
<div style="font-family: arial, helvetica, sans-serif; font-size: 10pt">Thanks! <br><br><div class="gmail_quote">On Thu, Dec 13, 2012 at 2:52 AM, Sean Silva <span dir="ltr"><<a href="mailto:silvas@purdue.edu" target="_blank">silvas@purdue.edu</a>></span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Sorry for the delay in testing this. It fixed the issue for me. Now I<br>

get what I expected:<br>

<br>

sean:~/pg/streams % ./First.cpp First.o<br>

Opening 'First.o'<br>

ELF magic is valid<br>

ELF class is ELF64<br>

=================================================================<br>

==22653== ERROR: AddressSanitizer: stack-buffer-overflow on address<br>

0x7fffae4aa4df at pc 0x407110 bp 0x7fffae4aa2b0 sp 0x7fffae4aa280<br>

WRITE of size 1 at 0x7fffae4aa4df thread T0<br>

    #0 0x40710f (/home/sean/pg/streams/a.out+0x40710f)<br>

    #1 0x414997 (/home/sean/pg/streams/a.out+0x414997)<br>

    #2 0x7f61b790876c (/lib/x86_64-linux-gnu/<a href="http://libc-2.15.so" target="_blank">libc-2.15.so</a>+0x2176c)<br>

Address 0x7fffae4aa4df is located at offset 351 in frame <main> of T0's stack:<br>

  This frame has 7 object(s):<br>

    [32, 36) ''<br>

    [96, 100) ''<br>

    [160, 168) ''<br>

    [224, 228) 'fd'<br>

    [288, 304) 'e_ident'<br>

    [352, 356) 'bits'<br>

    [416, 480) 'hdr'<br>

HINT: this may be a false positive if your program uses some custom<br>

stack unwind mechanism or swapcontext<br>

      (longjmp and C++ exceptions *are* supported)<br>

Shadow byte and word:<br>

  0x1ffff5c9549b: f2<br>

  0x1ffff5c95498: f2 f2 f2 f2 04 f4 f4 f4<br>

More shadow bytes:<br>

  0x1ffff5c95478: f2 f2 f2 f2 04 f4 f4 f4<br>

  0x1ffff5c95480: f2 f2 f2 f2 00 f4 f4 f4<br>

  0x1ffff5c95488: f2 f2 f2 f2 04 f4 f4 f4<br>

  0x1ffff5c95490: f2 f2 f2 f2 00 00 f4 f4<br>

=>0x1ffff5c95498: f2 f2 f2 f2 04 f4 f4 f4<br>

  0x1ffff5c954a0: f2 f2 f2 f2 00 00 00 00<br>

  0x1ffff5c954a8: 00 00 00 00 f3 f3 f3 f3<br>

  0x1ffff5c954b0: 00 00 00 00 00 00 00 00<br>

  0x1ffff5c954b8: 00 00 00 00 00 00 00 00<br>

Stats: 0M malloced (0M for red zones) by 0 calls<br>

Stats: 0M realloced by 0 calls<br>

Stats: 0M freed by 0 calls<br>

Stats: 0M really freed by 0 calls<br>

Stats: 0M (0 full pages) mmaped in 0 calls<br>

  mmaps   by size class:<br>

  mallocs by size class:<br>

  frees   by size class:<br>

  rfrees  by size class:<br>

Stats: malloc large: 0 small slow: 0<br>

==22653== ABORTING<br>

<div class="HOEnZb"><div class="h5"><br>

On Wed, Dec 12, 2012 at 4:54 AM, Kostya Serebryany <<a href="mailto:kcc@google.com">kcc@google.com</a>> wrote:<br>

> Author: kcc<br>

> Date: Wed Dec 12 03:54:35 2012<br>

> New Revision: 169966<br>

><br>

> URL: <a href="http://llvm.org/viewvc/llvm-project?rev=169966&view=rev" target="_blank">http://llvm.org/viewvc/llvm-project?rev=169966&view=rev</a><br>

> Log:<br>

> [asan] add sanitizer_common/sanitizer_common_interceptors.h with pread/pread64/read interceptors. Use it in asan. Add asan tests for pread/etc. Add FIXME to tsan/msan interceptors<br>

><br>

> Added:<br>

>     compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.h<br>

> Modified:<br>

>     compiler-rt/trunk/lib/asan/asan_interceptors.cc<br>

>     compiler-rt/trunk/lib/asan/tests/asan_test.cc<br>

>     compiler-rt/trunk/lib/msan/msan_interceptors.cc<br>

>     compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc<br>

><br>

> Modified: compiler-rt/trunk/lib/asan/asan_interceptors.cc<br>

> URL: <a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_interceptors.cc?rev=169966&r1=169965&r2=169966&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_interceptors.cc?rev=169966&r1=169965&r2=169966&view=diff</a><br>


> ==============================================================================<br>

> --- compiler-rt/trunk/lib/asan/asan_interceptors.cc (original)<br>

> +++ compiler-rt/trunk/lib/asan/asan_interceptors.cc Wed Dec 12 03:54:35 2012<br>

> @@ -46,9 +46,9 @@<br>

>  // checking the first and the last byte of a range.<br>

>  #define ACCESS_MEMORY_RANGE(offset, size, isWrite) do { \<br>

>    if (size > 0) { \<br>

> -    uptr ptr = (uptr)(offset); \<br>

> -    ACCESS_ADDRESS(ptr, isWrite); \<br>

> -    ACCESS_ADDRESS(ptr + (size) - 1, isWrite); \<br>

> +    uptr _ptr = (uptr)(offset); \<br>

> +    ACCESS_ADDRESS(_ptr, isWrite); \<br>

> +    ACCESS_ADDRESS(_ptr + (size) - 1, isWrite); \<br>

>    } \<br>

>  } while (0)<br>

><br>

> @@ -98,6 +98,11 @@<br>

>  // ---------------------- Wrappers ---------------- {{{1<br>

>  using namespace __asan;  // NOLINT<br>

><br>

> +#define COMMON_INTERCEPTOR_WRITE_RANGE(ptr, size) ASAN_WRITE_RANGE(ptr, size)<br>

> +#define COMMON_INTERCEPTOR_READ_RANGE(ptr, size) ASAN_READ_RANGE(ptr, size)<br>

> +#define COMMON_INTERCEPTOR_ENTER(func, ...) ENSURE_ASAN_INITED()<br>

> +#include "sanitizer_common/sanitizer_common_interceptors.h"<br>

> +<br>

>  static thread_return_t THREAD_CALLING_CONV asan_thread_start(void *arg) {<br>

>    AsanThread *t = (AsanThread*)arg;<br>

>    asanThreadRegistry().SetCurrent(t);<br>

> @@ -667,6 +672,9 @@<br>

>  #if MAC_INTERPOSE_FUNCTIONS<br>

>    return;<br>

>  #endif<br>

> +<br>

> +  SANITIZER_COMMON_INTERCEPTORS_INIT;<br>

> +<br>

>    // Intercept mem* functions.<br>

>    ASAN_INTERCEPT_FUNC(memcmp);<br>

>    ASAN_INTERCEPT_FUNC(memmove);<br>

><br>

> Modified: compiler-rt/trunk/lib/asan/tests/asan_test.cc<br>

> URL: <a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/tests/asan_test.cc?rev=169966&r1=169965&r2=169966&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/tests/asan_test.cc?rev=169966&r1=169965&r2=169966&view=diff</a><br>


> ==============================================================================<br>

> --- compiler-rt/trunk/lib/asan/tests/asan_test.cc (original)<br>

> +++ compiler-rt/trunk/lib/asan/tests/asan_test.cc Wed Dec 12 03:54:35 2012<br>

> @@ -22,6 +22,9 @@<br>

><br>

>  #ifdef __linux__<br>

>  # include <sys/prctl.h><br>

> +# include <sys/types.h><br>

> +# include <sys/stat.h><br>

> +# include <fcntl.h><br>

>  #endif<br>

><br>

>  #if defined(__i386__) || defined(__x86_64__)<br>

> @@ -1563,6 +1566,45 @@<br>

>    CallMemTransferByPointer(&memmove);<br>

>  }<br>

><br>

> +#ifdef __linux__<br>

> +TEST(AddressSanitizer, pread) {<br>

> +  char *x = new char [10];<br>

> +  int fd = open("/proc/self/stat", O_RDONLY);<br>

> +  ASSERT_GT(fd, 0);<br>

> +  EXPECT_DEATH(pread(fd, x, 15, 0),<br>

> +               ASAN_PCRE_DOTALL<br>

> +               "AddressSanitizer: heap-buffer-overflow"<br>

> +               ".* is located 4 bytes to the right of 10-byte region");<br>

> +  close(fd);<br>

> +  delete x;<br>

> +}<br>

> +<br>

> +TEST(AddressSanitizer, pread64) {<br>

> +  char *x = new char [10];<br>

> +  int fd = open("/proc/self/stat", O_RDONLY);<br>

> +  ASSERT_GT(fd, 0);<br>

> +  EXPECT_DEATH(pread64(fd, x, 15, 0),<br>

> +               ASAN_PCRE_DOTALL<br>

> +               "AddressSanitizer: heap-buffer-overflow"<br>

> +               ".* is located 4 bytes to the right of 10-byte region");<br>

> +  close(fd);<br>

> +  delete x;<br>

> +}<br>

> +<br>

> +TEST(AddressSanitizer, read) {<br>

> +  char *x = new char [10];<br>

> +  int fd = open("/proc/self/stat", O_RDONLY);<br>

> +  ASSERT_GT(fd, 0);<br>

> +  EXPECT_DEATH(read(fd, x, 15),<br>

> +               ASAN_PCRE_DOTALL<br>

> +               "AddressSanitizer: heap-buffer-overflow"<br>

> +               ".* is located 4 bytes to the right of 10-byte region");<br>

> +  close(fd);<br>

> +  delete x;<br>

> +}<br>

> +<br>

> +#endif  // __linux__<br>

> +<br>

>  // This test case fails<br>

>  // Clang optimizes memcpy/memset calls which lead to unaligned access<br>

>  TEST(AddressSanitizer, DISABLED_MemIntrinsicUnalignedAccessTest) {<br>

><br>

> Modified: compiler-rt/trunk/lib/msan/msan_interceptors.cc<br>

> URL: <a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/msan/msan_interceptors.cc?rev=169966&r1=169965&r2=169966&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/msan/msan_interceptors.cc?rev=169966&r1=169965&r2=169966&view=diff</a><br>


> ==============================================================================<br>

> --- compiler-rt/trunk/lib/msan/msan_interceptors.cc (original)<br>

> +++ compiler-rt/trunk/lib/msan/msan_interceptors.cc Wed Dec 12 03:54:35 2012<br>

> @@ -10,6 +10,9 @@<br>

>  // This file is a part of MemorySanitizer.<br>

>  //<br>

>  // Interceptors for standard library functions.<br>

> +//<br>

> +// FIXME: move as many interceptors as possible into<br>

> +// sanitizer_common/sanitizer_common_interceptors.h<br>

>  //===----------------------------------------------------------------------===//<br>

><br>

>  #include "interception/interception.h"<br>

><br>

> Added: compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.h<br>

> URL: <a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.h?rev=169966&view=auto" target="_blank">http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.h?rev=169966&view=auto</a><br>


> ==============================================================================<br>

> --- compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.h (added)<br>

> +++ compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.h Wed Dec 12 03:54:35 2012<br>

> @@ -0,0 +1,58 @@<br>

> +//===-- sanitizer_common_interceptors.h -------------------------*- C++ -*-===//<br>

> +//<br>

> +//                     The LLVM Compiler Infrastructure<br>

> +//<br>

> +// This file is distributed under the University of Illinois Open Source<br>

> +// License. See LICENSE.TXT for details.<br>

> +//<br>

> +//===----------------------------------------------------------------------===//<br>

> +//<br>

> +// Common function interceptors for tools like AddressSanitizer,<br>

> +// ThreadSanitizer, MemorySanitizer, etc.<br>

> +//<br>

> +// This file should be included into the tool's interceptor file,<br>

> +// which has to define it's own macros:<br>

> +//   COMMON_INTERCEPTOR_ENTER<br>

> +//   COMMON_INTERCEPTOR_READ_RANGE<br>

> +//   COMMON_INTERCEPTOR_WRITE_RANGE<br>

> +//<br>

> +//===----------------------------------------------------------------------===//<br>

> +#ifndef SANITIZER_COMMON_INTERCEPTORS_H<br>

> +#define SANITIZER_COMMON_INTERCEPTORS_H<br>

> +<br>

> +typedef uptr size_t;<br>

> +typedef sptr ssize_t;<br>

> +typedef u64  off_t;<br>

> +typedef u64  off64_t;<br>

> +<br>

> +INTERCEPTOR(ssize_t, read, int fd, void *ptr, size_t count) {<br>

> +  COMMON_INTERCEPTOR_ENTER(read, fd, ptr, count);<br>

> +  ssize_t res = REAL(read)(fd, ptr, count);<br>

> +  if (res > 0)<br>

> +    COMMON_INTERCEPTOR_WRITE_RANGE(ptr, res);<br>

> +  return res;<br>

> +}<br>

> +<br>

> +INTERCEPTOR(ssize_t, pread, int fd, void *ptr, size_t count, off_t offset) {<br>

> +  COMMON_INTERCEPTOR_ENTER(pread, fd, ptr, count, offset);<br>

> +  ssize_t res = REAL(pread)(fd, ptr, count, offset);<br>

> +  if (res > 0)<br>

> +    COMMON_INTERCEPTOR_WRITE_RANGE(ptr, res);<br>

> +  return res;<br>

> +}<br>

> +<br>

> +INTERCEPTOR(ssize_t, pread64, int fd, void *ptr, size_t count, off64_t offset) {<br>

> +  COMMON_INTERCEPTOR_ENTER(pread64, fd, ptr, count, offset);<br>

> +  ssize_t res = REAL(pread64)(fd, ptr, count, offset);<br>

> +  if (res > 0)<br>

> +    COMMON_INTERCEPTOR_WRITE_RANGE(ptr, res);<br>

> +  return res;<br>

> +}<br>

> +<br>

> +#define SANITIZER_COMMON_INTERCEPTORS_INIT \<br>

> +  CHECK(INTERCEPT_FUNCTION(read));         \<br>

> +  CHECK(INTERCEPT_FUNCTION(pread));        \<br>

> +  CHECK(INTERCEPT_FUNCTION(pread64))       \<br>

> +  ;<br>

> +<br>

> +#endif  // SANITIZER_COMMON_INTERCEPTORS_H<br>

><br>

> Modified: compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc<br>

> URL: <a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc?rev=169966&r1=169965&r2=169966&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc?rev=169966&r1=169965&r2=169966&view=diff</a><br>


> ==============================================================================<br>

> --- compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc (original)<br>

> +++ compiler-rt/trunk/lib/tsan/rtl/tsan_interceptors.cc Wed Dec 12 03:54:35 2012<br>

> @@ -9,6 +9,8 @@<br>

>  //<br>

>  // This file is a part of ThreadSanitizer (TSan), a race detector.<br>

>  //<br>

> +// FIXME: move as many interceptors as possible into<br>

> +// sanitizer_common/sanitizer_common_interceptors.h<br>

>  //===----------------------------------------------------------------------===//<br>

><br>

>  #include "sanitizer_common/sanitizer_atomic.h"<br>

><br>

><br>

> _______________________________________________<br>

> llvm-commits mailing list<br>

> <a href="mailto:llvm-commits@cs.uiuc.edu">llvm-commits@cs.uiuc.edu</a><br>

> <a href="http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits</a><br>

</div></div></blockquote></div><br></div>