1 | // RUN: %clang_hwasan %s -o %t |
2 | // RUN: not %run %t 5 10 26 2>&1 | FileCheck %s --check-prefixes=CHECK,CHECK_SMALL,CHECK5 |
3 | // RUN: not %run %t 7 10 26 2>&1 | FileCheck %s --check-prefixes=CHECK,CHECK_SMALL,CHECK7 |
4 | // RUN: not %run %t 8 20 26 2>&1 | FileCheck %s --check-prefixes=CHECK,CHECK_SMALL,CHECK8 |
5 | // RUN: not %run %t 295 300 26 2>&1 | FileCheck %s --check-prefixes=CHECK,CHECK_SMALL,CHECK295 |
6 | // RUN: not %run %t 1 550 550 2>&1 | FileCheck %s --check-prefixes=CHECK,CHECK_SMALL,CHECK1 |
7 | |
8 | // Full granule. |
9 | // RUN: not %run %t 32 20 26 2>&1 | FileCheck %s --check-prefixes=CHECK,CHECK_FULL,CHECK32 |
10 | |
11 | #include <sanitizer/hwasan_interface.h> |
12 | #include <stdio.h> |
13 | #include <stdlib.h> |
14 | #include <string.h> |
15 | |
16 | int main(int argc, char **argv) { |
17 | __hwasan_enable_allocator_tagging(); |
18 | if (argc < 2) { |
19 | fprintf(stderr, format: "Invalid number of arguments." ); |
20 | abort(); |
21 | } |
22 | int read_offset = atoi(nptr: argv[1]); |
23 | int size = atoi(nptr: argv[2]); |
24 | int access_size = atoi(nptr: argv[3]); |
25 | while (1) { |
26 | char *volatile x = (char *)malloc(size: size); |
27 | if (__hwasan_test_shadow(x, size: size + 1) == size) |
28 | memset(s: x + read_offset, c: 0, n: access_size); |
29 | free(ptr: x); |
30 | } |
31 | |
32 | // CHECK_SMALL: WRITE of size {{26|550}} at {{.*}} tags: [[TAG:[0-9a-f]+]]/{{[0-9a-f]+}}([[TAG]]) (ptr/mem) |
33 | // CHECK_FULL: WRITE of size 26 at {{.*}} tags: [[TAG:[0-9a-f]+]]/00 (ptr/mem) |
34 | |
35 | // CHECK5: Invalid access starting at offset 5 |
36 | // CHECK5: is located 5 bytes inside a 10-byte region |
37 | // CHECK7: Invalid access starting at offset 3 |
38 | // CHECK7: is located 7 bytes inside a 10-byte region |
39 | // CHECK8: Invalid access starting at offset 12 |
40 | // CHECK8: is located 8 bytes inside a 20-byte region |
41 | // CHECK295: Invalid access starting at offset 5 |
42 | // CHECK295: is located 295 bytes inside a 300-byte region |
43 | // CHECK1: Invalid access starting at offset 549 |
44 | // CHECK1: is located 1 bytes inside a 550-byte region |
45 | |
46 | // CHECK32-NOT: Invalid access starting at offset |
47 | // CHECK32: is located 12 bytes after a 20-byte region |
48 | |
49 | // CHECK-LABEL: Memory tags around the buggy address |
50 | // CHECK5: =>{{.*}}[0a] |
51 | // CHECK7: =>{{.*}}[0a] |
52 | // CHECK8: =>{{.*}}[04] |
53 | // CHECK295: =>{{.*}}[0c] |
54 | // CHECK1: =>{{.*}}[06] |
55 | |
56 | // CHECK32: =>{{.*}}[00] |
57 | |
58 | // CHECK-LABEL: Tags for short granules around the buggy address |
59 | // CHECK_SMALL: =>{{.*}}{{\[}}[[TAG]]{{\]}} |
60 | // CHECK_FULL: =>{{.*}}[..] |
61 | } |
62 | |