make simplifycfg insert an llvm.trap before the 'unreachable' it introduces

when it detects undefined behavior.  llvm.trap generally codegens into some
thing really small (e.g. a 2 byte ud2 instruction on x86) and debugging this
sort of thing is "nontrivial".  For example, we now compile:

void foo() { *(int*)0 = 42; }

into:

_foo:
	pushl	%ebp
	movl	%esp, %ebp
	ud2

Some may even claim that this is a security hole, though that seems dubious
to me.  This addresses rdar://7958343 - Optimizing away null dereference 
potentially allows arbitrary code execution


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@103356 91177308-0d34-0410-b5e6-96231b3b80d8

1 files changed, 17 insertions, 3 deletions

diff --git a/test/Transforms/SimplifyCFG/trapping-load-unreachable.ll b/test/Transforms/SimplifyCFG/trapping-load-unreachable.ll
index 0c9cc8b..6956faa 100644
--- a/test/Transforms/SimplifyCFG/trapping-load-unreachable.ll
+++ b/test/Transforms/SimplifyCFG/trapping-load-unreachable.ll
@@ -1,19 +1,33 @@
-; RUN: opt < %s -simplifycfg -S | grep {volatile load}
+; RUN: opt < %s -simplifycfg -S | FileCheck %s
 ; PR2967
 
 target datalayout =
 "e-p:32:32:32-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:32:64-f32:32:32"
 target triple = "i386-pc-linux-gnu"
 
-define void @foo(i32 %x) nounwind {
+define void @test1(i32 %x) nounwind {
 entry:
         %0 = icmp eq i32 %x, 0          ; <i1> [#uses=1]
         br i1 %0, label %bb, label %return
 
 bb:             ; preds = %entry
-        %1 = volatile load i32* null            ; <i32> [#uses=0]
+        %1 = volatile load i32* null
         unreachable
+        
         br label %return
 return:         ; preds = %entry
         ret void
+; CHECK: @test1
+; CHECK: volatile load
+}
+
+; rdar://7958343
+define void @test2() nounwind {
+entry:
+        store i32 4,i32* null
+        ret void
+        
+; CHECK: @test2
+; CHECK: call void @llvm.trap
+; CHECK: unreachable
 }