xref: /llvm-project/compiler-rt/test/asan/TestCases/alloca_vla_interact.cpp (revision 23d209f350f4e51b2a42636ce45d10c6e208252d)
1 // RUN: %clangxx_asan -O0 -mllvm -asan-instrument-dynamic-allocas %s -o %t
2 // RUN: %run %t 2>&1
3 //
4 // REQUIRES: stable-runtime
5 
6 // See https://github.com/llvm/llvm-project/issues/110956
7 // XFAIL: target=sparc{{.*}}
8 
9 // This testcase checks correct interaction between VLAs and allocas.
10 
11 #include <assert.h>
12 #include <stdint.h>
13 #include <stdlib.h>
14 #include "sanitizer/asan_interface.h"
15 
16 // MSVC provides _alloca instead of alloca.
17 #if defined(_MSC_VER) && !defined(alloca)
18 # define alloca _alloca
19 #endif
20 
21 #if defined(__sun__) && defined(__svr4__)
22 #include <alloca.h>
23 #endif
24 
25 #define RZ 32
26 
27 __attribute__((noinline)) void foo(int len) {
28   char *top, *bot;
29   // This alloca call should live until the end of foo.
30   char *alloca1 = (char *)alloca(len);
31   assert(!(reinterpret_cast<uintptr_t>(alloca1) & 31L));
32   // This should be first poisoned address after loop.
33   top = alloca1 - RZ;
34   for (int i = 0; i < 32; ++i) {
35     // Check that previous alloca was unpoisoned at the end of iteration.
36     if (i) assert(!__asan_region_is_poisoned(bot, 96));
37     // VLA is unpoisoned at the end of iteration.
38     volatile char array[i];
39     // Ensure that asan-use-stack-safety does not optimize out the poisoning.
40     if (i) array[0] = 0;
41     assert(!(reinterpret_cast<uintptr_t>(array) & 31L));
42     // Alloca is unpoisoned at the end of iteration,
43     // because dominated by VLA.
44     bot = (char *)alloca(i) - RZ;
45   }
46   // Check that all allocas from loop were unpoisoned correctly.
47   void *q = __asan_region_is_poisoned(bot, (char *)top - (char *)bot + 1);
48   assert(q == top);
49 }
50 
51 int main(int argc, char **argv) {
52   foo(32);
53   return 0;
54 }
55