Rollup merge of #68291 - tmiasko:sanitizer-tests, r=nikomatsakis

Update sanitizer tests

* Move tests from src/test/run-make-fulldeps to src/test/ui.
* Fix memory sanitizer test to detect the intended issue rather than
  an unrelated one caused by the use of an uninstrumented std.
This commit is contained in:
Tyler Mandry 2020-01-17 17:28:18 -08:00 committed by GitHub
commit 87293cd3d8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 84 additions and 75 deletions

View File

@ -1,30 +0,0 @@
# needs-sanitizer-support
-include ../tools.mk
LOG := $(TMPDIR)/log.txt
# NOTE the address sanitizer only supports x86_64 linux and macOS
ifeq ($(TARGET),x86_64-apple-darwin)
EXTRA_RUSTFLAG=-C rpath
else
ifeq ($(TARGET),x86_64-unknown-linux-gnu)
# Apparently there are very specific Linux kernels, notably the one that's
# currently on Travis CI, which contain a buggy commit that triggers failures in
# the ASan implementation, detailed at google/sanitizers#837. As noted in
# google/sanitizers#856 the "fix" is to avoid using PIE binaries, so we pass a
# different relocation model to avoid generating a PIE binary. Once Travis is no
# longer running kernel 4.4.0-93 we can remove this and pass an empty set of
# flags again.
EXTRA_RUSTFLAG=-C relocation-model=dynamic-no-pic
endif
endif
all:
$(RUSTC) -g -Z sanitizer=address -Z print-link-args $(EXTRA_RUSTFLAG) overflow.rs | $(CGREP) rustc_rt.asan
# Verify that stack buffer overflow is detected:
$(TMPDIR)/overflow 2>&1 | $(CGREP) stack-buffer-overflow
# Verify that variable name is included in address sanitizer report:
$(TMPDIR)/overflow 2>&1 | $(CGREP) "'xs'"

View File

@ -1,4 +0,0 @@
fn main() {
let xs = [0, 1, 2, 3];
let _y = unsafe { *xs.as_ptr().offset(4) };
}

View File

@ -1,5 +0,0 @@
-include ../tools.mk
all:
$(RUSTC) -Z sanitizer=leak --target i686-unknown-linux-gnu hello.rs 2>&1 | \
$(CGREP) 'LeakSanitizer only works with the `x86_64-unknown-linux-gnu` or `x86_64-apple-darwin` target'

View File

@ -1,3 +0,0 @@
#![feature(no_core)]
#![no_core]
#![no_main]

View File

@ -1,7 +0,0 @@
-include ../tools.mk
# needs-sanitizer-support
all:
$(RUSTC) -O -Z sanitizer=leak -Z print-link-args leak.rs | $(CGREP) rustc_rt.lsan
$(TMPDIR)/leak 2>&1 | $(CGREP) 'detected memory leaks'

View File

@ -1,11 +0,0 @@
-include ../tools.mk
# needs-sanitizer-support
# only-linux
# only-x86_64
all:
$(RUSTC) -g -Z sanitizer=memory -Z print-link-args uninit.rs | $(CGREP) rustc_rt.msan
$(TMPDIR)/uninit 2>&1 | $(CGREP) use-of-uninitialized-value
$(RUSTC) -g -Z sanitizer=memory -Z print-link-args maybeuninit.rs | $(CGREP) rustc_rt.msan
$(TMPDIR)/maybeuninit 2>&1 | $(CGREP) use-of-uninitialized-value

View File

@ -1,8 +0,0 @@
use std::mem::MaybeUninit;
fn main() {
// This is technically not sound -- but we're literally trying to test
// that the sanitizer catches this, so I guess "intentionally unsound"?
let xs: [u8; 4] = unsafe { MaybeUninit::uninit().assume_init() };
let y = xs[0] + xs[1];
}

View File

@ -1,7 +0,0 @@
fn main() {
// This is technically not sound -- but we're literally trying to test
// that the sanitizer catches this, so I guess "intentionally unsound"?
#[allow(deprecated)]
let xs: [u8; 4] = unsafe { std::mem::uninitialized() };
let y = xs[0] + xs[1];
}

View File

@ -0,0 +1,21 @@
// needs-sanitizer-support
// only-x86_64
//
// compile-flags: -Z sanitizer=address -O
//
// run-fail
// error-pattern: AddressSanitizer: stack-buffer-overflow
// error-pattern: 'xs' <== Memory access at offset
#![feature(test)]
use std::hint::black_box;
use std::mem;
fn main() {
let xs = [0, 1, 2, 3];
// Avoid optimizing everything out.
let xs = black_box(xs.as_ptr());
let code = unsafe { *xs.offset(4) };
std::process::exit(code);
}

View File

@ -1,3 +1,11 @@
// needs-sanitizer-support
// only-x86_64
//
// compile-flags: -Z sanitizer=leak -O
//
// run-fail
// error-pattern: LeakSanitizer: detected memory leaks
#![feature(test)]
use std::hint::black_box;

View File

@ -0,0 +1,44 @@
// needs-sanitizer-support
// only-linux
// only-x86_64
//
// compile-flags: -Z sanitizer=memory -Zsanitizer-memory-track-origins -O
//
// run-fail
// error-pattern: MemorySanitizer: use-of-uninitialized-value
// error-pattern: Uninitialized value was created by an allocation
// error-pattern: in the stack frame of function 'random'
//
// This test case intentionally limits the usage of the std,
// since it will be linked with an uninstrumented version of it.
#![feature(core_intrinsics)]
#![feature(start)]
#![feature(test)]
use std::hint::black_box;
use std::mem::MaybeUninit;
#[inline(never)]
#[no_mangle]
fn random() -> [isize; 32] {
let r = unsafe { MaybeUninit::uninit().assume_init() };
// Avoid optimizing everything out.
black_box(r)
}
#[inline(never)]
#[no_mangle]
fn xor(a: &[isize]) -> isize {
let mut s = 0;
for i in 0..a.len() {
s = s ^ a[i];
}
s
}
#[start]
fn main(_: isize, _: *const *const u8) -> isize {
let r = random();
xor(&r)
}

View File

@ -0,0 +1,7 @@
// ignore-tidy-linelength
// compile-flags: -Z sanitizer=leak --target i686-unknown-linux-gnu
// error-pattern: error: LeakSanitizer only works with the `x86_64-unknown-linux-gnu` or `x86_64-apple-darwin` target
#![feature(no_core)]
#![no_core]
#![no_main]

View File

@ -0,0 +1,4 @@
error: LeakSanitizer only works with the `x86_64-unknown-linux-gnu` or `x86_64-apple-darwin` target
error: aborting due to previous error