https://reviews.llvm.org/D27012 will add more report types into ASan that will be reported via the debugging API. This patch in LLDB provides human-friendly bug descriptions.
Details
- Reviewers
dcoughlin filcab zaks.anna clayborg jingham jasonmolenda - Commits
- rG9ee60031464b: Support more report types in AddressSanitizerRuntime.cpp, re-word existing ones.
rLLDB288535: Support more report types in AddressSanitizerRuntime.cpp, re-word existing ones.
rL288535: Support more report types in AddressSanitizerRuntime.cpp, re-word existing ones.
Diff Detail
Event Timeline
Looks fine. One question though: do we always have a shared library that contains the ASAN runtime? If so, then we can actually put the array of short to long description into the ASAN dylib and then we read this array as a global variable. This would allow you to add as many descriptions as you want directly in your ASAN code and have LLDB detect all of the new strings. Or, if there is a function you can call with the short description that returns the long description, then we can still have the ASAN code contain all of the strings.
I have some minor fixes I'd like to see.
If it's prefixed by "Nit: " it's a really minor one and I'm ok with it as is if that's what you prefer.
Thank you,
Filipe
source/Plugins/InstrumentationRuntime/AddressSanitizer/AddressSanitizerRuntime.cpp | ||
---|---|---|
200 | Not necessarily recursion. There's also stack variables. I'd omit the stuff in parenthesis. | |
204 | Nit: "Wild jump" is probably better than "wild pointer jump", no? | |
206 | Nit: I'd probably use "Write through wild pointer ..." (same for the others) | |
214 | Nit: Phrasing seems off. I think "Double free detected" is easier to read and more explicit. | |
216 | Nit: Maybe "Deallocation size mismatch detected"? The user isn't deallocating a "size". | |
218 | s/address/memory region/? | |
222 | Maybe "Call to malloc_usable_size with not owned pointer detected"? | |
226 | I think this really needs additional detail. It doesn't seem very meaningful as a sentence. | |
230 | Maybe "Invalid parameters to call to __sanitizer_annotate_contiguous_container" is more explicit? | |
232 | "One Definition Rule violation" |
Thanks for these comments, I'll have them run by more people before committing this (I'm not a native English speaker). These really need to be as user-focused as possible, so I'm really against stuff like "not owned pointer", because that's not something we should expect the user to understand. Also note that we're not using these as a replacement of full reports, we're showing them as a quick description in addition to ASan reports.
source/Plugins/InstrumentationRuntime/AddressSanitizer/AddressSanitizerRuntime.cpp | ||
---|---|---|
200 | Multiple times have I seen that people read "stack overflow" as "stack buffer overflow" and they spend a lot of time trying to find what buffer was actually overflown... I'd like to somehow point that out. Ideas? |
source/Plugins/InstrumentationRuntime/AddressSanitizer/AddressSanitizerRuntime.cpp | ||
---|---|---|
200 | Maybe instead of "recursion too deep" have "stack space exhausted" or something like that? And yes, please ask native speakers too, as I'm not one either. :-) |
Here is another pass at this:
source/Plugins/InstrumentationRuntime/AddressSanitizer/AddressSanitizerRuntime.cpp | ||
---|---|---|
198–199 | Kuba would like to drop all of these "detected" that do not add anything and are just used as filler words in all of the description messages. This will make some of them into non-complete sentences, but keeping them short is more user friendly and gets the point across just fine. | |
200 | We could just say "Stack space exhausted" with no parentheses. | |
202 | Drop "detected" or "Dereference of null pointer". | |
204 | How about "Jump to a wild address". "Wild jump" sounds like a term, but I am not familiar with it. | |
206 | "Write through", "Access through" but "Read from" (as per the English speaker on our team :)). | |
214 | Double free is a bit of a jargon, I think it's better to be explicit: | |
216 | Is this always about "new" and "delete"? If so, we could try to be more explicit about it "The size of deleted object does not match the size at allocation" "Deallocation size different than allocation size"? | |
218 | "Deallocation of non-allocated memory" | |
222 | "Invalid argument to malloc_usable_size"? And "Invalid argument to __sanitizer_get_allocated_size" below. | |
226 | How about this: "Call to function disallowing overlapping memory ranges" | |
228 | Negative size used when accessing memory | |
230 | "Invalid arguments to __sanitizer_annotate_contiguous_container" | |
232 | Is it possible to use something similar to what clang uses, for example, "external variable %0 defined in multiple translation units" (from ./include//clang/Basic/DiagnosticASTKinds.td)? Ex: "Symbol defined in multiple translation units" | |
234 | Comparison or arithmetic on pointers from different memory regions |
I'd mostly use Anna's suggestions. Kuba: Can you remove the "detected" from the messages and refresh the patch, just so we can have one last look? Otherwise, if you think it's good enough, commit with these changes and we can do post-commit review.
source/Plugins/InstrumentationRuntime/AddressSanitizer/AddressSanitizerRuntime.cpp | ||
---|---|---|
198–199 | Agree. | |
200 | Yes. | |
202 | I'd go for the second option. | |
204 | "Jump to non-executable address" (basically, it's either non-readable (or unmapped) or non-executable. But I don't think we need to have those distinctions in this error message)? If not, I'm fine with Anna's suggestion too. | |
206 | Heh. Right. | |
214 | Good. | |
216 | "... different from..."? |
We do have the dylib with the runtime any time this code is run. However, I don't think these should live in the ASan runtime, because they should be considered as more high-level user-visible strings. The ASan runtime itself produces detailed technical reports that don't use the wording used here. For example, the console report will just say "Invalid pointer pair" assuming the user knows what that means. When using LLDB (and/or Xcode) we should provide less technical descriptions.
Anyway, I think this asks for a longer discussion. Are you okay with leaving these strings here for now?
LGTM
(I commented on a minor nit. It might just be me, so feel free to keep the current wording if you feel it's preferred)
Kuba would like to drop all of these "detected" that do not add anything and are just used as filler words in all of the description messages. This will make some of them into non-complete sentences, but keeping them short is more user friendly and gets the point across just fine.