diff options
| -rw-r--r-- | compiler-rt/lib/asan/asan_report.cc | 14 | ||||
| -rw-r--r-- | compiler-rt/test/asan/TestCases/contiguous_container_crash.cc | 1 |
2 files changed, 14 insertions, 1 deletions
diff --git a/compiler-rt/lib/asan/asan_report.cc b/compiler-rt/lib/asan/asan_report.cc index c2727622f93..8cf1bf6406c 100644 --- a/compiler-rt/lib/asan/asan_report.cc +++ b/compiler-rt/lib/asan/asan_report.cc @@ -1016,6 +1016,14 @@ static bool SuppressErrorReport(uptr pc) { Die(); } +static void PrintContainerOverflowHint() { + Printf("HINT: if you don't care about these errors you may set " + "ASAN_OPTIONS=detect_container_overflow=0.\n" + "If you suspect a false positive see also: " + "https://github.com/google/sanitizers/wiki/" + "AddressSanitizerContainerOverflow.\n"); +} + void ReportGenericError(uptr pc, uptr bp, uptr sp, uptr addr, bool is_write, uptr access_size, u32 exp, bool fatal) { if (!fatal && SuppressErrorReport(pc)) return; @@ -1032,6 +1040,7 @@ void ReportGenericError(uptr pc, uptr bp, uptr sp, uptr addr, bool is_write, // Determine the error type. const char *bug_descr = "unknown-crash"; + u8 shadow_val = 0; if (AddrIsInMem(addr)) { u8 *shadow_addr = (u8*)MemToShadow(addr); // If we are accessing 16 bytes, look at the second shadow byte. @@ -1040,7 +1049,8 @@ void ReportGenericError(uptr pc, uptr bp, uptr sp, uptr addr, bool is_write, // If we are in the partial right redzone, look at the next shadow byte. if (*shadow_addr > 0 && *shadow_addr < 128) shadow_addr++; - switch (*shadow_addr) { + shadow_val = *shadow_addr; + switch (shadow_val) { case kAsanHeapLeftRedzoneMagic: case kAsanHeapRightRedzoneMagic: case kAsanArrayCookieMagic: @@ -1109,6 +1119,8 @@ void ReportGenericError(uptr pc, uptr bp, uptr sp, uptr addr, bool is_write, stack.Print(); DescribeAddress(addr, access_size, bug_descr); + if (shadow_val == kAsanContiguousContainerOOBMagic) + PrintContainerOverflowHint(); ReportErrorSummary(bug_descr, &stack); PrintShadowMemoryForAddress(addr); } diff --git a/compiler-rt/test/asan/TestCases/contiguous_container_crash.cc b/compiler-rt/test/asan/TestCases/contiguous_container_crash.cc index 5b999c04930..af2102e6a12 100644 --- a/compiler-rt/test/asan/TestCases/contiguous_container_crash.cc +++ b/compiler-rt/test/asan/TestCases/contiguous_container_crash.cc @@ -23,6 +23,7 @@ int TestCrash() { __sanitizer_annotate_contiguous_container(&t[0], &t[0] + 100, &t[0] + 100, &t[0] + 50); // CHECK-CRASH: AddressSanitizer: container-overflow +// CHECK-CRASH: if you don't care about these errors you may set ASAN_OPTIONS=detect_container_overflow=0 return (int)t[60 * one]; // Touches the poisoned memory. } |
