| 1 | // UNSUPPORTED: ios |
|---|
| 2 | // Don't re-enable until rdar://problem/62141527 is fixed. |
|---|
| 3 | // REQUIRES: rdar_62141527 |
|---|
| 4 | // REQUIRES: shell |
|---|
| 5 | // REQUIRES: darwin_log_cmd |
|---|
| 6 | // RUN: %clangxx_asan -fsanitize-recover=address %s -o %t |
|---|
| 7 | // RUN: { %env_asan_opts=halt_on_error=0,log_to_syslog=1 %run %t > %t.process_output.txt 2>&1 & } \ |
|---|
| 8 | // RUN: ; export TEST_PID=$! ; wait ${TEST_PID} |
|---|
| 9 | |
|---|
| 10 | // Check process output. |
|---|
| 11 | // RUN: FileCheck %s --check-prefixes CHECK,CHECK-PROC -input-file=%t.process_output.txt |
|---|
| 12 | |
|---|
| 13 | // Check syslog output. We filter recent system logs based on PID to avoid |
|---|
| 14 | // getting the logs of previous test runs. |
|---|
| 15 | // RUN: log show --debug --last 5m --predicate "processID == ${TEST_PID}" --style syslog > %t.process_syslog_output.txt |
|---|
| 16 | // RUN: FileCheck %s -input-file=%t.process_syslog_output.txt |
|---|
| 17 | #include <cassert> |
|---|
| 18 | #include <cstdio> |
|---|
| 19 | #include <cstring> |
|---|
| 20 | #include <sanitizer/asan_interface.h> |
|---|
| 21 | |
|---|
| 22 | const int kBufferSize = 512; |
|---|
| 23 | char *buffer; |
|---|
| 24 | |
|---|
| 25 | // `readZero` and `readOne` exist so that we can distinguish the two |
|---|
| 26 | // error reports based on the symbolized stacktrace. |
|---|
| 27 | void readZero() { |
|---|
| 28 | assert(__asan_address_is_poisoned(buffer)); |
|---|
| 29 | char c = buffer[0]; |
|---|
| 30 | printf(format: "Read %c\n" , c); |
|---|
| 31 | } |
|---|
| 32 | |
|---|
| 33 | void readOne() { |
|---|
| 34 | assert(__asan_address_is_poisoned(buffer + 1)); |
|---|
| 35 | char c = buffer[1]; |
|---|
| 36 | printf(format: "Read %c\n" , c); |
|---|
| 37 | } |
|---|
| 38 | |
|---|
| 39 | int main() { |
|---|
| 40 | buffer = static_cast<char *>(malloc(kBufferSize)); |
|---|
| 41 | memset(s: static_cast<void *>(buffer), c: static_cast<int>('.'), n: kBufferSize); |
|---|
| 42 | assert(buffer); |
|---|
| 43 | // Deliberately poison `buffer` so that we have a deterministic way |
|---|
| 44 | // triggering two ASan reports in a row in the no halt_on_error mode (e.g. Two |
|---|
| 45 | // heap-use-after free in a row might not be deterministic). |
|---|
| 46 | __asan_poison_memory_region(addr: buffer, size: kBufferSize); |
|---|
| 47 | |
|---|
| 48 | // This sequence of ASan reports are designed to catch an old bug in the way |
|---|
| 49 | // ASan's internal syslog buffer was handled after reporting an issue. |
|---|
| 50 | // Previously in the no halt_on_error mode the internal buffer wasn't cleared |
|---|
| 51 | // after reporting an issue. When another issue was encountered everything |
|---|
| 52 | // that was already in the buffer would be written to the syslog again |
|---|
| 53 | // leading to duplicate reports in the syslog. |
|---|
| 54 | |
|---|
| 55 | // First bad access. |
|---|
| 56 | // CHECK: use-after-poison |
|---|
| 57 | // CHECK-NEXT: READ of size 1 |
|---|
| 58 | // CHECK-NEXT: #0 0x{{[0-9a-f]+}} in readZero |
|---|
| 59 | // CHECK: SUMMARY: {{.*}} use-after-poison {{.*}} in readZero |
|---|
| 60 | readZero(); |
|---|
| 61 | |
|---|
| 62 | // Second bad access. |
|---|
| 63 | // CHECK: use-after-poison |
|---|
| 64 | // CHECK-NEXT: READ of size 1 |
|---|
| 65 | // CHECK-NEXT: #0 0x{{[0-9a-f]+}} in readOne |
|---|
| 66 | // CHECK: SUMMARY: {{.*}} use-after-poison {{.*}} in readOne |
|---|
| 67 | readOne(); |
|---|
| 68 | |
|---|
| 69 | // CHECK-PROC: DONE |
|---|
| 70 | printf(format: "DONE\n" ); |
|---|
| 71 | return 0; |
|---|
| 72 | } |
|---|
| 73 | |
|---|
