From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-patches-return-426721-listarch-gcc-patches=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 6532 invoked by alias); 6 May 2016 11:08:13 -0000
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-patches.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-help@gcc.gnu.org>
Sender: gcc-patches-owner@gcc.gnu.org
Received: (qmail 6518 invoked by uid 89); 6 May 2016 11:08:13 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_PASS autolearn=ham version=3.3.2 spammy=READ
X-HELO: mx2.suse.de
Received: from mx2.suse.de (HELO mx2.suse.de) (195.135.220.15) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (CAMELLIA256-SHA encrypted) ESMTPS; Fri, 06 May 2016 11:08:02 +0000
Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.220.254])	by mx2.suse.de (Postfix) with ESMTP id BB42DAB9D;	Fri,  6 May 2016 11:07:58 +0000 (UTC)
Subject: [PATCH] Introduce tests for -fsanitize=use-after-scope
To: GCC Patches <gcc-patches@gcc.gnu.org>
References: <572C7A3E.4000905@suse.cz>
Cc: Jakub Jelinek <jakub@redhat.com>
From: =?UTF-8?Q?Martin_Li=c5=a1ka?= <mliska@suse.cz>
Message-ID: <572C7B0E.3040707@suse.cz>
Date: Fri, 06 May 2016 11:08:00 -0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <572C7A3E.4000905@suse.cz>
Content-Type: multipart/mixed; boundary="------------020805050208070007070307"
X-IsSubscribed: yes
X-SW-Source: 2016-05/txt/msg00470.txt.bz2

This is a multi-part message in MIME format.
--------------020805050208070007070307
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Content-length: 71

Hi.

This is a new test coverage for the new sanitizer option.

Martin

--------------020805050208070007070307
Content-Type: text/x-patch;
 name="0002-Introduce-tests-for-fsanitize-use-after-scope.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="0002-Introduce-tests-for-fsanitize-use-after-scope.patch"
Content-length: 4872

>From 753bfb3edb12c9f3fd13f320e308556f63330c97 Mon Sep 17 00:00:00 2001
From: marxin <mliska@suse.cz>
Date: Wed, 4 May 2016 12:57:05 +0200
Subject: [PATCH 2/2] Introduce tests for -fsanitize=use-after-scope

gcc/testsuite/ChangeLog:

2016-05-04  Martin Liska  <mliska@suse.cz>
	* gcc.dg/asan/use-after-scope-1.c: New test.
	* gcc.dg/asan/use-after-scope-2.c: New test.
	* gcc.dg/asan/use-after-scope-3.c: New test.
	* gcc.dg/asan/use-after-scope-4.c: New test.
	* gcc.dg/asan/use-after-scope-goto-1.c: New test.
---
 gcc/testsuite/gcc.dg/asan/use-after-scope-1.c      | 19 +++++++++
 gcc/testsuite/gcc.dg/asan/use-after-scope-2.c      | 48 ++++++++++++++++++++++
 gcc/testsuite/gcc.dg/asan/use-after-scope-3.c      | 21 ++++++++++
 gcc/testsuite/gcc.dg/asan/use-after-scope-4.c      | 17 ++++++++
 gcc/testsuite/gcc.dg/asan/use-after-scope-goto-1.c | 22 ++++++++++
 5 files changed, 127 insertions(+)
 create mode 100644 gcc/testsuite/gcc.dg/asan/use-after-scope-1.c
 create mode 100644 gcc/testsuite/gcc.dg/asan/use-after-scope-2.c
 create mode 100644 gcc/testsuite/gcc.dg/asan/use-after-scope-3.c
 create mode 100644 gcc/testsuite/gcc.dg/asan/use-after-scope-4.c
 create mode 100644 gcc/testsuite/gcc.dg/asan/use-after-scope-goto-1.c

diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-1.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-1.c
new file mode 100644
index 0000000..b4a4f52
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-1.c
@@ -0,0 +1,19 @@
+// { dg-do run }
+// { dg-additional-options "-fsanitize=use-after-scope -fstack-reuse=none" }
+// { dg-shouldfail "asan" }
+
+int
+main (void)
+{
+  char *ptr;
+  {
+    char my_char[9];
+    ptr = &my_char[0];
+  }
+
+  *(ptr+9) = 'c';
+}
+
+// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
+// { dg-output "WRITE of size 1 at.*" }
+// { dg-output ".*'my_char' <== Memory access at offset \[0-9\]* overflows this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-2.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-2.c
new file mode 100644
index 0000000..3f99fb7
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-2.c
@@ -0,0 +1,48 @@
+// { dg-do run }
+// { dg-additional-options "-fsanitize=use-after-scope -fstack-reuse=none" }
+// { dg-shouldfail "asan" }
+
+int *bar (int *x, int *y) { return y; }
+
+int foo (void)
+{
+  char *p;
+  {
+    char a = 0;
+    p = &a;
+  }
+
+  if (*p)
+    return 1;
+  else
+    return 0;
+}
+
+int
+main (void)
+{
+  char *ptr;
+  {
+    char my_char[9];
+    ptr = &my_char[0];
+  }
+
+  int a[16];
+  int *p, *q = a;
+  {
+    int b[16];
+    p = bar (a, b);
+  }
+  bar (a, q);
+  {
+    int c[16];
+    q = bar (a, c);
+  }
+  int v = *bar (a, q);
+  return v;
+}
+
+
+// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
+// { dg-output "READ of size 4 at.*" }
+// { dg-output ".*'c' <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-3.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-3.c
new file mode 100644
index 0000000..abaaaad
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-3.c
@@ -0,0 +1,21 @@
+// { dg-do run }
+// { dg-additional-options "-fsanitize=use-after-scope -fstack-reuse=none" }
+// { dg-shouldfail "asan" }
+
+int
+main (void)
+{
+  char *ptr;
+  char *ptr2;
+  {
+    char my_char[9];
+    ptr = &my_char[0];
+    __builtin_memcpy (&ptr2, &ptr, sizeof (ptr2));
+  }
+
+  *(ptr2+9) = 'c';
+}
+
+// { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
+// { dg-output "WRITE of size 1 at.*" }
+// { dg-output ".*'my_char' <== Memory access at offset \[0-9\]* overflows this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-4.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-4.c
new file mode 100644
index 0000000..7254c9c
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-4.c
@@ -0,0 +1,17 @@
+// { dg-do run }
+// { dg-additional-options "-fsanitize=use-after-scope -fstack-reuse=none" }
+
+int
+__attribute__((no_sanitize_address))
+main (void)
+{
+  char *ptr;
+  char *ptr2;
+  {
+    char my_char[9];
+    ptr = &my_char[0];
+    __builtin_memcpy (&ptr2, &ptr, sizeof (ptr2));
+  }
+
+  *(ptr2+9) = 'c';
+}
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-goto-1.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-goto-1.c
new file mode 100644
index 0000000..7bb8ba4
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/asan/use-after-scope-goto-1.c
@@ -0,0 +1,22 @@
+// { dg-do run }
+// { dg-additional-options "-fsanitize=use-after-scope -fstack-reuse=none" }
+
+int main(int argc, char **argv)
+{
+  int a = 123;
+
+  if (argc == 0)
+  {
+    int *ptr;
+    label:
+      {
+	ptr = &a;
+        *ptr = 1;
+	return 0;
+      }
+  }
+  else
+    goto label;
+
+  return 0;
+}
-- 
2.8.1


--------------020805050208070007070307--