show gcc / clang sanitizer findings as issues

[Kinokin]

gcc and clang can instrument the created binary with additional checks like

• detect illegal memory usage
• commands causing undefined behavior

An example output from clang looks like

==9442== ERROR: AddressSanitizer heap-use-after-free on address 0x7f7ddab8c084 at pc 0x403c8c bp 0x7fff87fb82d0 sp 0x7fff87fb82c8
READ of size 4 at 0x7f7ddab8c084 thread T0
#0 0x403c8c in main example_UseAfterFree.cc:4
#1 0x7f7ddabcac4d in __libc_start_main ??:0

(see https://clang.llvm.org/docs/AddressSanitizer.html)

The feature request would be to define a file format for sonar-cxx to upload the sanitizer issues detected on tests

[guwirth]

Hi @Kinokin,

thanks for the idea.

Think title of the feature request should be AddressSanitizer support, right?
What SQ needs is typically:

1. A fixed set of rules (AddressSanitizer repository) to be able to add them to a Quality Profile.
2. Report must contain issue source:
   a. filename (in best case with absolute path)
   b. unique rule id
   c. line number of issue
   d. optional a message

Is this the case for AddressSanitizer?

Regards,

[Kinokin]

Personally I need the address sanitizer the the undefined behavior sanitizer outputs.

For undefined behaviour sanitizer there are messages like:
/path/to/source/file.cpp:<line>:<column>: runtime error: call to function ... through pointer to incorrect function type '...'
/path/tp/source/file.hpp:<line>:<column>: runtime error: -6398.88 is outside the range of representable values of type 'unsigned int'

So one can scan for patterns to create a rule id
I fear one needs to check all possible settings listed here: https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#available-checks

For AdressSanitizer
SUMMARY: AddressSanitizer: heap-use-after-free /path/to/source/file.cpp:<line>:<column> in sanitizer::use_after_free()
SUMMARY: AddressSanitizer: heap-buffer-overflow ... in sanitizer::heap_out_of_bounds(int)
SUMMARY: AddressSanitizer: stack-buffer-overflow ... in sanitizer::stack_out_of_bounds(int)
SUMMARY: AddressSanitizer: global-buffer-overflow ... in sanitizer::global_out_of_bounds(int)
SUMMARY: AddressSanitizer: stack-use-after-return ... in sanitizer::stack_use_after_return(int)

This might be easier to scan.

So I think the answer to your question is yes

[guwirth]

Hi @Kinokin,

supporting different tools with one sensor is not possible, must be one sensor for one tool.

Regards,

[guwirth]

Hi @Kinokin,

there is the list of checks https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#available-checks but where is the list of resulting rule/issue IDs?

In this sample are also no line numbers?

For AdressSanitizer
SUMMARY: AddressSanitizer: heap-use-after-free /path/to/source/file.cpp:: in sanitizer::use_after_free()
SUMMARY: AddressSanitizer: heap-buffer-overflow ... in sanitizer::heap_out_of_bounds(int)

Regards,

[Kinokin]

For address sanitizer the best list I found seems to be in
https://github.com/llvm/llvm-project/blob/62ec4ac90738a5f2d209ed28c822223e58aaaeb7/lldb/source/Plugins/InstrumentationRuntime/ASan/InstrumentationRuntimeASan.cpp
at around line 200

For the examples I used <lineno>:<column> but the plain symbols seem to be dropped on display