Add parsing for sanitizer heap_profile traces.

MozillaSecurity · Sep 29, 2022 · babd664 · babd664
1 parent c7eeb0e
commit babd664
Show file tree

Hide file tree

Showing 6 changed files with 253 additions and 6 deletions.
diff --git a/FTB/AssertionHelper.py b/FTB/AssertionHelper.py
@@ -120,6 +120,10 @@ def getAssertion(output):
  elif line.startswith("[Non-crash bug] "):
  # Magic string "added" to stderr by some fuzzers.
  lastLine = line
+ elif "Sanitizer: soft rss limit exhausted" in line:
+ line = re.sub(r" \(\d+Mb vs \d+Mb\)", "", line)
+ line = re.sub(r"=+\d+=+", "", line)
+ lastLine = line
 
  return lastLine
 

diff --git a/FTB/Signatures/CrashInfo.py b/FTB/Signatures/CrashInfo.py
@@ -651,7 +651,7 @@ def __init__(self, stdout, stderr, configuration, crashData=None):
  asanOutput = crashData if crashData else stderr
 
  asanCrashAddressPattern = r"""(?x)
- \s[A-Za-z]+Sanitizer.*\s
+ [A-Za-z]+Sanitizer.*\s
  (?:on\saddress # Most common format, used for all overflows
  |on\sunknown\saddress # Used in case of a SIGSEGV
  |double-free\son # Used in case of a double-free
@@ -664,7 +664,8 @@ def __init__(self, stdout, stderr, configuration, crashData=None):
  |not\sowned: # Used when calling __asan_get_allocated_size()
  # on a pointer that isn't owned
  |\w+-param-overlap: # Bad memcpy/strcpy/strcat... etc
- |requested\sallocation\ssize\s0x[0-9a-f]+\s)
+ |requested\sallocation\ssize\s0x[0-9a-f]+\s
+ |soft\srss\slimit\sexhausted)
  (\s*0x([0-9a-f]+))?"""
  asanRegisterPattern = (
  r"(?:\s+|\()pc\s+0x([0-9a-f]+)\s+(sp|bp)\s+0x([0-9a-f]+)\s+(sp|bp)\s+"