summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--compiler-rt/lib/asan/asan_poisoning.cc10
-rw-r--r--compiler-rt/lib/asan/asan_report.cc15
-rw-r--r--compiler-rt/lib/asan/asan_report.h3
-rw-r--r--compiler-rt/lib/asan/lit_tests/TestCases/contiguous_container_crash.cc30
4 files changed, 52 insertions, 6 deletions
diff --git a/compiler-rt/lib/asan/asan_poisoning.cc b/compiler-rt/lib/asan/asan_poisoning.cc
index a4e6c0a23c1..8320573d7fc 100644
--- a/compiler-rt/lib/asan/asan_poisoning.cc
+++ b/compiler-rt/lib/asan/asan_poisoning.cc
@@ -13,6 +13,8 @@
//===----------------------------------------------------------------------===//
#include "asan_poisoning.h"
+#include "asan_report.h"
+#include "asan_stack.h"
#include "sanitizer_common/sanitizer_libc.h"
#include "sanitizer_common/sanitizer_flags.h"
@@ -270,8 +272,12 @@ void __sanitizer_annotate_contiguous_container(const void *beg_p,
uptr old_mid = reinterpret_cast<uptr>(old_mid_p);
uptr new_mid = reinterpret_cast<uptr>(new_mid_p);
uptr granularity = SHADOW_GRANULARITY;
- CHECK(beg <= old_mid && beg <= new_mid && old_mid <= end && new_mid <= end &&
- IsAligned(beg, granularity));
+ if (!(beg <= old_mid && beg <= new_mid && old_mid <= end && new_mid <= end &&
+ IsAligned(beg, granularity))) {
+ GET_STACK_TRACE_FATAL_HERE;
+ ReportBadParamsToAnnotateContiguousContainer(beg, end, old_mid, new_mid,
+ &stack);
+ }
CHECK_LE(end - beg,
FIRST_32_SECOND_64(1UL << 30, 1UL << 34)); // Sanity check.
diff --git a/compiler-rt/lib/asan/asan_report.cc b/compiler-rt/lib/asan/asan_report.cc
index 879a62ab3e9..97f55c01135 100644
--- a/compiler-rt/lib/asan/asan_report.cc
+++ b/compiler-rt/lib/asan/asan_report.cc
@@ -669,6 +669,21 @@ void ReportStringFunctionMemoryRangesOverlap(
ReportErrorSummary(bug_type, stack);
}
+void ReportBadParamsToAnnotateContiguousContainer(uptr beg, uptr end,
+ uptr old_mid, uptr new_mid,
+ StackTrace *stack) {
+ ScopedInErrorReport in_report;
+ Report("ERROR: AddressSanitizer: bad parameters to "
+ "__sanitizer_annotate_contiguous_container:\n"
+ " beg : %p\n"
+ " end : %p\n"
+ " old_mid : %p\n"
+ " new_mid : %p\n",
+ beg, end, old_mid, new_mid);
+ stack->Print();
+ ReportErrorSummary("bad-__sanitizer_annotate_contiguous_container", stack);
+}
+
// ----------------------- Mac-specific reports ----------------- {{{1
void WarnMacFreeUnallocated(
diff --git a/compiler-rt/lib/asan/asan_report.h b/compiler-rt/lib/asan/asan_report.h
index f55b57bd4d9..b8ebd9b867b 100644
--- a/compiler-rt/lib/asan/asan_report.h
+++ b/compiler-rt/lib/asan/asan_report.h
@@ -45,6 +45,9 @@ void NORETURN ReportAsanGetAllocatedSizeNotOwned(uptr addr,
void NORETURN ReportStringFunctionMemoryRangesOverlap(
const char *function, const char *offset1, uptr length1,
const char *offset2, uptr length2, StackTrace *stack);
+void NORETURN
+ReportBadParamsToAnnotateContiguousContainer(uptr beg, uptr end, uptr old_mid,
+ uptr new_mid, StackTrace *stack);
// Mac-specific errors and warnings.
void WarnMacFreeUnallocated(
diff --git a/compiler-rt/lib/asan/lit_tests/TestCases/contiguous_container_crash.cc b/compiler-rt/lib/asan/lit_tests/TestCases/contiguous_container_crash.cc
index e96c1af838f..6be9ad5f6c0 100644
--- a/compiler-rt/lib/asan/lit_tests/TestCases/contiguous_container_crash.cc
+++ b/compiler-rt/lib/asan/lit_tests/TestCases/contiguous_container_crash.cc
@@ -1,16 +1,38 @@
-// RUN: %clangxx_asan -O %s -o %t && not %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O %s -o %t
+// RUN: not %t crash 2>&1 | FileCheck --check-prefix=CHECK-CRASH %s
+// RUN: not %t bad-bounds 2>&1 | FileCheck --check-prefix=CHECK-BAD %s
// Test crash due to __sanitizer_annotate_contiguous_container.
+#include <assert.h>
+#include <string.h>
+
extern "C" {
void __sanitizer_annotate_contiguous_container(const void *beg, const void *end,
const void *old_mid,
const void *new_mid);
} // extern "C"
-int main(int argc, char **argv) {
+static volatile int one = 1;
+
+int TestCrash() {
long t[100];
__sanitizer_annotate_contiguous_container(&t[0], &t[0] + 100, &t[0] + 100,
&t[0] + 50);
- return t[60 * argc]; // Touches the poisoned memory.
+ return (int)t[60 * one]; // Touches the poisoned memory.
+}
+
+void BadBounds() {
+ long t[100];
+ __sanitizer_annotate_contiguous_container(&t[0], &t[0] + 100, &t[0] + 101,
+ &t[0] + 50);
+}
+
+int main(int argc, char **argv) {
+ assert(argc == 2);
+ if (!strcmp(argv[1], "crash"))
+ return TestCrash();
+ else if (!strcmp(argv[1], "bad-bounds"))
+ BadBounds();
}
-// CHECK: AddressSanitizer: container-overflow
+// CHECK-CRASH: AddressSanitizer: container-overflow
+// CHECK-BAD: ERROR: AddressSanitizer: bad parameters to __sanitizer_annotate_contiguous_container
OpenPOWER on IntegriCloud