• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1; Verify that ASan properly catches and reports bugs
2
3; REQUIRES: no_minimal_build
4
5; check with a one off the end local load
6; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
7; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
8; RUN:     %t.pexe -o %t && %t 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
9; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
10; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
11; RUN:     %t.pexe -o %t && %t 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
12
13; check with a many off the end local load
14; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
15; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
16; RUN:     %t.pexe -o %t && %t 1 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
17; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
18; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
19; RUN:     %t.pexe -o %t && %t 1 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
20
21; check with a one before the front local load
22; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
23; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
24; RUN:     %t.pexe -o %t && %t 1 2 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
25; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
26; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2\
27; RUN:     %t.pexe -o %t && %t 1 2 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
28
29; check with a one off the end global load
30; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
31; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
32; RUN:     %t.pexe -o %t && %t 1 2 3 2>&1 | FileCheck \
33; RUN:     --check-prefix=GLOBAL-LOAD %s
34; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
35; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
36; RUN:     %t.pexe -o %t && %t 1 2 3 2>&1 | FileCheck \
37; RUN:     --check-prefix=GLOBAL-LOAD %s
38
39; check with a many off the end global load
40; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
41; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
42; RUN:     %t.pexe -o %t && %t 1 2 3 4 2>&1 | FileCheck \
43; RUN:    --check-prefix=GLOBAL-LOAD %s
44; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
45; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
46; RUN:     %t.pexe -o %t && %t 1 2 3 4 2>&1 | FileCheck \
47; RUN:     --check-prefix=GLOBAL-LOAD %s
48
49; check with a one before the front global load
50; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
51; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
52; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 2>&1 | FileCheck \
53; RUN:     --check-prefix=GLOBAL-LOAD %s
54; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
55; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
56; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 2>&1 | FileCheck \
57; RUN:     --check-prefix=GLOBAL-LOAD %s
58
59; check with a one off the end local store
60; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
61; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
62; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 2>&1 | FileCheck \
63; RUN:     --check-prefix=LOCAL-STORE %s
64; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
65; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
66; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 2>&1 | FileCheck \
67; RUN:     --check-prefix=LOCAL-STORE %s
68
69; check with a many off the end local store
70; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
71; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
72; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 2>&1 | FileCheck \
73; RUN:     --check-prefix=LOCAL-STORE %s
74; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
75; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
76; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 2>&1 | FileCheck \
77; RUN:     --check-prefix=LOCAL-STORE %s
78
79; check with a one before the front local store
80; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
81; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
82; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 2>&1 | FileCheck \
83; RUN:     --check-prefix=LOCAL-STORE %s
84; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
85; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
86; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 2>&1 | FileCheck \
87; RUN:     --check-prefix=LOCAL-STORE %s
88
89; check with a one off the end global store
90; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
91; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
92; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 2>&1 | FileCheck \
93; RUN:     --check-prefix=GLOBAL-STORE %s
94; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
95; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
96; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 2>&1 | FileCheck \
97; RUN:     --check-prefix=GLOBAL-STORE %s
98
99; check with a many off the end global store
100; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
101; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
102; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 10 2>&1 | FileCheck \
103; RUN:    --check-prefix=GLOBAL-STORE %s
104; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
105; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
106; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 10 2>&1 | FileCheck \
107; RUN:    --check-prefix=GLOBAL-STORE %s
108
109; check with a one before the front global store
110; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
111; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
112; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 10 11 2>&1 | FileCheck \
113; RUN:     --check-prefix=GLOBAL-STORE %s
114; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
115; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
116; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 10 11 2>&1 | FileCheck \
117; RUN:     --check-prefix=GLOBAL-STORE %s
118
119declare external void @exit(i32)
120
121; A global array
122@array = internal constant [12 x i8] zeroinitializer
123
124define void @access(i32 %is_local_i, i32 %is_load_i, i32 %err) {
125  ; get the base pointer to either the local or global array
126  %local = alloca i8, i32 12, align 1
127  %global = bitcast [12 x i8]* @array to i8*
128  %is_local = icmp ne i32 %is_local_i, 0
129  %arr = select i1 %is_local, i8* %local, i8* %global
130
131  ; determine the offset to access
132  %err_offset = mul i32 %err, 4
133  %pos_offset = add i32 %err_offset, 12
134  %pos = icmp sge i32 %err_offset, 0
135  %offset = select i1 %pos, i32 %pos_offset, i32 %err
136
137  ; calculate the address to access
138  %arraddr = ptrtoint i8* %arr to i32
139  %badaddr = add i32 %arraddr, %offset
140  %badptr = inttoptr i32 %badaddr to i8*
141
142  ; determine load or store
143  %is_load = icmp ne i32 %is_load_i, 0
144  br i1 %is_load, label %bad_load, label %bad_store
145
146bad_load:
147  %result = load i8, i8* %badptr, align 1
148  ret void
149
150bad_store:
151  store i8 42, i8* %badptr, align 1
152  ret void
153}
154
155; use argc to determine which test routine to run
156define void @_start(i32 %arg) {
157  %argcaddr = add i32 %arg, 8
158  %argcptr = inttoptr i32 %argcaddr to i32*
159  %argc = load i32, i32* %argcptr, align 1
160  switch i32 %argc, label %error [i32 1, label %one_local_load
161                                  i32 2, label %many_local_load
162                                  i32 3, label %neg_local_load
163                                  i32 4, label %one_global_load
164                                  i32 5, label %many_global_load
165                                  i32 6, label %neg_global_load
166                                  i32 7, label %one_local_store
167                                  i32 8, label %many_local_store
168                                  i32 9, label %neg_local_store
169                                  i32 10, label %one_global_store
170                                  i32 11, label %many_global_store
171                                  i32 12, label %neg_global_store]
172one_local_load:
173  ; Access one past the end of a local
174  call void @access(i32 1, i32 1, i32 0)
175  br label %error
176many_local_load:
177  ; Access five past the end of a local
178  call void @access(i32 1, i32 1, i32 4)
179  br label %error
180neg_local_load:
181  ; Access one before the beginning of a local
182  call void @access(i32 1, i32 1, i32 -1)
183  br label %error
184one_global_load:
185  ; Access one past the end of a global
186  call void @access(i32 0, i32 1, i32 0)
187  br label %error
188many_global_load:
189  ; Access five past the end of a global
190  call void @access(i32 0, i32 1, i32 4)
191  br label %error
192neg_global_load:
193  ; Access one before the beginning of a global
194  call void @access(i32 0, i32 1, i32 -1)
195  br label %error
196one_local_store:
197  ; Access one past the end of a local
198  call void @access(i32 1, i32 0, i32 0)
199  br label %error
200many_local_store:
201  ; Access five past the end of a local
202  call void @access(i32 1, i32 0, i32 4)
203  br label %error
204neg_local_store:
205  ; Access one before the beginning of a local
206  call void @access(i32 1, i32 0, i32 -1)
207  br label %error
208one_global_store:
209  ; Access one past the end of a global
210  call void @access(i32 0, i32 0, i32 0)
211  br label %error
212many_global_store:
213  ; Access five past the end of a global
214  call void @access(i32 0, i32 0, i32 4)
215  br label %error
216neg_global_store:
217  ; Access one before the beginning of a global
218  call void @access(i32 0, i32 0, i32 -1)
219  br label %error
220error:
221  call void @exit(i32 1)
222  unreachable
223}
224
225; LOCAL-LOAD: Illegal 1 byte load from stack object at
226; LOCAL-LOAD-NEXT: address of __asan_error symbol is
227; LOCAL-STORE: Illegal 1 byte store to stack object at
228; LOCAL-STORE-NEXT: address of __asan_error symbol is
229; GLOBAL-LOAD: Illegal 1 byte load from global object at
230; GLOBAL-LOAD-NEXT: address of __asan_error symbol is
231; GLOBAL-STORE: Illegal 1 byte store to global object at
232; GLOBAL-STORE-NEXT: address of __asan_error symbol is
233