[PATCH] D20693: [clang-tidy] New checker to replace dynamic exception specifications

don hinton via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Wed Jun 7 16:18:10 PDT 2017


hintonda added a comment.

Just ran asan on linux and we have a heap-use-after-free in the std::string ctor.

Here's a partial stack dump:

4980==ERROR: AddressSanitizer: heap-use-after-free on address 0x604000024328 at pc 0x00000057ad32 bp 0x7ffd240a7f50 sp 0x7ffd240a7700
-------------------------------------------------------------------------------------------------------------------------------------

READ of size 8 at 0x604000024328 thread T0

  #0 0x57ad31 in __interceptor_memcpy.part.36 /home/d80049854/projects/clang/4.0.0/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:655
  #1 0x6c5960 in char* std::string::_S_construct<char const*>(char const*, char const*, std::allocator<char> const&, std::forward_iterator_tag) /usr/lib/gcc/x86_64-linux-gnu/6.2.0/../../../../include/c+

+/6.2.0/bits/basic_string.tcc:580:6

  #2 0x7fe7bd7bc98a in std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, unsigned long, std::allocator<char> const&) (/usr/lib/x86_64-linux-gnu/libstdc++.

so.6+0xc598a)

  #3 0x67b89f in llvm::StringRef::str() const /home/d80049854/projects/clang/llvm/include/llvm/ADT/StringRef.h:230:14
  #4 0x67b3dd in llvm::StringRef::operator std::string() const /home/d80049854/projects/clang/llvm/include/llvm/ADT/StringRef.h:257:14
  #5 0xd679d2 in clang::FixItHint::CreateReplacement(clang::CharSourceRange, llvm::StringRef) /home/d80049854/projects/clang/llvm/tools/clang/include/clang/Basic/Diagnostic.h:131:25
  #6 0x1213006 in clang::tidy::modernize::UseNoexceptCheck::check(clang::ast_matchers::MatchFinder::MatchResult const&) /home/d80049854/projects/clang/llvm/tools/clang/tools/extra/clang-tidy/modernize/U

$ ../../4.0.0/build/Release/bin/clang -v
clang version 4.0.0 (tags/RELEASE_400/final)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /home/d80049854/projects/clang/build/Debug/../../4.0.0/build/Release/bin
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.6
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.6.4
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.8
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.8.4
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.9
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.9.3
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/5
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/5.4.1
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6.2.0
Selected GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6.2.0
Candidate multilib: .;@m64
Selected multilib: .;@m64

stdlibc++ from gcc 6.2:

$ g++-6 -v
Using built-in specs.
COLLECT_GCC=g++-6
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/6/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 6.2.0-3ubuntu11~14.04' --with-bugurl=file:///usr/share/doc/gcc-6/README.Bugs --enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-6 --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=gcc4-compatible --disable-libstdcxx-dual-abi --enable-gnu-unique-object --disable-vtable-verify --enable-libmpx --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-6-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-6-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-6-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 6.2.0 20160901 (Ubuntu 6.2.0-3ubuntu11~14.04)

$ ldd bin/clang-tidy

  linux-vdso.so.1 =>  (0x00007ffde1996000)
  libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f6104f2a000)
  librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f6104d22000)
  libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f6104b1e000)
  libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007f61048f5000)
  libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f61045ef000)
  libstdc++.so.6 => /usr/lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007f61042dd000)
  libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f61040c6000)
  libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f6103d01000)
  /lib64/ld-linux-x86-64.so.2 (0x00007f6105148000)


https://reviews.llvm.org/D20693





More information about the cfe-commits mailing list