Home | History | Annotate | Download | only in asan_tests 
      1 ; Verify that ASan properly catches and reports bugs
      2 
      3 ; REQUIRES: no_minimal_build
      4 
      5 ; check with a one off the end local load
      6 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
      7 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
      8 ; RUN:     %t.pexe -o %t && %t 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
      9 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     10 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
     11 ; RUN:     %t.pexe -o %t && %t 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
     12 
     13 ; check with a many off the end local load
     14 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     15 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
     16 ; RUN:     %t.pexe -o %t && %t 1 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
     17 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     18 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
     19 ; RUN:     %t.pexe -o %t && %t 1 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
     20 
     21 ; check with a one before the front local load
     22 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     23 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
     24 ; RUN:     %t.pexe -o %t && %t 1 2 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
     25 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     26 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2\
     27 ; RUN:     %t.pexe -o %t && %t 1 2 2>&1 | FileCheck --check-prefix=LOCAL-LOAD %s
     28 
     29 ; check with a one off the end global load
     30 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     31 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
     32 ; RUN:     %t.pexe -o %t && %t 1 2 3 2>&1 | FileCheck \
     33 ; RUN:     --check-prefix=GLOBAL-LOAD %s
     34 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     35 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
     36 ; RUN:     %t.pexe -o %t && %t 1 2 3 2>&1 | FileCheck \
     37 ; RUN:     --check-prefix=GLOBAL-LOAD %s
     38 
     39 ; check with a many off the end global load
     40 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     41 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
     42 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 2>&1 | FileCheck \
     43 ; RUN:    --check-prefix=GLOBAL-LOAD %s
     44 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     45 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
     46 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 2>&1 | FileCheck \
     47 ; RUN:     --check-prefix=GLOBAL-LOAD %s
     48 
     49 ; check with a one before the front global load
     50 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     51 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
     52 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 2>&1 | FileCheck \
     53 ; RUN:     --check-prefix=GLOBAL-LOAD %s
     54 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     55 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
     56 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 2>&1 | FileCheck \
     57 ; RUN:     --check-prefix=GLOBAL-LOAD %s
     58 
     59 ; check with a one off the end local store
     60 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     61 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
     62 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 2>&1 | FileCheck \
     63 ; RUN:     --check-prefix=LOCAL-STORE %s
     64 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     65 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
     66 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 2>&1 | FileCheck \
     67 ; RUN:     --check-prefix=LOCAL-STORE %s
     68 
     69 ; check with a many off the end local store
     70 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     71 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
     72 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 2>&1 | FileCheck \
     73 ; RUN:     --check-prefix=LOCAL-STORE %s
     74 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     75 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
     76 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 2>&1 | FileCheck \
     77 ; RUN:     --check-prefix=LOCAL-STORE %s
     78 
     79 ; check with a one before the front local store
     80 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     81 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
     82 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 2>&1 | FileCheck \
     83 ; RUN:     --check-prefix=LOCAL-STORE %s
     84 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     85 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
     86 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 2>&1 | FileCheck \
     87 ; RUN:     --check-prefix=LOCAL-STORE %s
     88 
     89 ; check with a one off the end global store
     90 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     91 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
     92 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 2>&1 | FileCheck \
     93 ; RUN:     --check-prefix=GLOBAL-STORE %s
     94 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
     95 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
     96 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 2>&1 | FileCheck \
     97 ; RUN:     --check-prefix=GLOBAL-STORE %s
     98 
     99 ; check with a many off the end global store
    100 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
    101 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
    102 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 10 2>&1 | FileCheck \
    103 ; RUN:    --check-prefix=GLOBAL-STORE %s
    104 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
    105 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
    106 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 10 2>&1 | FileCheck \
    107 ; RUN:    --check-prefix=GLOBAL-STORE %s
    108 
    109 ; check with a one before the front global store
    110 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
    111 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols \
    112 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 10 11 2>&1 | FileCheck \
    113 ; RUN:     --check-prefix=GLOBAL-STORE %s
    114 ; RUN: llvm-as %s -o - | pnacl-freeze > %t.pexe && %S/../../pydir/szbuild.py \
    115 ; RUN:     --fsanitize-address --sz=-allow-externally-defined-symbols -O2 \
    116 ; RUN:     %t.pexe -o %t && %t 1 2 3 4 5 6 7 8 9 10 11 2>&1 | FileCheck \
    117 ; RUN:     --check-prefix=GLOBAL-STORE %s
    118 
    119 declare external void @exit(i32)
    120 
    121 ; A global array
    122 @array = internal constant [12 x i8] zeroinitializer
    123 
    124 define void @access(i32 %is_local_i, i32 %is_load_i, i32 %err) {
    125   ; get the base pointer to either the local or global array
    126   %local = alloca i8, i32 12, align 1
    127   %global = bitcast [12 x i8]* @array to i8*
    128   %is_local = icmp ne i32 %is_local_i, 0
    129   %arr = select i1 %is_local, i8* %local, i8* %global
    130 
    131   ; determine the offset to access
    132   %err_offset = mul i32 %err, 4
    133   %pos_offset = add i32 %err_offset, 12
    134   %pos = icmp sge i32 %err_offset, 0
    135   %offset = select i1 %pos, i32 %pos_offset, i32 %err
    136 
    137   ; calculate the address to access
    138   %arraddr = ptrtoint i8* %arr to i32
    139   %badaddr = add i32 %arraddr, %offset
    140   %badptr = inttoptr i32 %badaddr to i8*
    141 
    142   ; determine load or store
    143   %is_load = icmp ne i32 %is_load_i, 0
    144   br i1 %is_load, label %bad_load, label %bad_store
    145 
    146 bad_load:
    147   %result = load i8, i8* %badptr, align 1
    148   ret void
    149 
    150 bad_store:
    151   store i8 42, i8* %badptr, align 1
    152   ret void
    153 }
    154 
    155 ; use argc to determine which test routine to run
    156 define void @_start(i32 %arg) {
    157   %argcaddr = add i32 %arg, 8
    158   %argcptr = inttoptr i32 %argcaddr to i32*
    159   %argc = load i32, i32* %argcptr, align 1
    160   switch i32 %argc, label %error [i32 1, label %one_local_load
    161                                   i32 2, label %many_local_load
    162                                   i32 3, label %neg_local_load
    163                                   i32 4, label %one_global_load
    164                                   i32 5, label %many_global_load
    165                                   i32 6, label %neg_global_load
    166                                   i32 7, label %one_local_store
    167                                   i32 8, label %many_local_store
    168                                   i32 9, label %neg_local_store
    169                                   i32 10, label %one_global_store
    170                                   i32 11, label %many_global_store
    171                                   i32 12, label %neg_global_store]
    172 one_local_load:
    173   ; Access one past the end of a local
    174   call void @access(i32 1, i32 1, i32 0)
    175   br label %error
    176 many_local_load:
    177   ; Access five past the end of a local
    178   call void @access(i32 1, i32 1, i32 4)
    179   br label %error
    180 neg_local_load:
    181   ; Access one before the beginning of a local
    182   call void @access(i32 1, i32 1, i32 -1)
    183   br label %error
    184 one_global_load:
    185   ; Access one past the end of a global
    186   call void @access(i32 0, i32 1, i32 0)
    187   br label %error
    188 many_global_load:
    189   ; Access five past the end of a global
    190   call void @access(i32 0, i32 1, i32 4)
    191   br label %error
    192 neg_global_load:
    193   ; Access one before the beginning of a global
    194   call void @access(i32 0, i32 1, i32 -1)
    195   br label %error
    196 one_local_store:
    197   ; Access one past the end of a local
    198   call void @access(i32 1, i32 0, i32 0)
    199   br label %error
    200 many_local_store:
    201   ; Access five past the end of a local
    202   call void @access(i32 1, i32 0, i32 4)
    203   br label %error
    204 neg_local_store:
    205   ; Access one before the beginning of a local
    206   call void @access(i32 1, i32 0, i32 -1)
    207   br label %error
    208 one_global_store:
    209   ; Access one past the end of a global
    210   call void @access(i32 0, i32 0, i32 0)
    211   br label %error
    212 many_global_store:
    213   ; Access five past the end of a global
    214   call void @access(i32 0, i32 0, i32 4)
    215   br label %error
    216 neg_global_store:
    217   ; Access one before the beginning of a global
    218   call void @access(i32 0, i32 0, i32 -1)
    219   br label %error
    220 error:
    221   call void @exit(i32 1)
    222   unreachable
    223 }
    224 
    225 ; LOCAL-LOAD: Illegal 1 byte load from stack object at
    226 ; LOCAL-LOAD-NEXT: address of __asan_error symbol is
    227 ; LOCAL-STORE: Illegal 1 byte store to stack object at
    228 ; LOCAL-STORE-NEXT: address of __asan_error symbol is
    229 ; GLOBAL-LOAD: Illegal 1 byte load from global object at
    230 ; GLOBAL-LOAD-NEXT: address of __asan_error symbol is
    231 ; GLOBAL-STORE: Illegal 1 byte store to global object at
    232 ; GLOBAL-STORE-NEXT: address of __asan_error symbol is
    233