llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT--> @llvm/pr-subscribers-compiler-rt-sanitizer Author: Vitaly Buka (vitalybuka) <details> <summary>Changes</summary> --- Full diff: https://github.com/llvm/llvm-project/pull/76131.diff 3 Files Affected: - (modified) compiler-rt/lib/hwasan/hwasan_report.cpp (+5-1) - (modified) compiler-rt/test/hwasan/TestCases/Linux/syscalls.cpp (+1-1) - (modified) compiler-rt/test/hwasan/TestCases/heap-buffer-overflow.c (+4-3) ``````````diff diff --git a/compiler-rt/lib/hwasan/hwasan_report.cpp b/compiler-rt/lib/hwasan/hwasan_report.cpp index bbe89112e4dbe1..71155c9814c186 100644 --- a/compiler-rt/lib/hwasan/hwasan_report.cpp +++ b/compiler-rt/lib/hwasan/hwasan_report.cpp @@ -648,19 +648,23 @@ void BaseReport::PrintHeapOrGlobalCandidate() const { if (candidate.heap.is_allocated) { uptr offset; const char *whence; + const char *cause; if (candidate.heap.begin <= untagged_addr && untagged_addr < candidate.heap.end) { offset = untagged_addr - candidate.heap.begin; whence = "inside"; + cause = "heap-use-after-free"; } else if (candidate.after) { offset = untagged_addr - candidate.heap.end; whence = "after"; + cause = "heap-buffer-overflow"; } else { offset = candidate.heap.begin - untagged_addr; whence = "before"; + cause = "heap-buffer-underflow"; } Printf("%s", d.Error()); - Printf("\nCause: heap-buffer-overflow\n"); + Printf("\nCause: %s\n", cause); Printf("%s", d.Default()); Printf("%s", d.Location()); Printf("%p is located %zd bytes %s a %zd-byte region [%p,%p)\n", diff --git a/compiler-rt/test/hwasan/TestCases/Linux/syscalls.cpp b/compiler-rt/test/hwasan/TestCases/Linux/syscalls.cpp index 154b6989899352..eee43f458fac10 100644 --- a/compiler-rt/test/hwasan/TestCases/Linux/syscalls.cpp +++ b/compiler-rt/test/hwasan/TestCases/Linux/syscalls.cpp @@ -26,7 +26,7 @@ int main(int argc, char *argv[]) { __sanitizer_syscall_pre_recvmsg(0, buf - 1, 0); // CHECK: HWAddressSanitizer: tag-mismatch on address [[PTR:0x[a-f0-9]+]] - // CHECK: Cause: heap-buffer-overflow + // CHECK: Cause: heap-buffer-underflow // CHECK: [[PTR]] is located 1 bytes before a 1000-byte region free(buf); diff --git a/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow.c b/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow.c index 4e6638be584b0d..c1c7d458b9424f 100644 --- a/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow.c +++ b/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow.c @@ -29,7 +29,8 @@ int main(int argc, char **argv) { if (size == 1000000) { fprintf(stderr, "is a large allocated heap chunk; size: 1003520 offset: %d\n", offset); - fprintf(stderr, "Cause: heap-buffer-overflow\n"); + fprintf(stderr, "Cause: heap-buffer-%s\n", + offset == -30 ? "underflow" : "overflow"); fprintf(stderr, "is located %s a 1000000-byte region\n", offset == -30 ? "30 bytes before" : "0 bytes after"); return -1; @@ -44,11 +45,11 @@ int main(int argc, char **argv) { // CHECK80: Cause: heap-buffer-overflow // CHECK80: is located 50 bytes after a 30-byte region // -// CHECKm30: Cause: heap-buffer-overflow +// CHECKm30: Cause: heap-buffer-underflow // CHECKm30: is located 30 bytes before a 30-byte region // // CHECKMm30: is a large allocated heap chunk; size: 1003520 offset: -30 -// CHECKMm30: Cause: heap-buffer-overflow +// CHECKMm30: Cause: heap-buffer-underflow // CHECKMm30: is located 30 bytes before a 1000000-byte region // // CHECKM: is a large allocated heap chunk; size: 1003520 offset: 1000000 `````````` </details> https://github.com/llvm/llvm-project/pull/76131 _______________________________________________ llvm-branch-commits mailing list llvm-branch-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-branch-commits
