• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
False(?) positive from new Address Sanitizer C++ STL container check
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

False(?) positive from new Address Sanitizer C++ STL container check

  • Subject: False(?) positive from new Address Sanitizer C++ STL container check
  • From: Jens Alfke <email@hidden>
  • Date: Thu, 25 May 2017 10:24:56 -0700
Has anyone tried using the newish “Enable C++ Container Overflow Checks For Static Analyzer” build setting? I’m not sure what version of Xcode it appeared in, but I just noticed it yesterday and am trying it out. I immediately ran into what looks like a false positive, where the sanitizer complains about a buffer overflow being committed by an “__RAII_IncreaseAnnotator” class that seems to be part of the implementation of this overflow checker:

=================================================================
==53680==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fff5fb032d8 at pc 0x000101a7d8c8 bp 0x7fff5fb031c0 sp 0x7fff5fb031b8
WRITE of size 8 at 0x7fff5fb032d8 thread T0
    #0 0x101a7d8c7 in std::__1::vector<fleece::alloc_slice, std::__1::allocator<fleece::alloc_slice> >::__RAII_IncreaseAnnotator::__RAII_IncreaseAnnotator(std::__1::vector<fleece::alloc_slice, std::__1::allocator<fleece::alloc_slice> > const&, unsigned long) vector:867
    #1 0x101a7d794 in std::__1::vector<fleece::alloc_slice, std::__1::allocator<fleece::alloc_slice> >::__RAII_IncreaseAnnotator::__RAII_IncreaseAnnotator(std::__1::vector<fleece::alloc_slice, std::__1::allocator<fleece::alloc_slice> > const&, unsigned long) vector:867
    #2 0x101f4fe6a in fleece::SharedKeys::add(fleece::slice) vector:1642

. . .

The offending address seems to be within a variable ‘__annotator.i’ inserted by the compiler:

Address 0x7fff5fb032d8 is located in stack of thread T0 at offset 88 in frame
    #0 0x101f4fb3f in fleece::SharedKeys::add(fleece::slice) SharedKeys.cc:80

  This frame has 7 object(s):
    [32, 48) 'agg.tmp.i.i.i.i'
    [64, 65) 'ref.tmp.i.i'
    [80, 81) '__annotator.i'
    [96, 112) 'str' <== Memory access at offset 88 underflows this variable
    [128, 144) 'agg.tmp'
    [160, 168) 'info'
    [192, 208) 'agg.tmp8'


My own code is just calling vector::emplace_back.

(Yes, I’ll file a bug report.)

—Jens
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: False(?) positive from new Address Sanitizer C++ STL container check
      • From: Jens Alfke <email@hidden>
  • Prev by Date: Re: Find regex broken in Xcode 7.2.1?
  • Next by Date: Re: False(?) positive from new Address Sanitizer C++ STL container check
  • Previous by thread: Re: Find regex broken in Xcode 7.2.1?
  • Next by thread: Re: False(?) positive from new Address Sanitizer C++ STL container check
  • Index(es):
    • Date
    • Thread