Imported Upstream version 6.10.0.49

Former-commit-id: 1d6753294b2993e1fbf92de9366bb9544db4189b

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/asan-sigbus.cpp

@@ -0,0 +1,42 @@
+// Check handle_bus flag
+// Defaults to true
+// RUN: %clangxx_asan -std=c++11 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s -check-prefix=CHECK-BUS
+// RUN: %env_asan_opts=handle_sigbus=0 not --crash %run %t 2>&1 | FileCheck %s
+
+// UNSUPPORTED: ios
+
+#include <assert.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/mman.h>
+#include <unistd.h>
+#include <string>
+
+char array[4096];
+int main(int argc, char **argv) {
+  int fd = open((std::string(argv[0]) + ".m").c_str(), O_RDWR | O_CREAT, 0700);
+  if (fd < 0) {
+    perror("open");
+    exit(1);
+  }
+  assert(write(fd, array, sizeof(array)) == sizeof(array));
+
+  // Write some zeroes to the file, then mmap it while it has a 4KiB size
+  char *addr = (char *)mmap(nullptr, sizeof(array), PROT_READ,
+                            MAP_FILE | MAP_SHARED, fd, 0);
+  if (addr == MAP_FAILED) {
+    perror("mmap");
+    exit(1);
+  }
+
+  // Truncate the file so our memory isn't valid any more
+  assert(ftruncate(fd, 0) == 0);
+
+  // Try to access the memory
+  return addr[42];
+  // CHECK-NOT: DEADLYSIGNAL
+  // CHECK-BUS: DEADLYSIGNAL
+  // CHECK-BUS: ERROR: AddressSanitizer: BUS
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/asan-symbolize-bad-path.cc

@@ -0,0 +1,4 @@
+// Test that asan_symbolize does not hang when provided with an non-existing
+// path.
+// RUN: echo '#0 0xabcdabcd (%T/bad/path+0x1234)' | %asan_symbolize | FileCheck %s
+// CHECK: #0 0xabcdabcd

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/asan-symbolize-sanity-test.cc

@@ -0,0 +1,64 @@
+// FIXME: https://code.google.com/p/address-sanitizer/issues/detail?id=316
+// XFAIL: android
+//
+// Check that asan_symbolize.py script works (for binaries, ASan RTL and
+// shared object files.
+
+// RUN: %clangxx_asan -O0 -DSHARED_LIB %s -fPIC -shared -o %t-so.so
+// RUN: %clangxx_asan -O0 %s %libdl -o %t
+// RUN: %env_asan_opts=symbolize=0 not %run %t 2>&1 | %asan_symbolize | FileCheck %s
+// REQUIRES: stable-runtime
+
+// UNSUPPORTED: ios
+
+#if !defined(SHARED_LIB)
+#include <dlfcn.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <string>
+
+using std::string;
+
+typedef void (fun_t)(int*, int);
+
+int main(int argc, char *argv[]) {
+  string path = string(argv[0]) + "-so.so";
+  printf("opening %s ... \n", path.c_str());
+  void *lib = dlopen(path.c_str(), RTLD_NOW);
+  if (!lib) {
+    printf("error in dlopen(): %s\n", dlerror());
+    return 1;
+  }
+  fun_t *inc2 = (fun_t*)dlsym(lib, "inc2");
+  if (!inc2) return 1;
+  printf("ok\n");
+  int *array = (int*)malloc(40);
+  inc2(array, 1);
+  inc2(array, -1);  // BOOM
+  // CHECK: ERROR: AddressSanitizer: heap-buffer-overflow
+  // CHECK: READ of size 4 at 0x{{.*}}
+  // CHECK: #0 {{.*}} in inc2 {{.*}}asan-symbolize-sanity-test.cc:[[@LINE+21]]
+  // CHECK: #1 {{.*}} in main {{.*}}asan-symbolize-sanity-test.cc:[[@LINE-4]]
+  // CHECK: allocated by thread T{{.*}} here:
+  // CHECK: #{{.*}} in {{(wrap_|__interceptor_)?}}malloc
+  // CHECK: #{{.*}} in main {{.*}}asan-symbolize-sanity-test.cc:[[@LINE-9]]
+  return 0;
+}
+#else  // SHARED_LIBS
+#include <stdio.h>
+#include <string.h>
+
+int pad[10];
+int GLOB[10] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
+
+extern "C"
+void inc(int index) {
+  GLOB[index]++;
+}
+
+extern "C"
+void inc2(int *a, int index) {
+  a[index]++;
+}
+#endif  // SHARED_LIBS

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/asprintf.cc

@@ -0,0 +1,20 @@
+// RUN: %clangxx_asan -O0 %s -o %t && %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O3 %s -o %t && %run %t 2>&1 | FileCheck %s
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+
+int main(int argc, char **argv) {
+  char *p;
+  int res = asprintf(&p, "%d", argc);
+  fprintf(stderr, "x%d %sx\n", res, p);
+  // CHECK: x1 1x
+  free(p);
+  fprintf(stderr, "DONE\n");
+  // CHECK: DONE
+  return 0;
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/assign_large_valloc_to_global.cc

@@ -0,0 +1,6 @@
+// Make sure we don't report a leak nor hang.
+// RUN: %clangxx_asan -O3 %s -o %t && %run %t
+#include <stdlib.h>
+#include <unistd.h>
+int *p;
+int main() { posix_memalign((void **)&p, 4096, 1 << 20); }

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/closed-fds.cc

@@ -0,0 +1,35 @@
+// Check that when the program closed its std(in|out|err), running the external
+// symbolizer still works.
+
+// RUN: rm -f %t.log.*
+// RUN: %clangxx_asan -O0 %s -o %t
+// RUN: %env_asan_opts=log_path='"%t.log"':verbosity=2 not %run %t
+// RUN: FileCheck %s --check-prefix=CHECK-FILE < %t.log.*
+
+// FIXME: copy %t.log back from the device and re-enable on Android.
+// UNSUPPORTED: android
+// UNSUPPORTED: ios
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+int main(int argc, char **argv) {
+  int result = fprintf(stderr, "Closing streams.\n");
+  assert(result > 0);
+  close(STDIN_FILENO);
+  close(STDOUT_FILENO);
+  close(STDERR_FILENO);
+  result = fprintf(stderr, "Can you hear me now?\n");
+  assert(result < 0);
+  char *x = (char *)malloc(10 * sizeof(char));
+  free(x);
+  x[argc] = 'X';  // BOOM
+  // CHECK-FILE: {{.*ERROR: AddressSanitizer: heap-use-after-free on address}}
+  // CHECK-FILE:   {{0x.* at pc 0x.* bp 0x.* sp 0x.*}}
+  // CHECK-FILE: {{WRITE of size 1 at 0x.* thread T0}}
+  // CHECK-FILE: {{    #0 0x.* in main .*closed-fds.cc:}}[[@LINE-4]]
+  return 0;
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/concurrent_overflow.cc

@@ -0,0 +1,33 @@
+// RUN: %clangxx_asan -O0 -w %s -o %t && not %run %t 2>&1 | FileCheck %s
+
+// Checks that concurrent reports will not trigger false "nested bug" reports.
+// Regression test for https://github.com/google/sanitizers/issues/858
+
+#include <pthread.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+static void *start_routine(void *arg) {
+  volatile int *counter = (volatile int *)arg;
+  char buf[8];
+  __atomic_sub_fetch(counter, 1, __ATOMIC_SEQ_CST);
+  while (*counter)
+    ;
+  buf[0] = buf[9];
+  return 0;
+}
+
+int main(void) {
+  const int n_threads = 8;
+  int i, counter = n_threads;
+  pthread_t thread;
+
+  for (i = 0; i < n_threads; ++i)
+    pthread_create(&thread, NULL, &start_routine, (void *)&counter);
+  sleep(5);
+  return 0;
+}
+
+// CHECK-NOT: nested bug
+// CHECK: ERROR: AddressSanitizer: stack-buffer-overflow on address
+// CHECK: SUMMARY: AddressSanitizer: stack-buffer-overflow

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/coverage-fork.cc

@@ -0,0 +1,41 @@
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard %s -o %t
+// RUN: rm -rf %T/coverage-fork
+// RUN: mkdir -p %T/coverage-fork && cd %T/coverage-fork
+// RUN: %env_asan_opts=coverage=1:verbosity=1 %run %t 2>&1 | FileCheck %s
+//
+// UNSUPPORTED: android
+//
+// Ideally a forked-subprocess should only report it's own coverage,
+// not parent's one. But trace-pc-guard currently does nothing special for fork,
+// and thus this test is relaxed.
+
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+__attribute__((noinline))
+void foo() { printf("foo\n"); }
+
+__attribute__((noinline))
+void bar() { printf("bar\n"); }
+
+__attribute__((noinline))
+void baz() { printf("baz\n"); }
+
+int main(int argc, char **argv) {
+  pid_t child_pid = fork();
+  if (child_pid == 0) {
+    fprintf(stderr, "Child PID: %d\n", getpid());
+    baz();
+  } else {
+    fprintf(stderr, "Parent PID: %d\n", getpid());
+    foo();
+    bar();
+  }
+  return 0;
+}
+
+// CHECK-DAG: Child PID: [[ChildPID:[0-9]+]]
+// CHECK-DAG: [[ChildPID]].sancov: {{.*}} PCs written
+// CHECK-DAG: Parent PID: [[ParentPID:[0-9]+]]
+// CHECK-DAG: [[ParentPID]].sancov: 3 PCs written

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/coverage-module-unloaded.cc

@@ -0,0 +1,51 @@
+// Check that unloading a module doesn't break coverage dumping for remaining
+// modules.
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard -DSHARED %s -shared -o %dynamiclib1 -fPIC
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard -DSHARED %s -shared -o %dynamiclib2 -fPIC
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard %s %libdl -o %t.exe
+// RUN: mkdir -p %t.tmp/coverage-module-unloaded && cd %t.tmp/coverage-module-unloaded
+// RUN: %env_asan_opts=coverage=1:verbosity=1 %run %t.exe %dynamiclib1 %dynamiclib2 2>&1        | FileCheck %s
+// RUN: %env_asan_opts=coverage=1:verbosity=1 %run %t.exe %dynamiclib1 %dynamiclib2 foo 2>&1    | FileCheck %s
+//
+// https://code.google.com/p/address-sanitizer/issues/detail?id=263
+// XFAIL: android
+// UNSUPPORTED: ios
+
+#include <assert.h>
+#include <dlfcn.h>
+#include <stdio.h>
+#include <unistd.h>
+
+#ifdef SHARED
+extern "C" {
+void bar() { printf("bar\n"); }
+}
+#else
+
+int main(int argc, char **argv) {
+  fprintf(stderr, "PID: %d\n", getpid());
+  assert(argc > 2);
+  void *handle1 = dlopen(argv[1], RTLD_LAZY);  // %dynamiclib1
+  assert(handle1);
+  void (*bar1)() = (void (*)())dlsym(handle1, "bar");
+  assert(bar1);
+  bar1();
+  void *handle2 = dlopen(argv[2], RTLD_LAZY);  // %dynamiclib2
+  assert(handle2);
+  void (*bar2)() = (void (*)())dlsym(handle2, "bar");
+  assert(bar2);
+  bar2();
+
+  // It matters whether the unloaded module has a higher or lower address range
+  // than the remaining one. Make sure to test both cases.
+  if (argc < 2)
+    dlclose(bar1 < bar2 ? handle1 : handle2);
+  else
+    dlclose(bar1 < bar2 ? handle2 : handle1);
+  return 0;
+}
+#endif
+
+// CHECK: PID: [[PID:[0-9]+]]
+// CHECK-DAG: exe{{.*}}[[PID]].sancov: {{.*}}PCs written
+// CHECK-DAG: dynamic{{.*}}[[PID]].sancov: {{.*}}PCs written

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/coverage-reset.cc

@@ -0,0 +1,65 @@
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard -DSHARED %s -shared -o %dynamiclib -fPIC %ld_flags_rpath_so
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard %s %ld_flags_rpath_exe -o %t
+// RUN: rm -rf %T/coverage-reset && mkdir -p %T/coverage-reset && cd %T/coverage-reset
+// RUN: %env_asan_opts=coverage=1:verbosity=1 %run %t 2>&1 | FileCheck %s
+//
+// UNSUPPORTED: ios
+
+#include <stdio.h>
+
+#include <sanitizer/coverage_interface.h>
+
+#ifdef SHARED
+void bar1() { printf("bar1\n"); }
+void bar2() { printf("bar2\n"); }
+#else
+__attribute__((noinline)) void foo1() { printf("foo1\n"); }
+__attribute__((noinline)) void foo2() { printf("foo2\n"); }
+void bar1();
+void bar2();
+
+int main(int argc, char **argv) {
+  fprintf(stderr, "RESET\n");
+  __sanitizer_cov_reset();
+  foo1();
+  foo2();
+  bar1();
+  bar2();
+  __sanitizer_cov_dump();
+// CHECK: RESET
+// CHECK-DAG: SanitizerCoverage: ./coverage-reset.cc{{.*}}.sancov: 2 PCs written
+// CHECK-DAG: SanitizerCoverage: ./libcoverage-reset.cc{{.*}}.sancov: 2 PCs written
+
+  fprintf(stderr, "RESET\n");
+  __sanitizer_cov_reset();
+  foo1();
+  bar1();
+  __sanitizer_cov_dump();
+// CHECK: RESET
+// CHECK-DAG: SanitizerCoverage: ./coverage-reset.cc{{.*}}.sancov: 1 PCs written
+// CHECK-DAG: SanitizerCoverage: ./libcoverage-reset.cc{{.*}}.sancov: 1 PCs written
+
+  fprintf(stderr, "RESET\n");
+  __sanitizer_cov_reset();
+  foo1();
+  foo2();
+  __sanitizer_cov_dump();
+// CHECK: RESET
+// CHECK: SanitizerCoverage: ./coverage-reset.cc{{.*}}.sancov: 2 PCs written
+
+  fprintf(stderr, "RESET\n");
+  __sanitizer_cov_reset();
+  bar1();
+  bar2();
+  __sanitizer_cov_dump();
+// CHECK: RESET
+// CHECK: SanitizerCoverage: ./libcoverage-reset.cc{{.*}}.sancov: 2 PCs written
+
+  fprintf(stderr, "RESET\n");
+  __sanitizer_cov_reset();
+// CHECK: RESET
+
+  bar2();
+// CHECK: SanitizerCoverage: ./libcoverage-reset.cc{{.*}}.sancov: 1 PCs written
+}
+#endif

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/coverage.cc

@@ -0,0 +1,76 @@
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard -DSHARED %s -shared -o %dynamiclib -fPIC %ld_flags_rpath_so
+// RUN: %clangxx_asan -fsanitize-coverage=func,trace-pc-guard %s %ld_flags_rpath_exe -o %t
+// RUN: rm -rf %T/coverage && mkdir -p %T/coverage && cd %T/coverage
+// RUN: %env_asan_opts=coverage=1:verbosity=1 %run %t 2>&1         | FileCheck %s --check-prefix=CHECK-main
+// RUN: %sancov print coverage.*sancov 2>&1 | FileCheck %s --check-prefix=CHECK-SANCOV1
+// RUN: %env_asan_opts=coverage=1:verbosity=1 %run %t foo 2>&1     | FileCheck %s --check-prefix=CHECK-foo
+// RUN: %sancov print coverage.*sancov 2>&1 | FileCheck %s --check-prefix=CHECK-SANCOV2
+// RUN: %env_asan_opts=coverage=1:verbosity=1 %run %t bar 2>&1     | FileCheck %s --check-prefix=CHECK-bar
+// RUN: %sancov print coverage.*sancov 2>&1 | FileCheck %s --check-prefix=CHECK-SANCOV2
+// RUN: %env_asan_opts=coverage=1:verbosity=1 %run %t foo bar 2>&1 | FileCheck %s --check-prefix=CHECK-foo-bar
+// RUN: %sancov print coverage.*sancov 2>&1 | FileCheck %s --check-prefix=CHECK-SANCOV2
+// RUN: %sancov print libcoverage.*sancov 2>&1 | FileCheck %s --check-prefix=CHECK-SANCOV1
+// RUN: %sancov merge coverage.*sancov > merged-cov
+// RUN: %sancov print merged-cov 2>&1 | FileCheck %s --check-prefix=CHECK-SANCOV2
+// RUN: %env_asan_opts=coverage=1:verbosity=1 not %run %t foo bar 4    2>&1 | FileCheck %s --check-prefix=CHECK-report
+// RUN: %env_asan_opts=coverage=1:verbosity=1 not %run %t foo bar 4 5  2>&1 | FileCheck %s --check-prefix=CHECK-segv
+// RUN: rm -r %T/coverage
+//
+// https://code.google.com/p/address-sanitizer/issues/detail?id=263
+// XFAIL: android
+// UNSUPPORTED: ios
+
+#include <assert.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#ifdef SHARED
+void bar() { printf("bar\n"); }
+#else
+__attribute__((noinline))
+void foo() { printf("foo\n"); }
+extern void bar();
+
+int G[4];
+
+int main(int argc, char **argv) {
+  fprintf(stderr, "PID: %d\n", getpid());
+  for (int i = 1; i < argc; i++) {
+    if (!strcmp(argv[i], "foo"))
+      foo();
+    if (!strcmp(argv[i], "bar"))
+      bar();
+  }
+  if (argc == 5) {
+    static volatile char *zero = 0;
+    *zero = 0;  // SEGV if argc == 5.
+  }
+  return G[argc];  // Buffer overflow if argc >= 4.
+}
+#endif
+
+// CHECK-main: PID: [[PID:[0-9]+]]
+// CHECK-main: [[PID]].sancov: 1 PCs written
+// CHECK-main-NOT: .so.[[PID]]
+//
+// CHECK-foo: PID: [[PID:[0-9]+]]
+// CHECK-foo: [[PID]].sancov: 2 PCs written
+// CHECK-foo-NOT: .so.[[PID]]
+//
+// CHECK-bar: PID: [[PID:[0-9]+]]
+// CHECK-bar-DAG: .so.[[PID]].sancov: 1 PCs written
+// CHECK-bar-DAG: [[PID]].sancov: 1 PCs written
+//
+// CHECK-foo-bar: PID: [[PID:[0-9]+]]
+// CHECK-foo-bar-DAG: so.[[PID]].sancov: 1 PCs written
+// CHECK-foo-bar-DAG: [[PID]].sancov: 2 PCs written
+//
+// CHECK-report: AddressSanitizer: global-buffer-overflow
+// CHECK-report: PCs written
+//
+// CHECK-segv: AddressSanitizer: SEGV
+// CHECK-segv: PCs written
+//
+// CHECK-SANCOV1: 1 PCs total
+// CHECK-SANCOV2: 2 PCs total

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/current_allocated_bytes.cc

@@ -0,0 +1,44 @@
+// RUN: %clangxx_asan -O0 %s -pthread -o %t && %run %t
+// RUN: %clangxx_asan -O2 %s -pthread -o %t && %run %t
+// REQUIRES: stable-runtime
+
+#include <assert.h>
+#include <pthread.h>
+#include <sanitizer/allocator_interface.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+const size_t kLargeAlloc = 1UL << 20;
+
+void* allocate(void *arg) {
+  volatile void *ptr = malloc(kLargeAlloc);
+  free((void*)ptr);
+  return 0;
+}
+
+void* check_stats(void *arg) {
+  assert(__sanitizer_get_current_allocated_bytes() > 0);
+  return 0;
+}
+
+int main() {
+  size_t used_mem = __sanitizer_get_current_allocated_bytes();
+  printf("Before: %zu\n", used_mem);
+  const int kNumIterations = 1000;
+  for (int iter = 0; iter < kNumIterations; iter++) {
+    pthread_t thr[4];
+    for (int j = 0; j < 4; j++) {
+      assert(0 ==
+             pthread_create(&thr[j], 0, (j < 2) ? allocate : check_stats, 0));
+    }
+    for (int j = 0; j < 4; j++)
+      assert(0 == pthread_join(thr[j], 0));
+    used_mem = __sanitizer_get_current_allocated_bytes();
+    if (used_mem > kLargeAlloc) {
+      printf("After iteration %d: %zu\n", iter, used_mem);
+      return 1;
+    }
+  }
+  printf("Success after %d iterations\n", kNumIterations);
+  return 0;
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/deep_call_stack.cc

@@ -0,0 +1,29 @@
+// Check that UAR mode can handle very deep recusrion.
+// RUN: %clangxx_asan -O2 %s -o %t
+// RUN: ulimit -s 4096
+// RUN: %env_asan_opts=detect_stack_use_after_return=1 %run %t 2>&1 | FileCheck %s
+
+// Also check that use_sigaltstack+verbosity doesn't crash.
+// RUN: %env_asan_opts=verbosity=1:use_sigaltstack=1:detect_stack_use_after_return=1 %run %t  | FileCheck %s
+
+// UNSUPPORTED: ios
+
+#include <stdio.h>
+
+__attribute__((noinline))
+void RecursiveFunc(int depth, int *ptr) {
+  if ((depth % 1000) == 0)
+    printf("[%05d] ptr: %p\n", depth, ptr);
+  if (depth == 0)
+    return;
+  int local;
+  RecursiveFunc(depth - 1, &local);
+}
+
+int main(int argc, char **argv) {
+  RecursiveFunc(15000, 0);
+  return 0;
+}
+// CHECK: [15000] ptr:
+// CHECK: [07000] ptr:
+// CHECK: [00000] ptr:

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/deep_thread_stack.cc

@@ -0,0 +1,58 @@
+// RUN: %clangxx_asan -O0 %s -pthread -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O1 %s -pthread -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O2 %s -pthread -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O3 %s -pthread -o %t && not %run %t 2>&1 | FileCheck %s
+// REQUIRES: stable-runtime
+
+#include <pthread.h>
+
+int *x;
+
+void *AllocThread(void *arg) {
+  x = new int;
+  *x = 42;
+  return NULL;
+}
+
+void *FreeThread(void *arg) {
+  delete x;
+  return NULL;
+}
+
+void *AccessThread(void *arg) {
+  *x = 43;  // BOOM
+  return NULL;
+}
+
+typedef void* (*callback_type)(void* arg);
+
+void *RunnerThread(void *function) {
+  pthread_t thread;
+  pthread_create(&thread, NULL, (callback_type)function, NULL);
+  pthread_join(thread, NULL);
+  return NULL;
+}
+
+void RunThread(callback_type function) {
+  pthread_t runner;
+  pthread_create(&runner, NULL, RunnerThread, (void*)function);
+  pthread_join(runner, NULL);
+}
+
+int main(int argc, char *argv[]) {
+  RunThread(AllocThread);
+  RunThread(FreeThread);
+  RunThread(AccessThread);
+  return (x != 0);
+}
+
+// CHECK: AddressSanitizer: heap-use-after-free
+// CHECK: WRITE of size 4 at 0x{{.*}} thread T[[ACCESS_THREAD:[0-9]+]]
+// CHECK: freed by thread T[[FREE_THREAD:[0-9]+]] here:
+// CHECK: previously allocated by thread T[[ALLOC_THREAD:[0-9]+]] here:
+// CHECK: Thread T[[ACCESS_THREAD]] created by T[[ACCESS_RUNNER:[0-9]+]] here:
+// CHECK: Thread T[[ACCESS_RUNNER]] created by T0 here:
+// CHECK: Thread T[[FREE_THREAD]] created by T[[FREE_RUNNER:[0-9]+]] here:
+// CHECK: Thread T[[FREE_RUNNER]] created by T0 here:
+// CHECK: Thread T[[ALLOC_THREAD]] created by T[[ALLOC_RUNNER:[0-9]+]] here:
+// CHECK: Thread T[[ALLOC_RUNNER]] created by T0 here:

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/dlclose-test.cc

@@ -0,0 +1,106 @@
+// Regression test for
+// http://code.google.com/p/address-sanitizer/issues/detail?id=19
+// Bug description:
+// 1. application dlopens foo.so
+// 2. asan registers all globals from foo.so
+// 3. application dlcloses foo.so
+// 4. application mmaps some memory to the location where foo.so was before
+// 5. application starts using this mmaped memory, but asan still thinks there
+// are globals.
+// 6. BOOM
+
+// This sublte test assumes that after a foo.so is dlclose-d
+// we can mmap the region of memory that has been occupied by the library.
+// It works on x86 Linux, but not necessary anywhere else.
+// REQUIRES: x86-target-arch
+
+// RUN: %clangxx_asan -O0 -DSHARED_LIB %s -fPIC -shared -o %t-so.so
+// RUN: %clangxx_asan -O0 %s %libdl -o %t && %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O1 -DSHARED_LIB %s -fPIC -shared -o %t-so.so
+// RUN: %clangxx_asan -O1 %s %libdl -o %t && %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O2 -DSHARED_LIB %s -fPIC -shared -o %t-so.so
+// RUN: %clangxx_asan -O2 %s %libdl -o %t && %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O3 -DSHARED_LIB %s -fPIC -shared -o %t-so.so
+// RUN: %clangxx_asan -O3 %s %libdl -o %t && %run %t 2>&1 | FileCheck %s
+
+#if !defined(SHARED_LIB)
+#include <assert.h>
+#include <dlfcn.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <unistd.h>
+
+#include <string>
+
+#if defined(__FreeBSD__)
+// The MAP_NORESERVE define has been removed in FreeBSD 11.x, and even before
+// that, it was never implemented. So just define it to zero.
+#undef MAP_NORESERVE
+#define MAP_NORESERVE 0
+#endif
+
+using std::string;
+
+typedef int *(fun_t)();
+
+int main(int argc, char *argv[]) {
+  string path = string(argv[0]) + "-so.so";
+  size_t PageSize = sysconf(_SC_PAGESIZE);
+  printf("opening %s ... \n", path.c_str());
+  void *lib = dlopen(path.c_str(), RTLD_NOW);
+  if (!lib) {
+    printf("error in dlopen(): %s\n", dlerror());
+    return 1;
+  }
+  fun_t *get = (fun_t*)dlsym(lib, "get_address_of_static_var");
+  if (!get) {
+    printf("failed dlsym\n");
+    return 1;
+  }
+  int *addr = get();
+  assert(((size_t)addr % 32) == 0);  // should be 32-byte aligned.
+  printf("addr: %p\n", addr);
+  addr[0] = 1;  // make sure we can write there.
+
+  // Now dlclose the shared library.
+  printf("attempting to dlclose\n");
+  if (dlclose(lib)) {
+    printf("failed to dlclose\n");
+    return 1;
+  }
+  // Now, the page where 'addr' is unmapped. Map it.
+  size_t page_beg = ((size_t)addr) & ~(PageSize - 1);
+  void *res = mmap((void*)(page_beg), PageSize,
+                   PROT_READ | PROT_WRITE,
+                   MAP_PRIVATE | MAP_ANON | MAP_FIXED | MAP_NORESERVE, -1, 0);
+  if (res == (char*)-1L) {
+    printf("failed to mmap\n");
+    return 1;
+  }
+  addr[1] = 2;  // BOOM (if the bug is not fixed).
+  printf("PASS\n");
+  // CHECK: PASS
+  return 0;
+}
+#else  // SHARED_LIB
+#include <stdio.h>
+
+static int pad1;
+static int static_var;
+static int pad2;
+
+extern "C"
+int *get_address_of_static_var() {
+  return &static_var;
+}
+
+__attribute__((constructor))
+void at_dlopen() {
+  printf("%s: I am being dlopened\n", __FILE__);
+}
+__attribute__((destructor))
+void at_dlclose() {
+  printf("%s: I am being dlclosed\n", __FILE__);
+}
+#endif  // SHARED_LIB

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/fread_fwrite.cc

@@ -0,0 +1,34 @@
+// RUN: %clangxx_asan -g %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s --check-prefix=CHECK-FWRITE
+// RUN: not %run %t 1 2>&1 | FileCheck %s --check-prefix=CHECK-FREAD
+
+#include <stdio.h>
+#include <stdlib.h>
+
+int test_fread() {
+  FILE *f = fopen("/dev/zero", "r");
+  char buf[2];
+  fread(buf, sizeof(buf), 2, f); // BOOM
+  fclose(f);
+  return 0;
+}
+
+int test_fwrite() {
+  FILE *f = fopen("/dev/null", "w");
+  char buf[2];
+  fwrite(buf, sizeof(buf), 2, f); // BOOM
+  return fclose(f);
+}
+
+int main(int argc, char *argv[]) {
+  if (argc > 1)
+    test_fread();
+  else
+    test_fwrite();
+  return 0;
+}
+
+// CHECK-FREAD: {{.*ERROR: AddressSanitizer: stack-buffer-overflow}}
+// CHECK-FREAD: #{{.*}} in {{(wrap_|__interceptor_)?}}fread
+// CHECK-FWRITE: {{.*ERROR: AddressSanitizer: stack-buffer-overflow}}
+// CHECK-FWRITE: #{{.*}} in {{(wrap_|__interceptor_)?}}fwrite

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/free_hook_realloc.cc

@@ -0,0 +1,34 @@
+// Check that free hook doesn't conflict with Realloc.
+// RUN: %clangxx_asan -O2 %s -o %t
+// RUN: %run %t 2>&1 | FileCheck %s
+
+#include <stdlib.h>
+#include <unistd.h>
+#include <sanitizer/allocator_interface.h>
+
+static void *glob_ptr;
+
+extern "C" {
+void __sanitizer_free_hook(const volatile void *ptr) {
+  if (ptr == glob_ptr) {
+    *(int*)ptr = 0;
+    write(1, "FreeHook\n", sizeof("FreeHook\n"));
+  }
+}
+}
+
+int main() {
+  int *x = (int*)malloc(100);
+  x[0] = 42;
+  glob_ptr = x;
+  int *y = (int*)realloc(x, 200);
+  // Verify that free hook was called and didn't spoil the memory.
+  if (y[0] != 42) {
+    _exit(1);
+  }
+  write(1, "Passed\n", sizeof("Passed\n"));
+  free(y);
+  // CHECK: FreeHook
+  // CHECK: Passed
+  return 0;
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/freopen.cc

@@ -0,0 +1,15 @@
+// RUN: %clangxx_asan -O0 %s -o %t && %run %t
+
+// This fails on i386 Linux due to a glibc versioned symbols mixup.
+// REQUIRES: asan-64-bits
+
+#include <assert.h>
+#include <stdio.h>
+
+int main() {
+  FILE *fp = fopen("/dev/null", "w");
+  assert(fp);
+  freopen(NULL, "a", fp);
+  fclose(fp);
+  return 0;
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/gc-test.cc

@@ -0,0 +1,54 @@
+// RUN: %clangxx_asan %s -pthread -o %t
+// RUN: %env_asan_opts=detect_stack_use_after_return=1 %run %t 2>&1 | FileCheck %s --check-prefix=CHECK1
+// RUN: %env_asan_opts=detect_stack_use_after_return=0 %run %t 2>&1 | FileCheck %s --check-prefix=CHECK0
+// RUN: %clangxx_asan -O3 %s -pthread -o %t
+// RUN: %env_asan_opts=detect_stack_use_after_return=1 %run %t 2>&1 | FileCheck %s --check-prefix=CHECK1
+// RUN: %env_asan_opts=detect_stack_use_after_return=0 %run %t 2>&1 | FileCheck %s --check-prefix=CHECK0
+// REQUIRES: stable-runtime
+
+#include <assert.h>
+#include <stdio.h>
+#include <pthread.h>
+#include <sanitizer/asan_interface.h>
+
+static const int kNumThreads = 2;
+static const int kLeftRedzoneSize = sizeof(void *) * 4;
+
+void *Thread(void *unused)  {
+  void *fake_stack = __asan_get_current_fake_stack();
+  char var[15];
+  if (fake_stack) {
+    fprintf(stderr, "fake stack found: %p; var: %p\n", fake_stack, var);
+    // CHECK1: fake stack found
+    // CHECK1: fake stack found
+    void *beg, *end;
+    void *real_stack =
+        __asan_addr_is_in_fake_stack(fake_stack, &var[0], &beg, &end);
+    assert(real_stack);
+    assert((char*)beg <= (char*)&var[0]);
+    assert((char*)end > (char*)&var[0]);
+    for (int i = -kLeftRedzoneSize; i < 15; i++) {
+      void *beg1, *end1;
+      char *ptr = &var[0] + i;
+      void *real_stack1 =
+          __asan_addr_is_in_fake_stack(fake_stack, ptr, &beg1, &end1);
+      assert(real_stack == real_stack1);
+      assert(beg == beg1);
+      assert(end == end1);
+    }
+  } else {
+    fprintf(stderr, "no fake stack\n");
+    // CHECK0: no fake stack
+    // CHECK0: no fake stack
+  }
+  return NULL;
+}
+
+int main(int argc, char **argv) {
+  pthread_t t[kNumThreads];
+  for (int i = 0; i < kNumThreads; i++)
+    pthread_create(&t[i], 0, Thread, 0);
+  for (int i = 0; i < kNumThreads; i++)
+    pthread_join(t[i], 0);
+  return 0;
+}

external/llvm-project/compiler-rt/test/asan/TestCases/Posix/glob.cc

@@ -0,0 +1,34 @@
+// FIXME: https://code.google.com/p/address-sanitizer/issues/detail?id=316
+// XFAIL: android
+// UNSUPPORTED: ios
+//
+// RUN: %clangxx_asan -O0 %s -o %t && %run %t %p 2>&1 | FileCheck %s
+// RUN: %clangxx_asan -O3 %s -o %t && %run %t %p 2>&1 | FileCheck %s
+// XFAIL: arm-linux-gnueabi
+
+#include <assert.h>
+#include <glob.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <string>
+
+
+int main(int argc, char *argv[]) {
+  std::string path = argv[1];
+  std::string pattern = path + "/glob_test_root/*a";
+  printf("pattern: %s\n", pattern.c_str());
+
+  glob_t globbuf;
+  int res = glob(pattern.c_str(), 0, 0, &globbuf);
+
+  printf("%d %s\n", errno, strerror(errno));
+  assert(res == 0);
+  assert(globbuf.gl_pathc == 2);
+  printf("%zu\n", strlen(globbuf.gl_pathv[0]));
+  printf("%zu\n", strlen(globbuf.gl_pathv[1]));
+  globfree(&globbuf);
+  printf("PASS\n");
+  // CHECK: PASS
+  return 0;
+}