From 748caf2e923033a61d8e81ceac14c40fd4736f88 Mon Sep 17 00:00:00 2001
From: MrLop <lujixiang1@huawei.com>
Date: Mon, 10 Feb 2025 14:54:07 +0800
Subject: [PATCH] [Compiler-RT][HWASAN] Add Format When Printing UAF in Freed
 Thread

Add Format When Printing UAF in Freed Thread

Signed-off-by: MrLop <lujixiang1@huawei.com>
---
 compiler-rt/lib/hwasan/hwasan_report.cpp    |  9 +++++++++
 compiler-rt/lib/hwasan/hwasan_thread_list.h | 13 ++++++++++---
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/compiler-rt/lib/hwasan/hwasan_report.cpp b/compiler-rt/lib/hwasan/hwasan_report.cpp
index 051c68ee2e84..555f8bbf26e8 100644
--- a/compiler-rt/lib/hwasan/hwasan_report.cpp
+++ b/compiler-rt/lib/hwasan/hwasan_report.cpp
@@ -480,16 +480,25 @@ void PrintAddressDescription(
 
   auto PrintUAFinFreedThread = [&](HeapAllocationRecord &har) {
     uptr ha_untagged_addr = UntagAddr(har.tagged_addr);
+    Printf("%s", d.Error());
+    Printf("\nPotential Cause: use-after-free\n");
+    Printf("%s", d.Location());
     Printf(
         "%p (Previously freed thread ptr tags: %02x) is located %zd "
         "bytes inside of %zd-byte region [%p,%p)\n",
         untagged_addr, GetTagFromPointer(har.tagged_addr),
         untagged_addr - ha_untagged_addr, har.requested_size, ha_untagged_addr,
         ha_untagged_addr + har.requested_size);
+    Printf("%s", d.Allocation());
     Printf("freed by thread %d here:\n", har.free_thread);
+    Printf("%s", d.Default());
     GetStackTraceFromId(har.free_context_id).Print();
+
+    Printf("%s", d.Allocation());
     Printf("previously allocated by thread %d here:\n", har.alloc_thread);
+    Printf("%s", d.Default());
     GetStackTraceFromId(har.alloc_context_id).Print();
+
     num_descriptions_printed++;
   };
   hwasanThreadList().VisitAllFreedRingBuffer(
diff --git a/compiler-rt/lib/hwasan/hwasan_thread_list.h b/compiler-rt/lib/hwasan/hwasan_thread_list.h
index e039854ccaf8..d8edde1e4cde 100644
--- a/compiler-rt/lib/hwasan/hwasan_thread_list.h
+++ b/compiler-rt/lib/hwasan/hwasan_thread_list.h
@@ -144,6 +144,14 @@ class HwasanThreadList {
       return;
 
     SpinMutexLock l(&freed_rb_mutex_);
+
+    freed_rb_count_++;
+    if (freed_rb_count_ == 0)
+      freed_rb_count_overflow_++;
+
+    if (!flags()->freed_threads_history_size)
+      return;
+
     if (!freed_rb_list_) {
       size_t sz = flags()->freed_threads_history_size *
                   sizeof(HeapAllocationsRingBuffer *);
@@ -155,6 +163,8 @@ class HwasanThreadList {
     }
     if (freed_rb_list_size_ >= flags()->freed_threads_history_size) {
       auto sz = flags()->freed_threads_history_size / 3;
+      if (sz == 0)
+        sz = 1;
       for (uptr i = 0; i < sz; i++) {
         if (freed_rb_list_[i])
           freed_rb_list_[i]->Delete();
@@ -178,9 +188,6 @@ class HwasanThreadList {
     }
     freed_rb_list_[freed_rb_list_size_] = freed_allocations_;
     freed_rb_list_size_++;
-    freed_rb_count_++;
-    if (freed_rb_count_ == 0)
-      freed_rb_count_overflow_++;
   }
 // OHOS_LOCAL end
 
-- 
Gitee