Imported Upstream version 6.10.0.49

Former-commit-id: 1d6753294b2993e1fbf92de9366bb9544db4189b

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/abort_on_error.cc

@@ -0,0 +1,21 @@
+// Check that with empty ASAN_OPTIONS, ASan reports on Linux don't crash
+// the process (abort_on_error=0). See also Darwin/abort_on_error.cc.
+
+// RUN: %clangxx_asan %s -o %t
+
+// Intentionally don't inherit the default ASAN_OPTIONS.
+// RUN: env ASAN_OPTIONS="" not %run %t 2>&1 | FileCheck %s
+// When we use lit's default ASAN_OPTIONS, we shouldn't crash either. On Linux
+// lit doesn't set ASAN_OPTIONS anyway.
+// RUN: not %run %t 2>&1 | FileCheck %s
+
+// Android runs with abort_on_error=0
+// UNSUPPORTED: android
+
+#include <stdlib.h>
+int main() {
+  char *x = (char*)malloc(10 * sizeof(char));
+  free(x);
+  return x[5];
+  // CHECK: {{.*ERROR: AddressSanitizer: heap-use-after-free on address}}
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/activation-options.cc

@@ -0,0 +1,71 @@
+// Test for ASAN_OPTIONS=start_deactivated=1 mode.
+// Main executable is uninstrumented, but linked to ASan runtime. The shared
+// library is instrumented.
+
+// RUN: %clangxx_asan -O0 -DSHARED_LIB %s -fPIC -shared -o %t-so.so
+// RUN: %clangxx -O0 %s -c -o %t.o
+// RUN: %clangxx_asan -O0 %t.o %libdl -o %t
+
+// RUN: rm -f %t.asan.options.activation-options.cc.tmp
+// RUN: rm -f %t.asan.options.ABCDE
+// RUN: echo "help=1" >%t.asan.options.activation-options.cc.tmp
+
+// RUN: %env_asan_opts=start_deactivated=1 \
+// RUN:   ASAN_ACTIVATION_OPTIONS=include=%t.asan.options.%b %run %t 2>&1 | \
+// RUN:   FileCheck %s --check-prefix=CHECK-HELP --check-prefix=CHECK-FOUND
+
+// RUN: %env_asan_opts=start_deactivated=1 \
+// RUN:   ASAN_ACTIVATION_OPTIONS=include=%t.asan.options not %run %t 2>&1 | \
+// RUN:   FileCheck %s --check-prefix=CHECK-NO-HELP --check-prefix=CHECK-MISSING
+
+// RUN: %env_asan_opts=start_deactivated=1 \
+// RUN:   ASAN_ACTIVATION_OPTIONS=include=%t.asan.options.%b not %run %t --fix-name 2>&1 | \
+// RUN:   FileCheck %s --check-prefix=CHECK-NO-HELP --check-prefix=CHECK-MISSING
+
+// RUN: echo "help=1" >%t.asan.options.ABCDE
+
+// RUN: %env_asan_opts=start_deactivated=1 \
+// RUN:   ASAN_ACTIVATION_OPTIONS=include=%t.asan.options.%b %run %t --fix-name 2>&1 | \
+// RUN:   FileCheck %s --check-prefix=CHECK-HELP --check-prefix=CHECK-FOUND
+
+// XFAIL: arm-linux-gnueabi
+// XFAIL: android
+
+#if !defined(SHARED_LIB)
+#include <assert.h>
+#include <dlfcn.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <string>
+
+#include "sanitizer/asan_interface.h"
+
+typedef void (*Fn)();
+
+int main(int argc, char *argv[]) {
+  std::string path = std::string(argv[0]) + "-so.so";
+
+  if (argc > 1 && strcmp(argv[1], "--fix-name") == 0) {
+    assert(strlen(argv[0]) > 5);
+    strcpy(argv[0], "ABCDE");
+  }
+
+  void *dso = dlopen(path.c_str(), RTLD_NOW);
+  if (!dso) {
+    fprintf(stderr, "dlopen failed: %s\n", dlerror());
+    return 1;
+  }
+
+  return 0;
+}
+#else  // SHARED_LIB
+// Empty: all we need is an ASan shared library constructor.
+#endif  // SHARED_LIB
+
+// CHECK-HELP: Available flags for {{.*}}Sanitizer:
+// CHECK-NO-HELP-NOT: Available flags for {{.*}}Sanitizer:
+// CHECK-FOUND-NOT: Failed to read options
+// CHECK-MISSING: Failed to read options

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/aligned_delete_test.cc

@@ -0,0 +1,140 @@
+// RUN: %clangxx_asan -std=c++1z -faligned-allocation -fsanitize-recover=address -O0 %s -o %t
+// RUN: %env_asan_opts=new_delete_type_mismatch=1:halt_on_error=false:detect_leaks=false %run %t 2>&1 | FileCheck %s
+// RUN: %env_asan_opts=new_delete_type_mismatch=0                                        %run %t
+
+// RUN: %clangxx_asan -std=c++1z -faligned-allocation -fsized-deallocation -fsanitize-recover=address -O0 %s -o %t
+// RUN: %env_asan_opts=new_delete_type_mismatch=1:halt_on_error=false:detect_leaks=false %run %t 2>&1 | FileCheck %s
+// RUN: %env_asan_opts=new_delete_type_mismatch=0                                        %run %t
+
+#include <stdio.h>
+
+// Define all new/delete to do not depend on the version provided by the
+// platform. The implementation is provided by ASan anyway.
+
+namespace std {
+struct nothrow_t {};
+static const nothrow_t nothrow;
+enum class align_val_t : size_t {};
+}  // namespace std
+
+void *operator new(size_t);
+void *operator new[](size_t);
+void *operator new(size_t, std::nothrow_t const&);
+void *operator new[](size_t, std::nothrow_t const&);
+void *operator new(size_t, std::align_val_t);
+void *operator new[](size_t, std::align_val_t);
+void *operator new(size_t, std::align_val_t, std::nothrow_t const&);
+void *operator new[](size_t, std::align_val_t, std::nothrow_t const&);
+
+void operator delete(void*) throw();
+void operator delete[](void*) throw();
+void operator delete(void*, std::nothrow_t const&);
+void operator delete[](void*, std::nothrow_t const&);
+void operator delete(void*, size_t) throw();
+void operator delete[](void*, size_t) throw();
+void operator delete(void*, std::align_val_t) throw();
+void operator delete[](void*, std::align_val_t) throw();
+void operator delete(void*, std::align_val_t, std::nothrow_t const&);
+void operator delete[](void*, std::align_val_t, std::nothrow_t const&);
+void operator delete(void*, size_t, std::align_val_t) throw();
+void operator delete[](void*, size_t, std::align_val_t) throw();
+
+
+template<typename T>
+inline T* break_optimization(T *arg) {
+  __asm__ __volatile__("" : : "r" (arg) : "memory");
+  return arg;
+}
+
+
+struct S12 { int a, b, c; };
+struct alignas(128) S12_128 { int a, b, c; };
+struct alignas(256) S12_256 { int a, b, c; };
+struct alignas(512) S1024_512 { char a[1024]; };
+struct alignas(1024) S1024_1024 { char a[1024]; };
+
+
+int main(int argc, char **argv) {
+  // Check the mismatched calls only, all the valid cases are verified in
+  // test/sanitizer_common/TestCases/Linux/new_delete_test.cc.
+
+  operator delete(break_optimization(new S12_128), std::nothrow);
+  // CHECK: AddressSanitizer: new-delete-type-mismatch
+  // CHECK:  object passed to delete has wrong type:
+  // CHECK:  alignment of the allocated type:   128 bytes;
+  // CHECK:  alignment of the deallocated type: default-aligned.
+  // CHECK: SUMMARY: AddressSanitizer: new-delete-type-mismatch
+
+  operator delete(break_optimization(new S12_128), sizeof(S12_128));
+  // CHECK: AddressSanitizer: new-delete-type-mismatch
+  // CHECK:  object passed to delete has wrong type:
+  // CHECK:  alignment of the allocated type:   128 bytes;
+  // CHECK:  alignment of the deallocated type: default-aligned.
+  // CHECK: SUMMARY: AddressSanitizer: new-delete-type-mismatch
+
+  operator delete[](break_optimization(new S12_128[100]), std::nothrow);
+  // CHECK: AddressSanitizer: new-delete-type-mismatch
+  // CHECK:  object passed to delete has wrong type:
+  // CHECK:  alignment of the allocated type:   128 bytes;
+  // CHECK:  alignment of the deallocated type: default-aligned.
+  // CHECK: SUMMARY: AddressSanitizer: new-delete-type-mismatch
+
+  operator delete[](break_optimization(new S12_128[100]), sizeof(S12_128[100]));
+  // CHECK: AddressSanitizer: new-delete-type-mismatch
+  // CHECK:  object passed to delete has wrong type:
+  // CHECK:  alignment of the allocated type:   128 bytes;
+  // CHECK:  alignment of the deallocated type: default-aligned.
+  // CHECK: SUMMARY: AddressSanitizer: new-delete-type-mismatch
+
+  // Various mismatched alignments.
+
+  delete break_optimization(reinterpret_cast<S12*>(new S12_256));
+  // CHECK: AddressSanitizer: new-delete-type-mismatch
+  // CHECK:  object passed to delete has wrong type:
+  // CHECK:  alignment of the allocated type:   256 bytes;
+  // CHECK:  alignment of the deallocated type: default-aligned.
+  // CHECK: SUMMARY: AddressSanitizer: new-delete-type-mismatch
+
+  delete break_optimization(reinterpret_cast<S12_256*>(new S12));
+  // CHECK: AddressSanitizer: new-delete-type-mismatch
+  // CHECK:  object passed to delete has wrong type:
+  // CHECK:  alignment of the allocated type:   default-aligned;
+  // CHECK:  alignment of the deallocated type: 256 bytes.
+  // CHECK: SUMMARY: AddressSanitizer: new-delete-type-mismatch
+
+  delete break_optimization(reinterpret_cast<S12_128*>(new S12_256));
+  // CHECK: AddressSanitizer: new-delete-type-mismatch
+  // CHECK:  object passed to delete has wrong type:
+  // CHECK:  alignment of the allocated type:   256 bytes;
+  // CHECK:  alignment of the deallocated type: 128 bytes.
+  // CHECK: SUMMARY: AddressSanitizer: new-delete-type-mismatch
+
+  delete [] break_optimization(reinterpret_cast<S12*>(new S12_256[100]));
+  // CHECK: AddressSanitizer: new-delete-type-mismatch
+  // CHECK:  object passed to delete has wrong type:
+  // CHECK:  alignment of the allocated type:   256 bytes;
+  // CHECK:  alignment of the deallocated type: default-aligned.
+  // CHECK: SUMMARY: AddressSanitizer: new-delete-type-mismatch
+
+  delete [] break_optimization(reinterpret_cast<S12_256*>(new S12[100]));
+  // CHECK: AddressSanitizer: new-delete-type-mismatch
+  // CHECK:  object passed to delete has wrong type:
+  // CHECK:  alignment of the allocated type:   default-aligned;
+  // CHECK:  alignment of the deallocated type: 256 bytes.
+  // CHECK: SUMMARY: AddressSanitizer: new-delete-type-mismatch
+
+  delete [] break_optimization(reinterpret_cast<S12_128*>(new S12_256[100]));
+  // CHECK: AddressSanitizer: new-delete-type-mismatch
+  // CHECK:  object passed to delete has wrong type:
+  // CHECK:  alignment of the allocated type:   256 bytes;
+  // CHECK:  alignment of the deallocated type: 128 bytes.
+  // CHECK: SUMMARY: AddressSanitizer: new-delete-type-mismatch
+
+  // Push ASan limits, the current limitation is that it cannot differentiate
+  // alignments above 512 bytes.
+  fprintf(stderr, "Checking alignments >= 512 bytes\n");
+  delete break_optimization(reinterpret_cast<S1024_512*>(new S1024_1024));
+  fprintf(stderr, "Done\n");
+  // CHECK: Checking alignments >= 512 bytes
+  // CHECK-NEXT: Done
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/allocator_oom_test.cc

@@ -0,0 +1,88 @@
+// Test the behavior of malloc/calloc/realloc when the allocation causes OOM
+// in the secondary allocator.
+// By default (allocator_may_return_null=0) the process should crash.
+// With allocator_may_return_null=1 the allocator should return 0.
+// Set the limit to 20.5T on 64 bits to account for ASan shadow memory,
+// allocator buffers etc. so that the test allocation of ~1T will trigger OOM.
+// Limit this test to Linux since we're relying on allocator internal
+// limits (shadow memory size, allocation limits etc.)
+
+// RUN: %clangxx_asan -O0 %s -o %t
+// RUN: ulimit -v 22024290304
+// RUN: not %run %t malloc 2>&1 \
+// RUN:   | FileCheck %s --check-prefixes=CHECK-MALLOC,CHECK-CRASH
+// RUN: %env_asan_opts=allocator_may_return_null=0 not %run %t malloc 2>&1 \
+// RUN:   | FileCheck %s --check-prefixes=CHECK-MALLOC,CHECK-CRASH
+// RUN: %env_asan_opts=allocator_may_return_null=1     %run %t malloc 2>&1 \
+// RUN:   | FileCheck %s --check-prefixes=CHECK-MALLOC,CHECK-NULL
+// RUN: %env_asan_opts=allocator_may_return_null=0 not %run %t calloc 2>&1 \
+// RUN:   | FileCheck %s --check-prefixes=CHECK-CALLOC,CHECK-CRASH
+// RUN: %env_asan_opts=allocator_may_return_null=1     %run %t calloc 2>&1 \
+// RUN:   | FileCheck %s --check-prefixes=CHECK-CALLOC,CHECK-NULL
+// RUN: %env_asan_opts=allocator_may_return_null=0 not %run %t realloc 2>&1 \
+// RUN:   | FileCheck %s --check-prefixes=CHECK-REALLOC,CHECK-CRASH
+// RUN: %env_asan_opts=allocator_may_return_null=1     %run %t realloc 2>&1 \
+// RUN:   | FileCheck %s --check-prefixes=CHECK-REALLOC,CHECK-NULL
+// RUN: %env_asan_opts=allocator_may_return_null=0 not %run %t realloc-after-malloc 2>&1 \
+// RUN:   | FileCheck %s --check-prefixes=CHECK-MALLOC-REALLOC,CHECK-CRASH
+// RUN: %env_asan_opts=allocator_may_return_null=1     %run %t realloc-after-malloc 2>&1 \
+// RUN:   | FileCheck %s --check-prefixes=CHECK-MALLOC-REALLOC,CHECK-NULL
+
+// ASan shadow memory on s390 is too large for this test.
+// AArch64 bots fail on this test.
+// TODO(alekseys): Android lit do not run ulimit on device.
+// REQUIRES: shadow-scale-3
+// UNSUPPORTED: s390,android,arm,aarch64
+
+#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
+#include <assert.h>
+
+int main(int argc, char **argv) {
+  assert(argc == 2);
+  const char *action = argv[1];
+  fprintf(stderr, "%s:\n", action);
+
+  // Allocate just a bit less than max allocation size enforced by ASan's
+  // allocator (currently 1T and 3G).
+  const size_t size =
+#if __LP64__
+      (1ULL << 40) - (1ULL << 30);
+#else
+      (3ULL << 30) - (1ULL << 20);
+#endif
+
+  void *x = 0;
+
+  if (!strcmp(action, "malloc")) {
+    x = malloc(size);
+  } else if (!strcmp(action, "calloc")) {
+    x = calloc(size / 4, 4);
+  } else if (!strcmp(action, "realloc")) {
+    x = realloc(0, size);
+  } else if (!strcmp(action, "realloc-after-malloc")) {
+    char *t = (char*)malloc(100);
+    *t = 42;
+    x = realloc(t, size);
+    assert(*t == 42);
+    free(t);
+  } else {
+    assert(0);
+  }
+
+  // The NULL pointer is printed differently on different systems, while (long)0
+  // is always the same.
+  fprintf(stderr, "x: %lx\n", (long)x);
+  free(x);
+
+  return x != 0;
+}
+
+// CHECK-MALLOC: malloc:
+// CHECK-CALLOC: calloc:
+// CHECK-REALLOC: realloc:
+// CHECK-MALLOC-REALLOC: realloc-after-malloc:
+
+// CHECK-CRASH: AddressSanitizer's allocator is terminating the process
+// CHECK-NULL: x: 0

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/asan-asm-stacktrace-test.cc

@@ -0,0 +1,33 @@
+// Check that a stack unwinding algorithm works corretly even with the assembly
+// instrumentation.
+
+// REQUIRES: x86_64-target-arch, shadow-scale-3
+// RUN: %clangxx_asan -g -O1 %s -fno-inline-functions -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -mllvm -asan-instrument-assembly -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -g -O1 %s -fno-inline-functions -fomit-frame-pointer -momit-leaf-frame-pointer -mllvm -asan-instrument-assembly -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -g0 -O1 %s -fno-unwind-tables -fno-asynchronous-unwind-tables -fno-exceptions -fno-inline-functions -fomit-frame-pointer -momit-leaf-frame-pointer -mllvm -asan-instrument-assembly -o %t && not %run %t 2>&1 | FileCheck %s --check-prefix=CHECK-nounwind
+
+#include <cstddef>
+
+// CHECK: READ of size 4
+// CHECK-NEXT: {{#0 0x[0-9a-fA-F]+ in foo}}
+// CHECK-NEXT: {{#1 0x[0-9a-fA-F]+ in main}}
+
+// CHECK-nounwind: READ of size 4
+// CHECK-nounwind-NEXT: {{#0 0x[0-9a-fA-F]+ in foo}}
+
+__attribute__((noinline)) int foo(size_t n, int *buffer) {
+  int r;
+  __asm__("movl (%[buffer], %[n], 4), %[r]  \n\t"
+          : [r] "=r"(r)
+          : [buffer] "r"(buffer), [n] "r"(n)
+          : "memory");
+  return r;
+}
+
+int main() {
+  const size_t n = 16;
+  int *buffer = new int[n];
+  foo(n, buffer);
+  delete[] buffer;
+  return 0;
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/asan_default_suppressions.cc

@@ -0,0 +1,7 @@
+// Test that we use the suppressions from __asan_default_suppressions.
+// RUN: %clangxx_asan %s -o %t && not %run %t 2>&1 | FileCheck %s
+extern "C" {
+  const char *__asan_default_suppressions() { return "FooBar"; }
+}
+// CHECK: AddressSanitizer: failed to parse suppressions
+int main() {}

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/asan_dlopen_test.cc

@@ -0,0 +1,17 @@
+// Test that dlopen of dynamic runtime is prohibited.
+//
+// RUN: %clangxx %s -DRT=\"%shared_libasan\" -o %t -ldl
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: %env_asan_opts=verify_asan_link_order=true not %run %t 2>&1 | FileCheck %s
+// RUN: %env_asan_opts=verify_asan_link_order=false %run %t 2>&1
+// REQUIRES: asan-dynamic-runtime
+// XFAIL: android
+
+#include <dlfcn.h>
+
+int main(int argc, char **argv) {
+  dlopen(RT, RTLD_LAZY);
+  return 0;
+}
+
+// CHECK: ASan runtime does not come first in initial library list

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/asan_prelink_test.cc

@@ -0,0 +1,29 @@
+// Test if asan works with prelink.
+// It does not actually use prelink, but relies on ld's flag -Ttext-segment
+// or gold's flag -Ttext (we try the first flag first, if that fails we
+// try the second flag).
+//
+// RUN: %clangxx_asan -c %s -o %t.o
+// RUN: %clangxx_asan -DBUILD_SO=1 -fPIC -shared %s -o %t.so -Wl,-Ttext-segment=0x3600000000 ||\
+// RUN: %clangxx_asan -DBUILD_SO=1 -fPIC -shared %s -o %t.so -Wl,-Ttext=0x3600000000
+// RUN: %clangxx_asan %t.o %t.so -Wl,-R. -o %t
+// RUN: %env_asan_opts=verbosity=1 %run %t 2>&1 | FileCheck %s
+
+// GNU driver doesn't handle .so files properly.
+// REQUIRES: x86_64-target-arch, shadow-scale-3, Clang
+#if BUILD_SO
+int G;
+int *getG() {
+  return &G;
+}
+#else
+#include <stdio.h>
+extern int *getG();
+int main(int argc, char **argv) {
+  long p = (long)getG();
+  printf("SO mapped at %lx\n", p & ~0xffffffffUL);
+  *getG() = 0;
+}
+#endif
+// CHECK: 0x003000000000, 0x004fffffffff{{.*}} MidMem
+// CHECK: SO mapped at 3600000000

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/asan_preload_test-1.cc

@@ -0,0 +1,30 @@
+// Test that non-sanitized executables work with sanitized shared libs
+// and preloaded runtime.
+//
+// RUN: %clangxx -DBUILD_SO=1 -fPIC -shared %s -o %t.so
+// RUN: %clangxx %s %t.so -o %t
+//
+// RUN: %clangxx_asan -DBUILD_SO=1 -fPIC -shared %s -o %t.so
+// RUN: env LD_PRELOAD=%shared_libasan not %run %t 2>&1 | FileCheck %s
+
+// REQUIRES: asan-dynamic-runtime
+
+// This way of setting LD_PRELOAD does not work with Android test runner.
+// REQUIRES: !android
+
+#if BUILD_SO
+char dummy;
+void do_access(const void *p) {
+  // CHECK: AddressSanitizer: heap-buffer-overflow
+  dummy = ((const char *)p)[1];
+}
+#else
+#include <stdlib.h>
+extern void do_access(const void *p);
+int main(int argc, char **argv) {
+  void *p = malloc(1);
+  do_access(p);
+  free(p);
+  return 0;
+}
+#endif

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/asan_preload_test-2.cc

@@ -0,0 +1,24 @@
+// Test that preloaded runtime works with unsanitized executables.
+//
+// RUN: %clangxx %s -o %t
+// RUN: env LD_PRELOAD=%shared_libasan not %run %t 2>&1 | FileCheck %s
+
+// REQUIRES: asan-dynamic-runtime
+
+// This way of setting LD_PRELOAD does not work with Android test runner.
+// REQUIRES: !android
+
+#include <stdlib.h>
+
+extern "C" ssize_t write(int fd, const void *buf, size_t count);
+
+void do_access(void *p) {
+  // CHECK: AddressSanitizer: heap-buffer-overflow
+  write(1, p, 2);
+}
+
+int main(int argc, char **argv) {
+  void *p = malloc(1);
+  do_access(p);
+  return 0;
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/asan_preload_test-3.cc

@@ -0,0 +1,36 @@
+// Regression test for PR33206
+//
+// RUN: %clang -DDYN=1 -DMALLOC=1 -fPIC -shared %s -o %t-dso1.so
+// RUN: %clang -DDYN=1 -DMALLOC=1 -fPIC -shared %s -o %t-dso2.so %t-dso1.so
+// RUN: %clang %s -o %t-1 %t-dso2.so
+// RUN: env LD_PRELOAD=%shared_libasan %run %t-1 2>&1 | FileCheck %s
+// RUN: %clang -DDYN=1 -DREALLOC=1 -fPIC -shared %s -o %t-dso3.so
+// RUN: %clang -DDYN=1 -DREALLOC=1 -fPIC -shared %s -o %t-dso4.so %t-dso3.so
+// RUN: %clang %s -o %t-2 %t-dso4.so
+// RUN: env LD_PRELOAD=%shared_libasan %run %t-2 2>&1 | FileCheck %s
+// REQUIRES: asan-dynamic-runtime
+
+// FIXME: Test regressed while android bot was disabled. Needs investigation.
+// UNSUPPORTED: android
+
+#include <stdlib.h>
+#include <stdio.h>
+
+#ifdef DYN
+__attribute__((constructor)) void foo() {
+  void *p;
+#ifdef MALLOC
+  p = malloc(1 << 20);
+#endif
+#ifdef REALLOC
+  p = realloc (0, 1 << 20);
+#endif
+  free(p);
+}
+#else
+int main() {
+  // CHECK: Success
+  printf("Success\n");
+  return 0;
+}
+#endif

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/asan_rt_confict_test-1.cc

@@ -0,0 +1,13 @@
+// Test that preloading dynamic runtime to statically sanitized
+// executable is prohibited.
+//
+// RUN: %clangxx_asan_static %s -o %t
+// RUN: env LD_PRELOAD=%shared_libasan not %run %t 2>&1 | FileCheck %s
+
+// REQUIRES: asan-dynamic-runtime
+// XFAIL: android
+
+#include <stdlib.h>
+int main(int argc, char **argv) { return 0; }
+
+// CHECK: Your application is linked against incompatible ASan runtimes

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/asan_rt_confict_test-2.cc

@@ -0,0 +1,25 @@
+// Test that mixed static/dynamic sanitization of program objects
+// is prohibited.
+//
+// RUN: %clangxx_asan -DBUILD_SO=1 -fPIC -shared %s -o %t.so
+// RUN: %clangxx_asan_static %s %t.so -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+
+// REQUIRES: asan-dynamic-runtime
+// XFAIL: android
+
+#if BUILD_SO
+char dummy;
+void do_access(const void *p) { dummy = ((const char *)p)[1]; }
+#else
+#include <stdlib.h>
+extern void do_access(const void *p);
+int main(int argc, char **argv) {
+  void *p = malloc(1);
+  do_access(p);
+  free(p);
+  return 0;
+}
+#endif
+
+// CHECK: Your application is linked against incompatible ASan runtimes

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/auto_memory_profile_test.cc

@@ -0,0 +1,32 @@
+// Tests heap_profile=1.
+// Printing memory profiling only works in the configuration where we can
+// detect leaks.
+// REQUIRES: leak-detection
+//
+// RUN: %clangxx_asan %s -o %t
+// RUN: %env_asan_opts=heap_profile=1 %run %t 2>&1 | FileCheck %s
+#include <sanitizer/common_interface_defs.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+char *sink[1000];
+
+int main() {
+
+  for (int i = 0; i < 3; i++) {
+    const size_t  kSize = 13000000;
+    char *x = new char[kSize];
+    memset(x, 0, kSize);
+    sink[i] = x;
+    sleep(1);
+  }
+}
+
+// CHECK: HEAP PROFILE at RSS
+// CHECK: 13000000 byte(s)
+// CHECK: HEAP PROFILE at RSS
+// CHECK: 26000000 byte(s)
+// CHECK: HEAP PROFILE at RSS
+// CHECK: 39000000 byte(s)

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/calloc-preload.c

@@ -0,0 +1,36 @@
+// Test that initially callocked memory is properly freed
+// (see https://github.com/google/sanitizers/issues/626).
+// 
+// RUN: %clang %s -o %t
+// RUN: env LD_PRELOAD=%shared_libasan %run %t
+//
+// REQUIRES: asan-dynamic-runtime
+//
+// This way of setting LD_PRELOAD does not work with Android test runner.
+// REQUIRES: !android
+
+#include <stdio.h>
+#include <stdlib.h>
+
+static void *ptr;
+
+// This constructor will run before __asan_init
+// so calloc will allocate memory from special pool.
+static void init() {
+  ptr = calloc(10, 1);
+}
+
+__attribute__((section(".preinit_array"), used))
+void *dummy = init;
+
+void free_memory() {
+  // This used to abort because
+  // Asan's free didn't recognize ptr.
+  free(ptr);
+}
+
+int main() {
+  free_memory();
+  return 0;
+}
+

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/clang_gcc_abi.cc

@@ -0,0 +1,45 @@
+// RUN: %clangxx_asan -O0 -x c %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O1 -x c %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O2 -x c %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O3 -x c %s -o %t && not %run %t 2>&1 | FileCheck %s
+
+// REQUIRES: arm-target-arch, fast-unwinder-works
+// XFAIL: armv7l-unknown-linux-gnueabihf
+
+#include <stdlib.h>
+
+__attribute__((noinline))
+int boom() {
+  volatile int three = 3;
+  char * volatile s = (char *)malloc(three);
+// CHECK: #1 0x{{.*}} in boom {{.*}}clang_gcc_abi.cc:[[@LINE-1]]
+  return s[three]; //BOOM
+}
+
+__attribute__((naked, noinline)) void gcc_abi() {
+// CHECK: #2 0x{{.*}} in gcc_abi {{.*}}clang_gcc_abi.cc:[[@LINE+1]]
+  asm volatile("str fp, [sp, #-8]!\n\t"
+               "str lr, [sp, #4]\n\t"
+               "add fp, sp, #4\n\t"
+               "bl  boom\n\t"
+               "sub sp, fp, #4\n\t"
+               "ldr fp, [sp]\n\t"
+               "add sp, sp, #4\n\t"
+               "ldr pc, [sp], #4\n\t"
+              );
+}
+
+__attribute__((naked, noinline)) void clang_abi() {
+// CHECK: #3 0x{{.*}} in clang_abi {{.*}}clang_gcc_abi.cc:[[@LINE+1]]
+  asm volatile("push {r11, lr}\n\t"
+               "mov r11, sp\n\t"
+               "bl  gcc_abi\n\t"
+               "add r0, r0, #1\n\t"
+               "pop {r11, pc}\n\t"
+              );
+}
+
+int main() {
+  clang_abi();
+// CHECK: #4 0x{{.*}} in main {{.*}}clang_gcc_abi.cc:[[@LINE-1]]
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/clone_test.cc

@@ -0,0 +1,45 @@
+// Regression test for:
+// http://code.google.com/p/address-sanitizer/issues/detail?id=37
+
+// RUN: %clangxx_asan -O0 %s -o %t && %run %t | FileCheck %s
+// RUN: %clangxx_asan -O1 %s -o %t && %run %t | FileCheck %s
+// RUN: %clangxx_asan -O2 %s -o %t && %run %t | FileCheck %s
+// RUN: %clangxx_asan -O3 %s -o %t && %run %t | FileCheck %s
+// XFAIL: arm-linux-gnueabi
+
+#include <stdio.h>
+#include <sched.h>
+#include <sys/syscall.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+
+int Child(void *arg) {
+  char x[32] = {0};  // Stack gets poisoned.
+  printf("Child:  %p\n", x);
+  _exit(1);  // NoReturn, stack will remain unpoisoned unless we do something.
+}
+
+int main(int argc, char **argv) {
+  const int kStackSize = 1 << 20;
+  char __attribute__((aligned(16))) child_stack[kStackSize + 1];
+  char *sp = child_stack + kStackSize;  // Stack grows down.
+  printf("Parent: %p\n", sp);
+  pid_t clone_pid = clone(Child, sp, CLONE_FILES | CLONE_VM, NULL);
+  int status;
+  pid_t wait_result = waitpid(clone_pid, &status, __WCLONE);
+  if (wait_result < 0) {
+    perror("waitpid");
+    return 0;
+  }
+  if (wait_result == clone_pid && WIFEXITED(status)) {
+    // Make sure the child stack was indeed unpoisoned.
+    for (int i = 0; i < kStackSize; i++)
+      child_stack[i] = i;
+    int ret = child_stack[argc - 1];
+    printf("PASSED\n");
+    // CHECK: PASSED
+    return ret;
+  }
+  return 0;
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/coverage-missing.cc

@@ -0,0 +1,84 @@
+// Test for "sancov.py missing ...".
+
+// First case: coverage from executable. main() is called on every code path.
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard %s -o %t -DFOOBAR -DMAIN
+// RUN: rm -rf %T/coverage-missing
+// RUN: mkdir -p %T/coverage-missing
+// RUN: cd %T/coverage-missing
+// RUN: %env_asan_opts=coverage=1:coverage_dir=%T/coverage-missing %run %t
+// RUN: %sancov print *.sancov > main.txt
+// RUN: rm *.sancov
+// RUN: count 1 < main.txt
+// RUN: %env_asan_opts=coverage=1:coverage_dir=%T/coverage-missing %run %t x
+// RUN: %sancov print *.sancov > foo.txt
+// RUN: rm *.sancov
+// RUN: count 3 < foo.txt
+// RUN: %env_asan_opts=coverage=1:coverage_dir=%T/coverage-missing %run %t x x
+// RUN: %sancov print *.sancov > bar.txt
+// RUN: rm *.sancov
+// RUN: count 4 < bar.txt
+// RUN: %sancov missing %t < foo.txt > foo-missing.txt
+// RUN: sort main.txt foo-missing.txt -o foo-missing-with-main.txt
+// The "missing from foo" set may contain a few bogus PCs from the sanitizer
+// runtime, but it must include the entire "bar" code path as a subset. Sorted
+// lists can be tested for set inclusion with diff + grep.
+// RUN: diff bar.txt foo-missing-with-main.txt > %t.log || true
+// RUN: not grep "^<" %t.log
+
+// Second case: coverage from DSO.
+// cd %T
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard %s -o %dynamiclib -DFOOBAR -shared -fPIC
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard %s %dynamiclib -o %t -DMAIN
+// RUN: cd ..
+// RUN: rm -rf %T/coverage-missing
+// RUN: mkdir -p %T/coverage-missing
+// RUN: cd %T/coverage-missing
+// RUN: %env_asan_opts=coverage=1:coverage_dir=%T/coverage-missing %run %t x
+// RUN: %sancov print %xdynamiclib_filename.*.sancov > foo.txt
+// RUN: rm *.sancov
+// RUN: count 2 < foo.txt
+// RUN: %env_asan_opts=coverage=1:coverage_dir=%T/coverage-missing %run %t x x
+// RUN: %sancov print %xdynamiclib_filename.*.sancov > bar.txt
+// RUN: rm *.sancov
+// RUN: count 3 < bar.txt
+// RUN: %sancov missing %dynamiclib < foo.txt > foo-missing.txt
+// RUN: diff bar.txt foo-missing.txt > %t.log || true
+// RUN: not grep "^<" %t.log
+
+// REQUIRES: x86-target-arch
+// XFAIL: android
+
+#include <stdio.h>
+
+void foo1();
+void foo2();
+void bar1();
+void bar2();
+void bar3();
+
+#if defined(FOOBAR)
+void foo1() { fprintf(stderr, "foo1\n"); }
+void foo2() { fprintf(stderr, "foo2\n"); }
+
+void bar1() { fprintf(stderr, "bar1\n"); }
+void bar2() { fprintf(stderr, "bar2\n"); }
+void bar3() { fprintf(stderr, "bar3\n"); }
+#endif
+
+#if defined(MAIN)
+int main(int argc, char **argv) {
+  switch (argc) {
+    case 1:
+      break;
+    case 2:
+      foo1();
+      foo2();
+      break;
+    case 3:
+      bar1();
+      bar2();
+      bar3();
+      break;
+  }
+}
+#endif

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/cuda_test.cc

@@ -0,0 +1,35 @@
+// Emulate the behavior of the NVIDIA CUDA driver
+// that mmaps memory inside the asan's shadow gap.
+//
+// REQUIRES: x86_64-target-arch, shadow-scale-3
+//
+// RUN: %clangxx_asan %s -o %t
+// RUN: not %env_asan_opts=protect_shadow_gap=1 %t 2>&1 | FileCheck %s  --check-prefix=CHECK-PROTECT1
+// RUN: not                                     %t 2>&1 | FileCheck %s  --check-prefix=CHECK-PROTECT1
+// RUN: not %env_asan_opts=protect_shadow_gap=0 %t 2>&1 | FileCheck %s  --check-prefix=CHECK-PROTECT0
+#include <assert.h>
+#include <unistd.h>
+#include <sys/mman.h>
+#include <stdint.h>
+
+#include "sanitizer/asan_interface.h"
+
+int main(void) {
+  uintptr_t Base = 0x200000000;
+  uintptr_t Size = 0x1100000000;
+  void *addr =
+      mmap((void *)Base, Size, PROT_READ | PROT_WRITE,
+           MAP_NORESERVE | MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED, 0, 0);
+  assert(addr == (void*)Base);
+  // Make sure we can access memory in shadow gap.
+  // W/o protect_shadow_gap=0 we should fail here.
+  for (uintptr_t Addr = Base; Addr < Base + Size; Addr += Size / 100)
+    *(char*)Addr = 1;
+  // CHECK-PROTECT1: AddressSanitizer: SEGV on unknown address 0x0000bfff8000
+
+  // Poison a part of gap's shadow:
+  __asan_poison_memory_region((void*)Base, 4096);
+  // Now we should fail with use-after-poison.
+  *(char*)(Base + 1234) = 1;
+  // CHECK-PROTECT0: AddressSanitizer: use-after-poison on address 0x0002000004d2
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Linux/function-sections-are-bad.cc

@@ -0,0 +1,41 @@
+// Check that --gc-sections does not throw away (or localize) parts of sanitizer
+// interface.
+// RUN: %clang_asan %s -Wl,--gc-sections -ldl -o %t
+// RUN: %clang_asan %s -DBUILD_SO -fPIC -o %t-so.so -shared
+// RUN: %run %t 2>&1
+
+// REQUIRES: asan-64-bits
+
+#ifndef BUILD_SO
+#include <assert.h>
+#include <dlfcn.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+int main(int argc, char *argv[]) {
+  char path[4096];
+  snprintf(path, sizeof(path), "%s-so.so", argv[0]);
+
+  void *handle = dlopen(path, RTLD_LAZY);
+  if (!handle) fprintf(stderr, "%s\n", dlerror());
+  assert(handle != 0);
+
+  typedef void (*F)();
+  F f = (F)dlsym(handle, "call_rtl_from_dso");
+  printf("%s\n", dlerror());
+  assert(dlerror() == 0);
+  f();
+  
+  dlclose(handle);
+  return 0;
+}
+
+#else // BUILD_SO
+
+#include <sanitizer/asan_interface.h>
+extern "C" void call_rtl_from_dso() {
+  volatile int32_t x;
+  volatile int32_t y = __sanitizer_unaligned_load32((void *)&x);
+}
+
+#endif // BUILD_SO