1 // RUN: %clangxx_asan -O0 -mllvm -asan-instrument-dynamic-allocas %s -o %t 2 // RUN: %run %t 2>&1 3 // 4 // REQUIRES: stable-runtime 5 6 // This testcase checks correct interaction between VLAs and allocas. 7 8 #include <assert.h> 9 #include <stdint.h> 10 #include <stdlib.h> 11 #include "sanitizer/asan_interface.h" 12 13 // MSVC provides _alloca instead of alloca. 14 #if defined(_MSC_VER) && !defined(alloca) 15 # define alloca _alloca 16 #endif 17 18 #if defined(__sun__) && defined(__svr4__) 19 #include <alloca.h> 20 #endif 21 22 #define RZ 32 23 foo(int len)24__attribute__((noinline)) void foo(int len) { 25 char *top, *bot; 26 // This alloca call should live until the end of foo. 27 char *alloca1 = (char *)alloca(len); 28 assert(!(reinterpret_cast<uintptr_t>(alloca1) & 31L)); 29 // This should be first poisoned address after loop. 30 top = alloca1 - RZ; 31 for (int i = 0; i < 32; ++i) { 32 // Check that previous alloca was unpoisoned at the end of iteration. 33 if (i) assert(!__asan_region_is_poisoned(bot, 96)); 34 // VLA is unpoisoned at the end of iteration. 35 volatile char array[i]; 36 assert(!(reinterpret_cast<uintptr_t>(array) & 31L)); 37 // Alloca is unpoisoned at the end of iteration, 38 // because dominated by VLA. 39 bot = (char *)alloca(i) - RZ; 40 } 41 // Check that all allocas from loop were unpoisoned correctly. 42 void *q = __asan_region_is_poisoned(bot, (char *)top - (char *)bot + 1); 43 assert(q == top); 44 } 45 main(int argc,char ** argv)46int main(int argc, char **argv) { 47 foo(32); 48 return 0; 49 } 50