| .. | ||
| build.sh | ||
| README.md | ||
| runUbsanProbe.sh | ||
| ubsanProbe.c | ||
| ubsanProbe.manifest.json | ||
tests/ubsan — UBSan-min smoke probe (Phase 6.2)
Three-case probe that exercises the -fsanitize=undefined -fsanitize-minimal-runtime instrumentation end-to-end on the W65816
target:
| Kind | UB | Sentinel |
|---|---|---|
add-overflow |
i16 INT_MAX + 1 |
$025000=0xC0DE |
shift-out-of-bounds |
u16 1 << 17 |
$025002=0xC0DF |
divrem-overflow |
i16 n / 0 |
$025004=0xC0E0 |
| (liveness) | tail of main reached |
$025006=0xC0DA |
The probe ships strong override defs for the three __ubsan_handle_*_minimal
recovering handlers it exercises; the remaining 22 are pulled in from
runtime/ubsan.o so any extra UB site clang emits (e.g. constant-fold
overflow at -O2) still resolves cleanly.
Build + run
bash tests/ubsan/runUbsanProbe.sh
Expected output:
MAME-READ addr=0x025000 val=0xc0de
MAME-READ addr=0x025002 val=0xc0df
MAME-READ addr=0x025004 val=0xc0e0
MAME-READ addr=0x025006 val=0xc0da
MAME OK: 4 reads matched
What this probe is NOT
- It is not a verification of the UBSan diagnostic format (the
per-kind
"ubsan: <kind> by 0x<pc>\n"line emitted byruntime/src/ubsan.c::reportError). The probe deliberately overrides the handlers so it can verify the call edge without pulling in console code. A separate diagnostic-format probe would linklibc.o+libcGno.o+ GNO crt0 and assert on stderr. - It is not a sweep of all 25 handler kinds. The user-spec scope
is "3 representative kinds". The other 22 are link-tested
implicitly by
runtime/ubsan.o's symbol set being available.
Files
ubsanProbe.c— the probe itselfbuild.sh— compiles with-fsanitize=undefined -fsanitize-minimal-runtimerunUbsanProbe.sh— build + link + run under MAME with--checkubsanProbe.manifest.json— segment layout + check sentinel descriptor