>> As you can see, the error originated by a memmove of 6 bytes Do we? The report says: READ of size 187
If you suspect a compiler/asan bug, please try to come up with a minimal reproducer and file a bug here: https://github.com/google/sanitizers On Tue, Oct 30, 2018 at 7:44 AM <[email protected]> wrote: > Hi all, > > Please redirect me if this is not the right venue to report this kind of > issue: > > In a recent Chromium Commit [1] I hit an ASAN error with the following > line: > > json_string_->append(node.GetBool() ? "true" : "false"); > > [1] https://crrev.com/c/1304477 > > The error I was getting was as follows: > > ==1492==ERROR: AddressSanitizer: global-buffer-overflow on address > 0x7ff6458a2625 at pc 0x7ff63adb4c2e bp 0x00dbdc74a070 sp 0x00dbdc74a0b8 > READ of size 187 at 0x7ff6458a2625 thread T0 > ... #0 0x7ff63adb4c57 in __asan_memmove > C:\b\rr\tmpagbdek\w\src\third_party\llvm\projects\compiler-rt\lib\asan\asan_interceptors_memintrinsics.cc:31 > #1 0x7ff63ae475b5 in base::JSONWriter::BuildJSONString > C:\b\swarming\w\ir\cache\builder\src\base\json\json_writer.cc:65 ... > 0x7ff6458a2625 is located 59 bytes to the left of global variable '<string > literal>' defined in '../../components/apdu/apdu_unittest.cc:19:3' > (0x7ff6458a2660) of size 6 '<string literal>' is ascii string 'false' > 0x7ff6458a2625 is located 0 bytes to the right of global variable '<string > literal>' defined in '../../components/apdu/apdu_unittest.cc:19:3' > (0x7ff6458a2620) of size 5 '<string literal>' is ascii string 'true' > > > As you can see, the error originated by a memmove of 6 bytes, accessing > the byte to the immediate right of the "true" literal. > In order to fix this issue, I replaced the above mentioned line with the > following: > > json_string_->append(node.GetBool() ? std::string("true") > : std::string("false")); > > This does work, since we don't perform a 6 byte memmove on the "true" > literal anymore, as the string constructor knows the exact size of each > literal. > > It seems odd to me that the first version causes an issue, as it should be > a well-formed C++ expression. Thus I suspect this is a compiler bug, > causing ASAN errors by performed optimizations. > What would be the best way to fix this issue? > > Best regards, > Jan > > -- > You received this message because you are subscribed to the Google Groups > "address-sanitizer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "address-sanitizer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
