tests/ubsan — UBSan-min smoke probe (Phase 6.2)

Three-case probe that exercises the -fsanitize=undefined -fsanitize-minimal-runtime instrumentation end-to-end on the W65816 target:

Kind	UB	Sentinel
`add-overflow`	i16 `INT_MAX + 1`	`$025000=0xC0DE`
`shift-out-of-bounds`	u16 `1 << 17`	`$025002=0xC0DF`
`divrem-overflow`	i16 `n / 0`	`$025004=0xC0E0`
(liveness)	tail of `main` reached	`$025006=0xC0DA`

The probe ships strong override defs for the three __ubsan_handle_*_minimal recovering handlers it exercises; the remaining 22 are pulled in from runtime/ubsan.o so any extra UB site clang emits (e.g. constant-fold overflow at -O2) still resolves cleanly.

Build + run

bash tests/ubsan/runUbsanProbe.sh

Expected output:

MAME-READ addr=0x025000 val=0xc0de
MAME-READ addr=0x025002 val=0xc0df
MAME-READ addr=0x025004 val=0xc0e0
MAME-READ addr=0x025006 val=0xc0da
MAME OK: 4 reads matched

What this probe is NOT

It is not a verification of the UBSan diagnostic format (the per-kind "ubsan: <kind> by 0x<pc>\n" line emitted by runtime/src/ubsan.c::reportError). The probe deliberately overrides the handlers so it can verify the call edge without pulling in console code. A separate diagnostic-format probe would link libc.o + libcGno.o + GNO crt0 and assert on stderr.
It is not a sweep of all 25 handler kinds. The user-spec scope is "3 representative kinds". The other 22 are link-tested implicitly by runtime/ubsan.o's symbol set being available.

Files

ubsanProbe.c — the probe itself
build.sh — compiles with -fsanitize=undefined -fsanitize-minimal-runtime
runUbsanProbe.sh — build + link + run under MAME with --check
ubsanProbe.manifest.json — segment layout + check sentinel descriptor

2 KiB Raw Blame History

tests/ubsan — UBSan-min smoke probe (Phase 6.2)

Build + run

What this probe is NOT

Files

2 KiB

Raw Blame History