From 64d98f8ee037282c35007b64c2649055c56af1db Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Wed, 17 Apr 2024 14:19:03 +0200
Subject: Merging upstream version 1.68.2+dfsg1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 tests/ui/sanitize/address.rs                       | 18 +++++++
 tests/ui/sanitize/badfree.rs                       | 19 ++++++++
 tests/ui/sanitize/cfg.rs                           | 28 +++++++++++
 tests/ui/sanitize/crt-static.rs                    |  6 +++
 tests/ui/sanitize/crt-static.stderr                |  4 ++
 tests/ui/sanitize/hwaddress.rs                     | 21 ++++++++
 tests/ui/sanitize/incompatible.rs                  |  7 +++
 tests/ui/sanitize/incompatible.stderr              |  4 ++
 tests/ui/sanitize/inline-always.rs                 | 15 ++++++
 tests/ui/sanitize/inline-always.stderr             | 15 ++++++
 tests/ui/sanitize/issue-72154-lifetime-markers.rs  | 31 ++++++++++++
 tests/ui/sanitize/leak.rs                          | 19 ++++++++
 tests/ui/sanitize/memory-eager.rs                  | 37 ++++++++++++++
 tests/ui/sanitize/memory-passing.rs                | 32 ++++++++++++
 tests/ui/sanitize/memory.rs                        | 46 +++++++++++++++++
 .../ui/sanitize/new-llvm-pass-manager-thin-lto.rs  | 26 ++++++++++
 tests/ui/sanitize/thread.rs                        | 57 ++++++++++++++++++++++
 tests/ui/sanitize/unsupported-target.rs            |  6 +++
 tests/ui/sanitize/unsupported-target.stderr        |  4 ++
 tests/ui/sanitize/use-after-scope.rs               | 18 +++++++
 20 files changed, 413 insertions(+)
 create mode 100644 tests/ui/sanitize/address.rs
 create mode 100644 tests/ui/sanitize/badfree.rs
 create mode 100644 tests/ui/sanitize/cfg.rs
 create mode 100644 tests/ui/sanitize/crt-static.rs
 create mode 100644 tests/ui/sanitize/crt-static.stderr
 create mode 100644 tests/ui/sanitize/hwaddress.rs
 create mode 100644 tests/ui/sanitize/incompatible.rs
 create mode 100644 tests/ui/sanitize/incompatible.stderr
 create mode 100644 tests/ui/sanitize/inline-always.rs
 create mode 100644 tests/ui/sanitize/inline-always.stderr
 create mode 100644 tests/ui/sanitize/issue-72154-lifetime-markers.rs
 create mode 100644 tests/ui/sanitize/leak.rs
 create mode 100644 tests/ui/sanitize/memory-eager.rs
 create mode 100644 tests/ui/sanitize/memory-passing.rs
 create mode 100644 tests/ui/sanitize/memory.rs
 create mode 100644 tests/ui/sanitize/new-llvm-pass-manager-thin-lto.rs
 create mode 100644 tests/ui/sanitize/thread.rs
 create mode 100644 tests/ui/sanitize/unsupported-target.rs
 create mode 100644 tests/ui/sanitize/unsupported-target.stderr
 create mode 100644 tests/ui/sanitize/use-after-scope.rs

(limited to 'tests/ui/sanitize')

diff --git a/tests/ui/sanitize/address.rs b/tests/ui/sanitize/address.rs
new file mode 100644
index 000000000..5b2cea875
--- /dev/null
+++ b/tests/ui/sanitize/address.rs
@@ -0,0 +1,18 @@
+// needs-sanitizer-support
+// needs-sanitizer-address
+//
+// compile-flags: -Z sanitizer=address -O -g
+//
+// run-fail
+// error-pattern: AddressSanitizer: stack-buffer-overflow
+// error-pattern: 'xs' (line 13) <== Memory access at offset
+
+use std::hint::black_box;
+
+fn main() {
+    let xs = [0, 1, 2, 3];
+    // Avoid optimizing everything out.
+    let xs = black_box(xs.as_ptr());
+    let code = unsafe { *xs.offset(4) };
+    std::process::exit(code);
+}
diff --git a/tests/ui/sanitize/badfree.rs b/tests/ui/sanitize/badfree.rs
new file mode 100644
index 000000000..095a6f469
--- /dev/null
+++ b/tests/ui/sanitize/badfree.rs
@@ -0,0 +1,19 @@
+// needs-sanitizer-support
+// needs-sanitizer-address
+//
+// compile-flags: -Z sanitizer=address -O
+//
+// run-fail
+// error-pattern: AddressSanitizer: SEGV
+
+use std::ffi::c_void;
+
+extern "C" {
+    fn free(ptr: *mut c_void);
+}
+
+fn main() {
+    unsafe {
+        free(1 as *mut c_void);
+    }
+}
diff --git a/tests/ui/sanitize/cfg.rs b/tests/ui/sanitize/cfg.rs
new file mode 100644
index 000000000..79dfe58f0
--- /dev/null
+++ b/tests/ui/sanitize/cfg.rs
@@ -0,0 +1,28 @@
+// Verifies that when compiling with -Zsanitizer=option,
+// the `#[cfg(sanitize = "option")]` attribute is configured.
+
+// needs-sanitizer-support
+// needs-sanitizer-address
+// needs-sanitizer-leak
+// needs-sanitizer-memory
+// needs-sanitizer-thread
+// check-pass
+// revisions: address leak memory thread
+//[address]compile-flags: -Zsanitizer=address --cfg address
+//[leak]compile-flags:    -Zsanitizer=leak    --cfg leak
+//[memory]compile-flags:  -Zsanitizer=memory  --cfg memory
+//[thread]compile-flags:  -Zsanitizer=thread  --cfg thread
+
+#![feature(cfg_sanitize)]
+
+#[cfg(all(sanitize = "address", address))]
+fn main() {}
+
+#[cfg(all(sanitize = "leak", leak))]
+fn main() {}
+
+#[cfg(all(sanitize = "memory", memory))]
+fn main() {}
+
+#[cfg(all(sanitize = "thread", thread))]
+fn main() {}
diff --git a/tests/ui/sanitize/crt-static.rs b/tests/ui/sanitize/crt-static.rs
new file mode 100644
index 000000000..7a6b9eda3
--- /dev/null
+++ b/tests/ui/sanitize/crt-static.rs
@@ -0,0 +1,6 @@
+// compile-flags: -Z sanitizer=address -C target-feature=+crt-static --target x86_64-unknown-linux-gnu
+// needs-llvm-components: x86
+
+#![feature(no_core)]
+#![no_core]
+#![no_main]
diff --git a/tests/ui/sanitize/crt-static.stderr b/tests/ui/sanitize/crt-static.stderr
new file mode 100644
index 000000000..9f74235fe
--- /dev/null
+++ b/tests/ui/sanitize/crt-static.stderr
@@ -0,0 +1,4 @@
+error: sanitizer is incompatible with statically linked libc, disable it using `-C target-feature=-crt-static`
+
+error: aborting due to previous error
+
diff --git a/tests/ui/sanitize/hwaddress.rs b/tests/ui/sanitize/hwaddress.rs
new file mode 100644
index 000000000..f9b37a155
--- /dev/null
+++ b/tests/ui/sanitize/hwaddress.rs
@@ -0,0 +1,21 @@
+// needs-sanitizer-support
+// needs-sanitizer-hwaddress
+//
+// FIXME(#83706): this test triggers errors on aarch64-gnu
+// ignore-aarch64-unknown-linux-gnu
+//
+// FIXME(#83989): codegen-units=1 triggers linker errors on aarch64-gnu
+// compile-flags: -Z sanitizer=hwaddress -O -g -C codegen-units=16
+//
+// run-fail
+// error-pattern: HWAddressSanitizer: tag-mismatch
+
+use std::hint::black_box;
+
+fn main() {
+    let xs = vec![0, 1, 2, 3];
+    // Avoid optimizing everything out.
+    let xs = black_box(xs.as_ptr());
+    let code = unsafe { *xs.offset(4) };
+    std::process::exit(code);
+}
diff --git a/tests/ui/sanitize/incompatible.rs b/tests/ui/sanitize/incompatible.rs
new file mode 100644
index 000000000..bcafc2891
--- /dev/null
+++ b/tests/ui/sanitize/incompatible.rs
@@ -0,0 +1,7 @@
+// compile-flags: -Z sanitizer=address -Z sanitizer=memory --target x86_64-unknown-linux-gnu
+// needs-llvm-components: x86
+// error-pattern: error: `-Zsanitizer=address` is incompatible with `-Zsanitizer=memory`
+
+#![feature(no_core)]
+#![no_core]
+#![no_main]
diff --git a/tests/ui/sanitize/incompatible.stderr b/tests/ui/sanitize/incompatible.stderr
new file mode 100644
index 000000000..f86db41ba
--- /dev/null
+++ b/tests/ui/sanitize/incompatible.stderr
@@ -0,0 +1,4 @@
+error: `-Zsanitizer=address` is incompatible with `-Zsanitizer=memory`
+
+error: aborting due to previous error
+
diff --git a/tests/ui/sanitize/inline-always.rs b/tests/ui/sanitize/inline-always.rs
new file mode 100644
index 000000000..52dc55781
--- /dev/null
+++ b/tests/ui/sanitize/inline-always.rs
@@ -0,0 +1,15 @@
+// check-pass
+
+#![feature(no_sanitize)]
+
+#[inline(always)]
+//~^ NOTE inlining requested here
+#[no_sanitize(address)]
+//~^ WARN will have no effect after inlining
+//~| NOTE on by default
+fn x() {
+}
+
+fn main() {
+    x()
+}
diff --git a/tests/ui/sanitize/inline-always.stderr b/tests/ui/sanitize/inline-always.stderr
new file mode 100644
index 000000000..74fba3c0e
--- /dev/null
+++ b/tests/ui/sanitize/inline-always.stderr
@@ -0,0 +1,15 @@
+warning: `no_sanitize` will have no effect after inlining
+  --> $DIR/inline-always.rs:7:1
+   |
+LL | #[no_sanitize(address)]
+   | ^^^^^^^^^^^^^^^^^^^^^^^
+   |
+note: inlining requested here
+  --> $DIR/inline-always.rs:5:1
+   |
+LL | #[inline(always)]
+   | ^^^^^^^^^^^^^^^^^
+   = note: `#[warn(inline_no_sanitize)]` on by default
+
+warning: 1 warning emitted
+
diff --git a/tests/ui/sanitize/issue-72154-lifetime-markers.rs b/tests/ui/sanitize/issue-72154-lifetime-markers.rs
new file mode 100644
index 000000000..b2e182238
--- /dev/null
+++ b/tests/ui/sanitize/issue-72154-lifetime-markers.rs
@@ -0,0 +1,31 @@
+// Regression test for issue 72154, where the use of AddressSanitizer enabled
+// emission of lifetime markers during codegen, while at the same time asking
+// always inliner pass not to insert them.  This eventually lead to a
+// miscompilation which was subsequently detected by AddressSanitizer as UB.
+//
+// needs-sanitizer-support
+// needs-sanitizer-address
+//
+// compile-flags: -Copt-level=0 -Zsanitizer=address
+// run-pass
+
+pub struct Wrap {
+    pub t: [usize; 1]
+}
+
+impl Wrap {
+    #[inline(always)]
+    pub fn new(t: [usize; 1]) -> Self {
+        Wrap { t }
+    }
+}
+
+#[inline(always)]
+pub fn assume_init() -> [usize; 1] {
+    [1234]
+}
+
+fn main() {
+    let x: [usize; 1] = assume_init();
+    Wrap::new(x);
+}
diff --git a/tests/ui/sanitize/leak.rs b/tests/ui/sanitize/leak.rs
new file mode 100644
index 000000000..cbb44ae8a
--- /dev/null
+++ b/tests/ui/sanitize/leak.rs
@@ -0,0 +1,19 @@
+// needs-sanitizer-support
+// needs-sanitizer-leak
+//
+// compile-flags: -Z sanitizer=leak -O
+//
+// run-fail
+// error-pattern: LeakSanitizer: detected memory leaks
+
+use std::hint::black_box;
+use std::mem;
+
+fn main() {
+    for _ in 0..10 {
+        let xs = vec![1, 2, 3];
+        // Prevent compiler from removing the memory allocation.
+        let xs = black_box(xs);
+        mem::forget(xs);
+    }
+}
diff --git a/tests/ui/sanitize/memory-eager.rs b/tests/ui/sanitize/memory-eager.rs
new file mode 100644
index 000000000..0018c2f75
--- /dev/null
+++ b/tests/ui/sanitize/memory-eager.rs
@@ -0,0 +1,37 @@
+// needs-sanitizer-support
+// needs-sanitizer-memory
+// min-llvm-version: 14.0.0
+//
+// revisions: unoptimized optimized
+//
+// [optimized]compile-flags: -Z sanitizer=memory -Zsanitizer-memory-track-origins -O
+// [unoptimized]compile-flags: -Z sanitizer=memory -Zsanitizer-memory-track-origins
+//
+// run-fail
+// error-pattern: MemorySanitizer: use-of-uninitialized-value
+// error-pattern: Uninitialized value was created by an allocation
+// error-pattern: in the stack frame
+//
+// This test case intentionally limits the usage of the std,
+// since it will be linked with an uninstrumented version of it.
+
+#![feature(core_intrinsics)]
+#![feature(start)]
+
+use std::hint::black_box;
+use std::mem::MaybeUninit;
+
+#[inline(never)]
+#[no_mangle]
+#[allow(invalid_value)]
+fn random() -> char {
+    let r = unsafe { MaybeUninit::uninit().assume_init() };
+    // Avoid optimizing everything out.
+    black_box(r)
+}
+
+#[start]
+fn main(_: isize, _: *const *const u8) -> isize {
+    random();
+    0
+}
diff --git a/tests/ui/sanitize/memory-passing.rs b/tests/ui/sanitize/memory-passing.rs
new file mode 100644
index 000000000..6d9b70ad6
--- /dev/null
+++ b/tests/ui/sanitize/memory-passing.rs
@@ -0,0 +1,32 @@
+// needs-sanitizer-support
+// needs-sanitizer-memory
+//
+// revisions: unoptimized optimized
+//
+// [optimized]compile-flags: -Z sanitizer=memory -Zsanitizer-memory-track-origins -O
+// [unoptimized]compile-flags: -Z sanitizer=memory -Zsanitizer-memory-track-origins
+//
+// run-pass
+//
+// This test case intentionally limits the usage of the std,
+// since it will be linked with an uninstrumented version of it.
+
+#![feature(core_intrinsics)]
+#![feature(start)]
+#![allow(invalid_value)]
+
+use std::hint::black_box;
+
+fn calling_black_box_on_zst_ok() {
+    // It's OK to call black_box on a value of a zero-sized type, even if its
+    // underlying the memory location is uninitialized. For non-zero-sized types,
+    // this would be an MSAN error.
+    let zst = ();
+    black_box(zst);
+}
+
+#[start]
+fn main(_: isize, _: *const *const u8) -> isize {
+    calling_black_box_on_zst_ok();
+    0
+}
diff --git a/tests/ui/sanitize/memory.rs b/tests/ui/sanitize/memory.rs
new file mode 100644
index 000000000..1a9ac3a4f
--- /dev/null
+++ b/tests/ui/sanitize/memory.rs
@@ -0,0 +1,46 @@
+// needs-sanitizer-support
+// needs-sanitizer-memory
+//
+// revisions: unoptimized optimized
+//
+// [optimized]compile-flags: -Z sanitizer=memory -Zsanitizer-memory-track-origins -O
+// [unoptimized]compile-flags: -Z sanitizer=memory -Zsanitizer-memory-track-origins
+//
+// run-fail
+// error-pattern: MemorySanitizer: use-of-uninitialized-value
+// error-pattern: Uninitialized value was created by an allocation
+// error-pattern: in the stack frame
+//
+// This test case intentionally limits the usage of the std,
+// since it will be linked with an uninstrumented version of it.
+
+#![feature(core_intrinsics)]
+#![feature(start)]
+#![allow(invalid_value)]
+
+use std::hint::black_box;
+use std::mem::MaybeUninit;
+
+#[inline(never)]
+#[no_mangle]
+fn random() -> [isize; 32] {
+    let r = MaybeUninit::uninit();
+    // Avoid optimizing everything out.
+    unsafe { std::intrinsics::volatile_load(r.as_ptr()) }
+}
+
+#[inline(never)]
+#[no_mangle]
+fn xor(a: &[isize]) -> isize {
+    let mut s = 0;
+    for i in 0..a.len() {
+        s = s ^ a[i];
+    }
+    s
+}
+
+#[start]
+fn main(_: isize, _: *const *const u8) -> isize {
+    let r = black_box(random as fn() -> [isize; 32])();
+    xor(&r)
+}
diff --git a/tests/ui/sanitize/new-llvm-pass-manager-thin-lto.rs b/tests/ui/sanitize/new-llvm-pass-manager-thin-lto.rs
new file mode 100644
index 000000000..33e18e355
--- /dev/null
+++ b/tests/ui/sanitize/new-llvm-pass-manager-thin-lto.rs
@@ -0,0 +1,26 @@
+// Regression test for sanitizer function instrumentation passes not
+// being run when compiling with new LLVM pass manager and ThinLTO.
+// Note: The issue occurred only on non-zero opt-level.
+//
+// needs-sanitizer-support
+// needs-sanitizer-address
+//
+// no-prefer-dynamic
+// revisions: opt0 opt1
+// compile-flags: -Zsanitizer=address -Clto=thin
+//[opt0]compile-flags: -Copt-level=0
+//[opt1]compile-flags: -Copt-level=1
+// run-fail
+// error-pattern: ERROR: AddressSanitizer: stack-use-after-scope
+
+static mut P: *mut usize = std::ptr::null_mut();
+
+fn main() {
+    unsafe {
+        {
+            let mut x = 0;
+            P = &mut x;
+        }
+        std::ptr::write_volatile(P, 123);
+    }
+}
diff --git a/tests/ui/sanitize/thread.rs b/tests/ui/sanitize/thread.rs
new file mode 100644
index 000000000..c70cf5acc
--- /dev/null
+++ b/tests/ui/sanitize/thread.rs
@@ -0,0 +1,57 @@
+// Verifies that ThreadSanitizer is able to detect a data race in heap allocated
+// memory block.
+//
+// Test case minimizes the use of the standard library to avoid its ambiguous
+// status with respect to instrumentation (it could vary depending on whatever
+// a function call is inlined or not).
+//
+// The conflicting data access is de-facto synchronized with a special TSAN
+// barrier, which does not introduce synchronization from TSAN perspective, but
+// is necessary to make the test robust. Without the barrier data race detection
+// would occasionally fail, making test flaky.
+//
+// needs-sanitizer-support
+// needs-sanitizer-thread
+//
+// compile-flags: -Z sanitizer=thread -O
+//
+// run-fail
+// error-pattern: WARNING: ThreadSanitizer: data race
+// error-pattern: Location is heap block of size 4
+// error-pattern: allocated by main thread
+
+#![feature(raw_ref_op)]
+#![feature(rustc_private)]
+extern crate libc;
+
+use std::mem;
+use std::ptr;
+
+static mut BARRIER: u64 = 0;
+
+extern "C" {
+    fn __tsan_testonly_barrier_init(barrier: *mut u64, count: u32);
+    fn __tsan_testonly_barrier_wait(barrier: *mut u64);
+}
+
+extern "C" fn start(c: *mut libc::c_void) -> *mut libc::c_void {
+    unsafe {
+        let c: *mut u32 = c.cast();
+        *c += 1;
+        __tsan_testonly_barrier_wait(&raw mut BARRIER);
+        ptr::null_mut()
+    }
+}
+
+fn main() {
+    unsafe {
+        __tsan_testonly_barrier_init(&raw mut BARRIER, 2);
+        let c: *mut u32 = Box::into_raw(Box::new(1));
+        let mut t: libc::pthread_t = mem::zeroed();
+        libc::pthread_create(&mut t, ptr::null(), start, c.cast());
+        __tsan_testonly_barrier_wait(&raw mut BARRIER);
+        *c += 1;
+        libc::pthread_join(t, ptr::null_mut());
+        Box::from_raw(c);
+    }
+}
diff --git a/tests/ui/sanitize/unsupported-target.rs b/tests/ui/sanitize/unsupported-target.rs
new file mode 100644
index 000000000..9f29c7635
--- /dev/null
+++ b/tests/ui/sanitize/unsupported-target.rs
@@ -0,0 +1,6 @@
+// compile-flags: -Z sanitizer=leak --target i686-unknown-linux-gnu
+// needs-llvm-components: x86
+// error-pattern: error: leak sanitizer is not supported for this target
+#![feature(no_core)]
+#![no_core]
+#![no_main]
diff --git a/tests/ui/sanitize/unsupported-target.stderr b/tests/ui/sanitize/unsupported-target.stderr
new file mode 100644
index 000000000..9bb840502
--- /dev/null
+++ b/tests/ui/sanitize/unsupported-target.stderr
@@ -0,0 +1,4 @@
+error: leak sanitizer is not supported for this target
+
+error: aborting due to previous error
+
diff --git a/tests/ui/sanitize/use-after-scope.rs b/tests/ui/sanitize/use-after-scope.rs
new file mode 100644
index 000000000..30be2ae6f
--- /dev/null
+++ b/tests/ui/sanitize/use-after-scope.rs
@@ -0,0 +1,18 @@
+// needs-sanitizer-support
+// needs-sanitizer-address
+//
+// compile-flags: -Zsanitizer=address
+// run-fail
+// error-pattern: ERROR: AddressSanitizer: stack-use-after-scope
+
+static mut P: *mut usize = std::ptr::null_mut();
+
+fn main() {
+    unsafe {
+        {
+            let mut x = 0;
+            P = &mut x;
+        }
+        std::ptr::write_volatile(P, 123);
+    }
+}
-- 
cgit v1.2.3