1// RUN: %clangxx_asan -O0 -mllvm -asan-instrument-dynamic-allocas %s -o %t
2// RUN: %run %t 2>&1
3//
4// REQUIRES: stable-runtime
5
6// See https://github.com/llvm/llvm-project/issues/110956
7// XFAIL: target=sparc{{.*}}
8
9// This testcase checks correct interaction between VLAs and allocas.
10
11// MSVC doesn't support VLA's
12// UNSUPPORTED: msvc
13
14#include <assert.h>
15#include <stdint.h>
16#include <stdlib.h>
17#include "sanitizer/asan_interface.h"
18
19// MSVC provides _alloca instead of alloca.
20#if defined(_MSC_VER) && !defined(alloca)
21# define alloca _alloca
22#endif
23
24#if defined(__sun__) && defined(__svr4__)
25#include <alloca.h>
26#endif
27
28#define RZ 32
29
30__attribute__((noinline)) void foo(int len) {
31 char *top, *bot;
32 // This alloca call should live until the end of foo.
33 char *alloca1 = (char *)alloca(len);
34 assert(!(reinterpret_cast<uintptr_t>(alloca1) & 31L));
35 // This should be first poisoned address after loop.
36 top = alloca1 - RZ;
37 for (int i = 0; i < 32; ++i) {
38 // Check that previous alloca was unpoisoned at the end of iteration.
39 if (i) assert(!__asan_region_is_poisoned(bot, 96));
40 // VLA is unpoisoned at the end of iteration.
41 volatile char array[i];
42 // Ensure that asan-use-stack-safety does not optimize out the poisoning.
43 if (i) array[0] = 0;
44 assert(!(reinterpret_cast<uintptr_t>(array) & 31L));
45 // Alloca is unpoisoned at the end of iteration,
46 // because dominated by VLA.
47 bot = (char *)alloca(i) - RZ;
48 }
49 // Check that all allocas from loop were unpoisoned correctly.
50 void *q = __asan_region_is_poisoned(beg: bot, size: (char *)top - (char *)bot + 1);
51 assert(q == top);
52}
53
54int main(int argc, char **argv) {
55 foo(len: 32);
56 return 0;
57}
58

source code of compiler-rt/test/asan/TestCases/alloca_vla_interact.cpp