[PATCH] Fix strstr, strcasestr tests failures

Maria Guseva m.guseva at samsung.com
Mon Jun 1 04:35:47 PDT 2015 

Hi samsonov, glider, kcc, dvyukov,

Some tests for string interceptors are failing now on Darwin: http://lab.llvm.org:8080/green/job/clang-stage1-cmake-RA_check/4263/testReport/
Here is an example of output:
/buildslave/jenkins/sharedspace/clang-stage1-cmake-RA_workspace at 2/llvm/projects/compiler-rt/test/asan/TestCases/strstr-2.c
ASAN_OPTIONS=intercept_strstr=false  /Users/buildslave/jenkins/sharedspace/clang-stage1-cmake-RA_workspace at 2/clang-build/projects/compiler-rt/test/asan/X86_64DarwinConfig/TestCases/Output/strstr-2.c.tmp 2>&1
--
Exit Code: 1

Command Output (stdout):
--
=================================================================
==39213==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fff5a1fc931 at pc 0x000105a488e1 bp 0x7fff5a1fc870 sp 0x7fff5a1fc028
READ of size 1 at 0x7fff5a1fc931 thread T0
    #0 0x105a488e0 in wrap_strlen (/Users/buildslave/jenkins/sharedspace/clang-stage1-cmake-RA_workspace at 2/clang-build/./lib/clang/3.7.0/lib/darwin/libclang_rt.asan_osx_dynamic.dylib+0x408e0)
    #1 0x7fff904fb6da in strstr (/usr/lib/system/libsystem_c.dylib+0x5b6da)
    #2 0x105a153a8 in wrap_strstr (/Users/buildslave/jenkins/sharedspace/clang-stage1-cmake-RA_workspace at 2/clang-build/./lib/clang/3.7.0/lib/darwin/libclang_rt.asan_osx_dynamic.dylib+0xd3a8)
    #3 0x7fff95df95c8 in start (/usr/lib/system/libdyld.dylib+0x35c8)
    #4 0x0  (<unknown module>)

Address 0x7fff5a1fc931 is located in stack of thread T0 at offset 49 in frame
    #0 0x105a0394f in main /Users/buildslave/jenkins/sharedspace/clang-stage1-cmake-RA_workspace at 2/llvm/projects/compiler-rt/test/asan/TestCases/strstr-2.c:10

  This frame has 2 object(s):
    [32, 35) 's1'
    [48, 49) 's2' <== Memory access at offset 49 overflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow (/Users/buildslave/jenkins/sharedspace/clang-stage1-cmake-RA_workspace at 2/clang-build/./lib/clang/3.7.0/lib/darwin/libclang_rt.asan_osx_dynamic.dylib+0x408e0) in wrap_strlen

It looks like the strlen is called inside real strstr function and intercepted then. In order to prevent this I suppose to add "replace_str=false" asan runtime flag in tests.

http://reviews.llvm.org/D10159

Files:
  test/asan/TestCases/strcasestr-1.c
  test/asan/TestCases/strcasestr-2.c
  test/asan/TestCases/strstr-1.c
  test/asan/TestCases/strstr-2.c

Index: test/asan/TestCases/strcasestr-1.c
===================================================================
--- test/asan/TestCases/strcasestr-1.c
+++ test/asan/TestCases/strcasestr-1.c
@@ -2,7 +2,8 @@
 // RUN: %clang_asan %s -o %t && ASAN_OPTIONS=strict_string_checks=true not %run %t 2>&1 | FileCheck %s
 
 // Test intercept_strstr asan option
-// RUN: ASAN_OPTIONS=intercept_strstr=false %run %t 2>&1
+// Disable other interceptors because strlen may be called inside strcasestr
+// RUN: ASAN_OPTIONS=intercept_strstr=false:replace_str=false %run %t 2>&1
 
 // There's no interceptor for strcasestr on Windows
 // XFAIL: win32
Index: test/asan/TestCases/strcasestr-2.c
===================================================================
--- test/asan/TestCases/strcasestr-2.c
+++ test/asan/TestCases/strcasestr-2.c
@@ -2,7 +2,8 @@
 // RUN: %clang_asan %s -o %t && ASAN_OPTIONS=strict_string_checks=true not %run %t 2>&1 | FileCheck %s
 
 // Test intercept_strstr asan option
-// RUN: ASAN_OPTIONS=intercept_strstr=false %run %t 2>&1
+// Disable other interceptors because strlen may be called inside strcasestr
+// RUN: ASAN_OPTIONS=intercept_strstr=false:replace_str=false %run %t 2>&1
 
 // There's no interceptor for strcasestr on Windows
 // XFAIL: win32
Index: test/asan/TestCases/strstr-1.c
===================================================================
--- test/asan/TestCases/strstr-1.c
+++ test/asan/TestCases/strstr-1.c
@@ -2,7 +2,8 @@
 // RUN: %clang_asan %s -o %t && ASAN_OPTIONS=strict_string_checks=true not %run %t 2>&1 | FileCheck %s
 
 // Test intercept_strstr asan option
-// RUN: ASAN_OPTIONS=intercept_strstr=false %run %t 2>&1
+// Disable other interceptors because strlen may be called inside strstr
+// RUN: ASAN_OPTIONS=intercept_strstr=false:replace_str=false %run %t 2>&1
 
 #include <assert.h>
 #include <string.h>
Index: test/asan/TestCases/strstr-2.c
===================================================================
--- test/asan/TestCases/strstr-2.c
+++ test/asan/TestCases/strstr-2.c
@@ -2,7 +2,8 @@
 // RUN: %clang_asan %s -o %t && ASAN_OPTIONS=strict_string_checks=true not %run %t 2>&1 | FileCheck %s
 
 // Test intercept_strstr asan option
-// RUN: ASAN_OPTIONS=intercept_strstr=false %run %t 2>&1
+// Disable other interceptors because strlen may be called inside strstr
+// RUN: ASAN_OPTIONS=intercept_strstr=false:replace_str=false %run %t 2>&1
 
 #include <assert.h>
 #include <string.h>

EMAIL PREFERENCES
  http://reviews.llvm.org/settings/panel/emailpreferences/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D10159.26892.patch
Type: text/x-patch
Size: 2440 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150601/3bfdd2ce/attachment.bin>

More information about the llvm-commits mailing list