From 8c5b5de0d4fda16cfa1c8c4281601b61a9ca774d Mon Sep 17 00:00:00 2001 From: Vitaly Buka Date: Wed, 20 Dec 2023 23:58:01 -0800 Subject: [PATCH 1/4] =?UTF-8?q?[=F0=9D=98=80=F0=9D=97=BD=F0=9D=97=BF]=20ch?= =?UTF-8?q?anges=20to=20main=20this=20commit=20is=20based=20on?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Created using spr 1.3.4 [skip ci] --- compiler-rt/lib/hwasan/hwasan_report.cpp | 16 +++++++++++----- .../test/hwasan/TestCases/Linux/syscalls.cpp | 2 +- .../test/hwasan/TestCases/heap-buffer-overflow.c | 7 ++++--- 3 files changed, 16 insertions(+), 9 deletions(-) diff --git a/compiler-rt/lib/hwasan/hwasan_report.cpp b/compiler-rt/lib/hwasan/hwasan_report.cpp index 5e8aa315801bcd..71155c9814c186 100644 --- a/compiler-rt/lib/hwasan/hwasan_report.cpp +++ b/compiler-rt/lib/hwasan/hwasan_report.cpp @@ -233,7 +233,7 @@ static void PrintStackAllocations(const StackAllocationsRingBuffer *sa, if (obj_offset >= local.size) continue; if (!found_local) { - Printf("Potentially referenced stack objects:\n"); + Printf("\nPotentially referenced stack objects:\n"); found_local = true; } Printf(" %s in %s %s:%d\n", local.name, local.function_name, @@ -363,7 +363,7 @@ static void PrintTagsAroundAddr(uptr addr, GetTag get_tag, InternalScopedString s; addr = MemToShadow(addr); s.AppendF( - "Memory tags around the buggy address (one tag corresponds to %zd " + "\nMemory tags around the buggy address (one tag corresponds to %zd " "bytes):\n", kShadowAlignment); PrintTagInfoAroundAddr(addr, kShadowLines, s, @@ -648,19 +648,23 @@ void BaseReport::PrintHeapOrGlobalCandidate() const { if (candidate.heap.is_allocated) { uptr offset; const char *whence; + const char *cause; if (candidate.heap.begin <= untagged_addr && untagged_addr < candidate.heap.end) { offset = untagged_addr - candidate.heap.begin; whence = "inside"; + cause = "heap-use-after-free"; } else if (candidate.after) { offset = untagged_addr - candidate.heap.end; whence = "after"; + cause = "heap-buffer-overflow"; } else { offset = candidate.heap.begin - untagged_addr; whence = "before"; + cause = "heap-buffer-underflow"; } Printf("%s", d.Error()); - Printf("\nCause: heap-buffer-overflow\n"); + Printf("\nCause: %s\n", cause); Printf("%s", d.Default()); Printf("%s", d.Location()); Printf("%p is located %zd bytes %s a %zd-byte region [%p,%p)\n", @@ -803,8 +807,10 @@ void BaseReport::PrintAddressDescription() const { } // Print the remaining threads, as an extra information, 1 line per thread. - if (flags()->print_live_threads_info) + if (flags()->print_live_threads_info) { + Printf("\n"); hwasanThreadList().VisitAllLiveThreads([&](Thread *t) { t->Announce(); }); + } if (!num_descriptions_printed) // We exhausted our possibilities. Bail out. @@ -1020,7 +1026,7 @@ void ReportTagMismatch(StackTrace *stack, uptr tagged_addr, uptr access_size, // See the frame breakdown defined in __hwasan_tag_mismatch (from // hwasan_tag_mismatch_{aarch64,riscv64}.S). void ReportRegisters(const uptr *frame, uptr pc) { - Printf("Registers where the failure occurred (pc %p):\n", pc); + Printf("\nRegisters where the failure occurred (pc %p):\n", pc); // We explicitly print a single line (4 registers/line) each iteration to // reduce the amount of logcat error messages printed. Each Printf() will diff --git a/compiler-rt/test/hwasan/TestCases/Linux/syscalls.cpp b/compiler-rt/test/hwasan/TestCases/Linux/syscalls.cpp index 154b6989899352..eee43f458fac10 100644 --- a/compiler-rt/test/hwasan/TestCases/Linux/syscalls.cpp +++ b/compiler-rt/test/hwasan/TestCases/Linux/syscalls.cpp @@ -26,7 +26,7 @@ int main(int argc, char *argv[]) { __sanitizer_syscall_pre_recvmsg(0, buf - 1, 0); // CHECK: HWAddressSanitizer: tag-mismatch on address [[PTR:0x[a-f0-9]+]] - // CHECK: Cause: heap-buffer-overflow + // CHECK: Cause: heap-buffer-underflow // CHECK: [[PTR]] is located 1 bytes before a 1000-byte region free(buf); diff --git a/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow.c b/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow.c index 4e6638be584b0d..c1c7d458b9424f 100644 --- a/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow.c +++ b/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow.c @@ -29,7 +29,8 @@ int main(int argc, char **argv) { if (size == 1000000) { fprintf(stderr, "is a large allocated heap chunk; size: 1003520 offset: %d\n", offset); - fprintf(stderr, "Cause: heap-buffer-overflow\n"); + fprintf(stderr, "Cause: heap-buffer-%s\n", + offset == -30 ? "underflow" : "overflow"); fprintf(stderr, "is located %s a 1000000-byte region\n", offset == -30 ? "30 bytes before" : "0 bytes after"); return -1; @@ -44,11 +45,11 @@ int main(int argc, char **argv) { // CHECK80: Cause: heap-buffer-overflow // CHECK80: is located 50 bytes after a 30-byte region // -// CHECKm30: Cause: heap-buffer-overflow +// CHECKm30: Cause: heap-buffer-underflow // CHECKm30: is located 30 bytes before a 30-byte region // // CHECKMm30: is a large allocated heap chunk; size: 1003520 offset: -30 -// CHECKMm30: Cause: heap-buffer-overflow +// CHECKMm30: Cause: heap-buffer-underflow // CHECKMm30: is located 30 bytes before a 1000000-byte region // // CHECKM: is a large allocated heap chunk; size: 1003520 offset: 1000000 From bc767f1a922b284bab54f3440be2ee6738e56e29 Mon Sep 17 00:00:00 2001 From: Vitaly Buka Date: Thu, 21 Dec 2023 15:50:59 -0800 Subject: [PATCH 2/4] comment Created using spr 1.3.4 --- compiler-rt/lib/hwasan/hwasan_report.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/compiler-rt/lib/hwasan/hwasan_report.cpp b/compiler-rt/lib/hwasan/hwasan_report.cpp index 2d9188510ed994..e9dd919d414972 100644 --- a/compiler-rt/lib/hwasan/hwasan_report.cpp +++ b/compiler-rt/lib/hwasan/hwasan_report.cpp @@ -238,7 +238,7 @@ static void PrintStackAllocations(const StackAllocationsRingBuffer *sa, found_local = true; } StackTracePrinter::GetOrInit()->RenderSourceLocation( - &location, local.decl_file, local.decl_line, 0, + &location, local.decl_file, local.decl_line, /* column= */ 0, common_flags()->symbolize_vs_style, common_flags()->strip_path_prefix); Printf(" %s in %s %s\n", local.name, local.function_name, From 35bcf11b36558d8df4692046f49431cbb8be56ff Mon Sep 17 00:00:00 2001 From: Vitaly Buka Date: Thu, 21 Dec 2023 15:53:14 -0800 Subject: [PATCH 3/4] format Created using spr 1.3.4 --- compiler-rt/test/hwasan/TestCases/strip_path_prefix.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/compiler-rt/test/hwasan/TestCases/strip_path_prefix.c b/compiler-rt/test/hwasan/TestCases/strip_path_prefix.c index 39ee7f562f3570..5f1c7ab6633509 100644 --- a/compiler-rt/test/hwasan/TestCases/strip_path_prefix.c +++ b/compiler-rt/test/hwasan/TestCases/strip_path_prefix.c @@ -9,7 +9,7 @@ int t; -__attribute__((noinline)) char* buggy() { +__attribute__((noinline)) char *buggy() { char *volatile p; char zzz = {}; char yyy = {}; @@ -18,7 +18,7 @@ __attribute__((noinline)) char* buggy() { } int main() { - char* p = buggy(); + char *p = buggy(); return *p; // CHECK: READ of size 1 at // CHECK: #0 {{.*}} in main strip_path_prefix.c:[[@LINE-2]] From 69a41873240de821b01ccb0eb79c306ca5e73408 Mon Sep 17 00:00:00 2001 From: Vitaly Buka Date: Thu, 21 Dec 2023 16:02:39 -0800 Subject: [PATCH 4/4] Update strip_path_prefix.c --- compiler-rt/test/hwasan/TestCases/strip_path_prefix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/compiler-rt/test/hwasan/TestCases/strip_path_prefix.c b/compiler-rt/test/hwasan/TestCases/strip_path_prefix.c index 5f1c7ab6633509..5844749a6d9772 100644 --- a/compiler-rt/test/hwasan/TestCases/strip_path_prefix.c +++ b/compiler-rt/test/hwasan/TestCases/strip_path_prefix.c @@ -23,5 +23,5 @@ int main() { // CHECK: READ of size 1 at // CHECK: #0 {{.*}} in main strip_path_prefix.c:[[@LINE-2]] // CHECK: Potentially referenced stack objects: - // CHECK-NEXT: zzz in buggy strip_path_prefix.c:[[@LINE-12]] + // CHECK: zzz in buggy strip_path_prefix.c:[[@LINE-12]] }