[compiler-rt] r258337 - [asan] print an additional hint when reporting a container overflow
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Wed Jan 20 11:49:12 PST 2016
Author: kcc
Date: Wed Jan 20 13:49:12 2016
New Revision: 258337
URL: http://llvm.org/viewvc/llvm-project?rev=258337&view=rev
Log:
[asan] print an additional hint when reporting a container overflow
Modified:
compiler-rt/trunk/lib/asan/asan_report.cc
compiler-rt/trunk/test/asan/TestCases/contiguous_container_crash.cc
Modified: compiler-rt/trunk/lib/asan/asan_report.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_report.cc?rev=258337&r1=258336&r2=258337&view=diff
==============================================================================
--- compiler-rt/trunk/lib/asan/asan_report.cc (original)
+++ compiler-rt/trunk/lib/asan/asan_report.cc Wed Jan 20 13:49:12 2016
@@ -1016,6 +1016,14 @@ static bool SuppressErrorReport(uptr pc)
Die();
}
+static void PrintContainerOverflowHint() {
+ Printf("HINT: if you don't care about these errors you may set "
+ "ASAN_OPTIONS=detect_container_overflow=0.\n"
+ "If you suspect a false positive see also: "
+ "https://github.com/google/sanitizers/wiki/"
+ "AddressSanitizerContainerOverflow.\n");
+}
+
void ReportGenericError(uptr pc, uptr bp, uptr sp, uptr addr, bool is_write,
uptr access_size, u32 exp, bool fatal) {
if (!fatal && SuppressErrorReport(pc)) return;
@@ -1032,6 +1040,7 @@ void ReportGenericError(uptr pc, uptr bp
// Determine the error type.
const char *bug_descr = "unknown-crash";
+ u8 shadow_val = 0;
if (AddrIsInMem(addr)) {
u8 *shadow_addr = (u8*)MemToShadow(addr);
// If we are accessing 16 bytes, look at the second shadow byte.
@@ -1040,7 +1049,8 @@ void ReportGenericError(uptr pc, uptr bp
// If we are in the partial right redzone, look at the next shadow byte.
if (*shadow_addr > 0 && *shadow_addr < 128)
shadow_addr++;
- switch (*shadow_addr) {
+ shadow_val = *shadow_addr;
+ switch (shadow_val) {
case kAsanHeapLeftRedzoneMagic:
case kAsanHeapRightRedzoneMagic:
case kAsanArrayCookieMagic:
@@ -1109,6 +1119,8 @@ void ReportGenericError(uptr pc, uptr bp
stack.Print();
DescribeAddress(addr, access_size, bug_descr);
+ if (shadow_val == kAsanContiguousContainerOOBMagic)
+ PrintContainerOverflowHint();
ReportErrorSummary(bug_descr, &stack);
PrintShadowMemoryForAddress(addr);
}
Modified: compiler-rt/trunk/test/asan/TestCases/contiguous_container_crash.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/contiguous_container_crash.cc?rev=258337&r1=258336&r2=258337&view=diff
==============================================================================
--- compiler-rt/trunk/test/asan/TestCases/contiguous_container_crash.cc (original)
+++ compiler-rt/trunk/test/asan/TestCases/contiguous_container_crash.cc Wed Jan 20 13:49:12 2016
@@ -23,6 +23,7 @@ int TestCrash() {
__sanitizer_annotate_contiguous_container(&t[0], &t[0] + 100, &t[0] + 100,
&t[0] + 50);
// CHECK-CRASH: AddressSanitizer: container-overflow
+// CHECK-CRASH: if you don't care about these errors you may set ASAN_OPTIONS=detect_container_overflow=0
return (int)t[60 * one]; // Touches the poisoned memory.
}
More information about the llvm-commits
mailing list