned integer overflow has well-defined semantics in C/C++. But
+# overflow may still be *unexpected* and incorrectly handled, so we try to
+# annotate those places where unsigned overflow is correct and desired.
+#
+# The rules in this file are applied at compile time; changes to this list
+# usually require a full rebuild to apply. If you can modify the source in
+# question to exempt specific functions using MOZ_NO_SANITIZE_UNSIGNED_OVERFLOW,
+# do that instead.
+#
+# The extensive number of entries below is for two reasons.
+#
+# First, compiler instrumentation for unsigned integer overflows has a cost, at
+# compile time and at runtime. In places where code expects and depends upon
+# overflow behavior -- and especially in performance-critical code -- it makes
+# sense to turn off overflow detection to avoid both costs. (Indeed,
+# -fsanitize=signed-integer-overflow is unusably slow without this.)
+#
+# Second, many entries here are overly aggressive to get the build into a state
+# that allows any testing to happen at all. Some of the entries here are for
+# issues that are highly frequent in our test suites -- over 500 times per run.
+# Aggressive entries now let us start using this mode, without having to first
+# fix wide swaths of existing code.
+#
+# Entries should be removed 1) as issues are fixed; and 2) as blacklist entries
+# can be moved out of this centralized file, into source-level blacklist
+# attributes on individual functions.
+
+# All entries in this file are to suppress unsigned-integer-overflow problems.
+# Blacklists for other reasons should go in separate blacklist files.
+[unsigned-integer-overflow]
+
+# Overflows in the C++ std headers aren't necessarily bugs, because code inside
+# a language implementation can depend on compiler-specific behavior where C/C++
+# leave the behavior undefined.
+src:*bits/basic_string.h
+
+# Assume everything running through CheckedInt.h is ok. The CheckedInt class
+# casts signed integers to unsigned first and then does a post-overflow
+# check causing lots of unsigned integer overflow messages.
+src:*/CheckedInt.h
+
+# Exclude bignum
+src:*/mfbt/double-conversion/source/bignum.cc
+
+# Exclude anything within gtests
+src:*/gtest/*
+
+# The JS engine has a lot of code doing all sorts of overflows. This code
+# is pretty well tested though and excluding it here will allow us to go
+# for other, less tested code. Ideally, we would include the JS engine here
+# at some point.
+src:*/js/src/*
+src:*/js/public/*
+src:*/js/*.h
+src:*/jsfriendapi.h
+
+# Atomics can overflow, but without a full stack we can't trace these back
+# to what is actually causing the overflow. Ignoring these for now, as it will
+# be too much effort to determine every single source here.
+src:*/mfbt/Atomics.h
+
+# No reason to instrument certain parts of NSS that explicitely deal with
+# arithmetics and crypto.
+src:*/security/nss/lib/freebl/mpi/*
+src:*/security/nss/lib/freebl/ecl/*
+
+# nsTArray_base<Alloc, Copy>::ShiftData performs overflows
+fun:*nsTArray_base*ShiftData*
+
+### Frequent 0 - 1 overflows
+#
+# We have several code patterns in our codebase that cause these overflows,
+# but they are typically all harmless and could be filtered easily at runtime.
+# However, some of them are so frequent that suppressing them at compile-time
+# makes sense to increase runtime performance.
+#
+src:*/netwerk/base/nsSocketTransportService2.cpp
+src:*/nsCharTraits.h
+# Code in xpcom/base/CycleCollectedJSContext.cpp
+fun:*CycleCollectedJSContext*ProcessMetastableStateQueue*
+# Code in layout/painting/nsDisplayList.cpp
+fun:*nsDisplayOpacity*ShouldFlattenAway*
+# Code in modules/libpref/Preferences.cpp
+fun:*pref_InitInitialObjects*
+# Code in netwerk/base/nsIOService.cpp
+fun:*nsIOService*GetCachedProtocolHandler*
+# Code in layout/xul/nsXULPopupManager.cpp
+fun:*nsXULPopupManager*AdjustPopupsOnWindowChange*
+# Code in dom/base/nsDocument.cpp
+fun:*1nsDocument@@*
+# Code in gfx/layers/ipc/CompositorBridgeChild.cpp
+fun:*CompositorBridgeChild*Destroy*
+# Code in gfx/layers/ipc/ImageBridgeChild.cpp
+fun:*ImageBridgeChild*ShutdownStep1*
+# Code in dom/base/nsGlobalWindow.cpp
+fun:*nsGlobalWindow*ClearControllers*
+# Code in layout/style/AnimationCollection.cpp
+fun:*AnimationCollection*PropertyDtor*
+# Code in layout/style/nsStyleSet.cpp
+fun:*nsStyleSet*AddImportantRules*
+fun:*nsStyleSet*CounterStyleRuleForName*
+
+
+### Misc overflows
+
+# Hot function in protobuf producing overflows
+fun:*CodedInputStream*ReadTagWithCutoff*
+
+
+# SQLite3 is full of overflows :/
+src:*/third_party/sqlite3/src/sqlite3.c
+
+# zlib has some overflows, we can't deal with them right now
+src:*/modules/zlib/src/*
+
+# Our LZ4 implementation uses overflows. By listing it here we might
+# miss some unintended overflows in that implementation, but we can't
+# check for it right now.
+src:*/mfbt/lz4/*
+
+# Apparently this overflows a lot, because it contains some allocators
+# that keep overflowing, not sure why. Disabling by function didn't seem
+# to work here for operator new.
+src:*/xpcom/ds/nsArrayEnumerator.cpp
+
+# Memory usage reporting code in gfx/thebes/gfxASurface.cpp
+# We probably don't care about the frequent overflows there.
+fun:*SurfaceMemoryReporter*AdjustUsedMemory*
+
+# Frequent overflower in gfx/thebes/gfxFontEntry.cpp
+fun:*WeightDistance*
+
+# Another frequent overflower
+fun:*nsTObserverArray_base*AdjustIterators*
+
+# Overflows in Skia
+fun:*SkPathRef*makeSpace*
+fun:*SkPathRef*resetToSize*
+
+# Expat Parser has some overflows
+fun:*nsExpatDriver*ConsumeToken*
+
+# Frequent overflowers in harfbuzz
+fun:*hb_in_range*
+fun:*OT*collect_glyphs*
+
+# These look like harmless layouting-related overflows
+src:*/gfx/cairo/libpixman/src/pixman-region.c
+
+# Code in ipc/chromium/src/base/file_path.cc where a function returns -1
+# being cast to unsigned and then overflowed.
+fun:*FilePath*Append*
+fun:*FilePath*StripTrailingSeparatorsInternal*
+
+# Code in dom/base/nsJSEnvironment.cpp
+fun:*FireForgetSkippable*
+
+# Code in gfx/thebes/gfxSkipChars.h
+fun:*gfxSkipCharsIterator*AdvanceSkipped*
+
+# Code in gfx/thebes/gfxScriptItemizer.cpp
+fun:*gfxScriptItemizer*fixup*
+fun:*gfxScriptItemizer*push*
+
+# Code in dom/base/nsDocument.cpp
+fun:*nsDocument*BlockOnload*
+
+# Code in layout/base/nsCSSFrameConstructor.cpp
+fun:*nsCSSFrameConstructor*FrameConstructionItemList*AdjustCountsForItem*
+
+# Code in nsprpub/lib/ds/plarena.c doing ptrdiffs
+fun:*PL_ArenaRelease*
+
+# This file contains a bunch of arithmetic operations on timestamps that
+# apparently are allowed to overflow.
+src:*/src/widget/SystemTimeConverter.h
+
+# Code in dom/media/flac/FlacDemuxer.cpp purposely uses overflowing arithmetics
+fun:*Frame*FindNext*
+
+# Code in netwerk/base/nsStandardURL.cpp,
+# these methods return signed but the subtraction is first performed unsigned
+fun:*nsStandardURL*ReplaceSegment*
+
+# Code in netwerk/protocol/http/nsHttpChannel.cpp
+# same as previous with the previous entry.
+fun:*nsHttpChannel*ReportNetVSCacheTelemetry*
+
+# Code in layout/tables/nsCellMap.cpp
+# again subtraction then cast to signed.
+fun:*nsTableCellMap*GetColInfoAt*
+
+# Code in layout/generic/nsTextFrame.cpp
+# again subtraction then cast to signed.
+fun:*nsTextFrame*CharacterDataChanged*
+
+# Not sure what is going on in this file, but it doesn't look
+# related to what we are looking for.
+src:*/xpcom/base/CountingAllocatorBase.h
+
+# Code in dom/base/nsDOMNavigationTiming.cpp
+# Timestamp related, probably expecting the overflow
+fun:*nsDOMNavigationTiming*TimeStampToDOM*
+
+# Several unsigned arithmetic operations with -1
+src:*/hal/HalWakeLock.cpp
+
+# Code in layout/generic/nsGfxScrollFrame.cpp that produces
+# somewhat frequent signed integer overflows. Probably harmless
+# because it's layout code.
+fun:*ClampAndAlignWithPixels*
+
+# Likely benign overflow in mozglue/misc/TimeStamp_posix.cpp
+fun:*ClockResolutionNs*
+
+# This header has all sorts of operators that do post-operation
+# overflow and underflow checking, triggering frequent reports
+src:*/mozglue/misc/TimeStamp.h
+
+#
+# Various hashing functions, both regular and cryptographic ones
+#
+src:*/dom/canvas/MurmurHash3.cpp
+src:*/gfx/skia/skia/include/private/SkChecksum.h
+src:*/intl/icu/source/common/unifiedcache.h
+src:*/mfbt/SHA1.cpp
+src:*/modules/zlib/src/adler32.c
+src:*/netwerk/cache2/CacheHashUtils.cpp
+src:*/netwerk/sctp/src/netinet/sctp_sha1.c
+src:*/netwerk/srtp/src/crypto/hash/sha1.c
+src:*/netwerk/sctp/src/netinet/sctp_sha1.c
+src:*/nsprpub/lib/ds/plhash.c
+src:*/security/manager/ssl/md4.c
+src:*/security/nss/lib/dbm/src/h_func.c
+src:*/security/nss/lib/freebl/sha512.c
+src:*/security/nss/lib/freebl/md5.c
+src:*/xpcom/ds/PLDHashTable.cpp
+
+# Hash/Cache function in Skia
+fun:*GradientShaderCache*Build32bitCache*
+
+# Hashing functions in Cairo
+fun:*_hash_matrix_fnv*
+fun:*_hash_mix_bits*
+fun:*_cairo_hash_string*
+fun:*_cairo_hash_bytes*
+
+# intl code hashing functions
+fun:*ustr_hash*CharsN*
+fun:*hashEntry*
+
+# harfbuzz hash/digest functions
+fun:*hb_set_digest_lowest_bits_t*
+
+# Hash function in gfx
+fun:*gfxFontStyle*Hash*
+
+# expat uses a CHAR_HASH macro in several places that causes
+# a high amount of overflows. We should try finding a better
+# way to disable this rather than blacklisting the whole thing.
+src:*/parser/expat/*