# tests/ubsan — UBSan-min smoke probe (Phase 6.2) Three-case probe that exercises the `-fsanitize=undefined -fsanitize-minimal-runtime` instrumentation end-to-end on the W65816 target: | Kind | UB | Sentinel | |-----------------------|----------------------------------|--------------| | `add-overflow` | i16 `INT_MAX + 1` | `$025000=0xC0DE` | | `shift-out-of-bounds` | u16 `1 << 17` | `$025002=0xC0DF` | | `divrem-overflow` | i16 `n / 0` | `$025004=0xC0E0` | | (liveness) | tail of `main` reached | `$025006=0xC0DA` | The probe ships strong override defs for the three `__ubsan_handle_*_minimal` recovering handlers it exercises; the remaining 22 are pulled in from `runtime/ubsan.o` so any extra UB site clang emits (e.g. constant-fold overflow at `-O2`) still resolves cleanly. ## Build + run ``` bash tests/ubsan/runUbsanProbe.sh ``` Expected output: ``` MAME-READ addr=0x025000 val=0xc0de MAME-READ addr=0x025002 val=0xc0df MAME-READ addr=0x025004 val=0xc0e0 MAME-READ addr=0x025006 val=0xc0da MAME OK: 4 reads matched ``` ## What this probe is NOT - It is **not** a verification of the UBSan diagnostic format (the per-kind `"ubsan: by 0x\n"` line emitted by `runtime/src/ubsan.c::reportError`). The probe deliberately overrides the handlers so it can verify the *call edge* without pulling in console code. A separate diagnostic-format probe would link `libc.o` + `libcGno.o` + GNO crt0 and assert on stderr. - It is **not** a sweep of all 25 handler kinds. The user-spec scope is "3 representative kinds". The other 22 are link-tested implicitly by `runtime/ubsan.o`'s symbol set being available. ## Files - `ubsanProbe.c` — the probe itself - `build.sh` — compiles with `-fsanitize=undefined -fsanitize-minimal-runtime` - `runUbsanProbe.sh` — build + link + run under MAME with `--check` - `ubsanProbe.manifest.json` — segment layout + check sentinel descriptor