[PATCH] D63785: Add support for MUSL libc

Boris Faure via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Tue Jun 25 12:57:34 PDT 2019 

billiob added a comment.

With the following example:

  #include <stdlib.h>
  int main() {
    char *x = (char*)malloc(10 * sizeof(char*));
    free(x);
    return x[5];
  }

I get:

  =================================================================
  ==22531==ERROR: AddressSanitizer: heap-use-after-free on address 0x607000000025 at pc 0x5652fccda39b bp 0x7ffe5e5c5ca0 sp 0x7ffe5e5c5c98
  READ of size 1 at 0x607000000025 thread T0
      #0 0x5652fccda39a in main /home/billiob/dev/foo/foo.c:5:10
      #1 0x7ff78eebf228  (/lib/ld-musl-x86_64.so.1+0x1c228)
  
  0x607000000025 is located 5 bytes inside of 80-byte region [0x607000000020,0x607000000070)
  freed by thread T0 here:
      #0 0x5652fcc9b9e0 in __interceptor_free /home/billiob/dev/compiler-rt/lib/asan/asan_malloc_linux.cc:123:3
      #1 0x5652fccda36a in main /home/billiob/dev/foo/foo.c:4:3
      #2 0x7ff78eebf228  (/lib/ld-musl-x86_64.so.1+0x1c228)
  
  previously allocated by thread T0 here:
      #0 0x5652fcc9bce8 in __interceptor_malloc /home/billiob/dev/compiler-rt/lib/asan/asan_malloc_linux.cc:145:3
      #1 0x5652fccda35f in main /home/billiob/dev/foo/foo.c:3:20
      #2 0x7ff78eebf228  (/lib/ld-musl-x86_64.so.1+0x1c228)
  
  SUMMARY: AddressSanitizer: heap-use-after-free /home/billiob/dev/foo/foo.c:5:10 in main
  Shadow bytes around the buggy address:
    0x0c0e7fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x0c0e7fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x0c0e7fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x0c0e7fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0x0c0e7fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  =>0x0c0e7fff8000: fa fa fa fa[fd]fd fd fd fd fd fd fd fd fd fa fa
    0x0c0e7fff8010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
    0x0c0e7fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
    0x0c0e7fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
    0x0c0e7fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
    0x0c0e7fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  Shadow byte legend (one shadow byte represents 8 application bytes):
    Addressable:           00
    Partially addressable: 01 02 03 04 05 06 07
    Heap left redzone:       fa
    Freed heap region:       fd
    Stack left redzone:      f1
    Stack mid redzone:       f2
    Stack right redzone:     f3
    Stack after return:      f5
    Stack use after scope:   f8
    Global redzone:          f9
    Global init order:       f6
    Poisoned by user:        f7
    Container overflow:      fc
    Array cookie:            ac
    Intra object redzone:    bb
    ASan internal:           fe
    Left alloca redzone:     ca
    Right alloca redzone:    cb
    Shadow gap:              cc
  ==22531==ABORTING


Repository:
  rCRT Compiler Runtime

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D63785/new/

https://reviews.llvm.org/D63785

More information about the llvm-commits mailing list