[compiler-rt] 6794593 - [hwasan] State correct PC in first error message.

Florian Mayer via llvm-commits llvm-commits at lists.llvm.org
Tue Aug 10 01:29:45 PDT 2021 

Author: Florian Mayer
Date: 2021-08-10T09:29:29+01:00
New Revision: 6794593fdbf5209bf6f376ce975820bcf5526e83

URL: https://github.com/llvm/llvm-project/commit/6794593fdbf5209bf6f376ce975820bcf5526e83
DIFF: https://github.com/llvm/llvm-project/commit/6794593fdbf5209bf6f376ce975820bcf5526e83.diff

LOG: [hwasan] State correct PC in first error message.

We would put the return address there, rather than the fault address.

Reviewed By: eugenis

Differential Revision: https://reviews.llvm.org/D107578

Added: 
    

Modified: 
    compiler-rt/lib/hwasan/hwasan_report.cpp
    compiler-rt/test/hwasan/TestCases/double-free.c
    compiler-rt/test/hwasan/TestCases/use-after-free.c

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/hwasan/hwasan_report.cpp b/compiler-rt/lib/hwasan/hwasan_report.cpp
index 625ce051d856b..e2be7596c8c22 100644
--- a/compiler-rt/lib/hwasan/hwasan_report.cpp
+++ b/compiler-rt/lib/hwasan/hwasan_report.cpp
@@ -549,6 +549,11 @@ static void PrintTagsAroundAddr(tag_t *tag_ptr) {
       "description of short granule tags\n");
 }
 
+uptr GetTopPc(StackTrace *stack) {
+  return stack->size ? StackTrace::GetPreviousInstructionPc(stack->trace[0])
+                     : 0;
+}
+
 void ReportInvalidFree(StackTrace *stack, uptr tagged_addr) {
   ScopedReport R(flags()->halt_on_error);
 
@@ -558,7 +563,7 @@ void ReportInvalidFree(StackTrace *stack, uptr tagged_addr) {
   tag_t mem_tag = *tag_ptr;
   Decorator d;
   Printf("%s", d.Error());
-  uptr pc = stack->size ? stack->trace[0] : 0;
+  uptr pc = GetTopPc(stack);
   const char *bug_type = "invalid-free";
   const Thread *thread = GetCurrentThread();
   if (thread) {
@@ -657,7 +662,7 @@ void ReportTagMismatch(StackTrace *stack, uptr tagged_addr, uptr access_size,
   uptr untagged_addr = UntagAddr(tagged_addr);
   // TODO: when possible, try to print heap-use-after-free, etc.
   const char *bug_type = "tag-mismatch";
-  uptr pc = stack->size ? stack->trace[0] : 0;
+  uptr pc = GetTopPc(stack);
   Report("ERROR: %s: %s on address %p at pc %p\n", SanitizerToolName, bug_type,
          untagged_addr, pc);
 

diff  --git a/compiler-rt/test/hwasan/TestCases/double-free.c b/compiler-rt/test/hwasan/TestCases/double-free.c
index 9917fc71258b6..561d4bc417209 100644
--- a/compiler-rt/test/hwasan/TestCases/double-free.c
+++ b/compiler-rt/test/hwasan/TestCases/double-free.c
@@ -11,12 +11,13 @@ int main() {
   char * volatile x = (char*)malloc(40);
   free(x);
   free(x);
-// CHECK: ERROR: HWAddressSanitizer: invalid-free on address {{.*}} at pc {{.*}} on thread T{{[0-9]+}}
-// CHECK: tags: [[PTR_TAG:..]]/[[MEM_TAG:..]] (ptr/mem)
-// CHECK: freed by thread {{.*}} here:
-// CHECK: previously allocated here:
-// CHECK: Memory tags around the buggy address (one tag corresponds to 16 bytes):
-// CHECK: =>{{.*}}[[MEM_TAG]]
+  // CHECK: ERROR: HWAddressSanitizer: invalid-free on address {{.*}} at pc {{[0x]+}}[[PC:.*]] on thread T{{[0-9]+}}
+  // CHECK: tags: [[PTR_TAG:..]]/[[MEM_TAG:..]] (ptr/mem)
+  // CHECK: #0 {{[0x]+}}{{.*}}[[PC]] in free
+  // CHECK: freed by thread {{.*}} here:
+  // CHECK: previously allocated here:
+  // CHECK: Memory tags around the buggy address (one tag corresponds to 16 bytes):
+  // CHECK: =>{{.*}}[[MEM_TAG]]
   fprintf(stderr, "DONE\n");
   __hwasan_disable_allocator_tagging();
 // CHECK-NOT: DONE

diff  --git a/compiler-rt/test/hwasan/TestCases/use-after-free.c b/compiler-rt/test/hwasan/TestCases/use-after-free.c
index 608f588944536..9b750aaaad85c 100644
--- a/compiler-rt/test/hwasan/TestCases/use-after-free.c
+++ b/compiler-rt/test/hwasan/TestCases/use-after-free.c
@@ -20,8 +20,9 @@ int main() {
   // CHECK: Going to do a [[TYPE:[A-Z]*]]
   int r = 0;
   if (ISREAD) r = x[5]; else x[5] = 42;  // should be on the same line.
+  // CHECK: ERROR: HWAddressSanitizer: tag-mismatch on address {{.*}} at pc {{[0x]+}}[[PC:.*]]
   // CHECK: [[TYPE]] of size 1 at {{.*}} tags: [[PTR_TAG:[0-9a-f][0-9a-f]]]/[[MEM_TAG:[0-9a-f][0-9a-f]]] (ptr/mem)
-  // CHECK: #{{[0-9]}} {{.*}} in main {{.*}}use-after-free.c:[[@LINE-2]]
+  // CHECK: #{{[0-9]}} {{[0-9]+}}{{.*}}[[PC]] in main {{.*}}use-after-free.c:[[@LINE-3]]
   // Offset is 5 or 11 depending on left/right alignment.
   // CHECK: is a small unallocated heap chunk; size: 32 offset: {{5|11}}
   // CHECK: Cause: use-after-free
@@ -29,11 +30,11 @@ int main() {
   //
   // CHECK: freed by thread {{.*}} here:
   // CHECK: #0 {{.*}} in {{.*}}free{{.*}} {{.*}}hwasan_allocation_functions.cpp
-  // CHECK: #1 {{.*}} in main {{.*}}use-after-free.c:[[@LINE-15]]
+  // CHECK: #1 {{.*}} in main {{.*}}use-after-free.c:[[@LINE-16]]
 
   // CHECK: previously allocated here:
   // CHECK: #0 {{.*}} in {{.*}}malloc{{.*}} {{.*}}hwasan_allocation_functions.cpp
-  // CHECK: #1 {{.*}} in main {{.*}}use-after-free.c:[[@LINE-20]]
+  // CHECK: #1 {{.*}} in main {{.*}}use-after-free.c:[[@LINE-21]]
   // CHECK: Memory tags around the buggy address (one tag corresponds to 16 bytes):
   // CHECK: =>{{.*}}[[MEM_TAG]]
   // CHECK: SUMMARY: HWAddressSanitizer: tag-mismatch

More information about the llvm-commits mailing list