diff options
Diffstat (limited to 'test/Instrumentation/AddressSanitizer')
21 files changed, 385 insertions, 62 deletions
diff --git a/test/Instrumentation/AddressSanitizer/X86/bug_11395.ll b/test/Instrumentation/AddressSanitizer/X86/bug_11395.ll index 3f944c3..dc943fe 100644 --- a/test/Instrumentation/AddressSanitizer/X86/bug_11395.ll +++ b/test/Instrumentation/AddressSanitizer/X86/bug_11395.ll @@ -38,7 +38,7 @@ target triple = "i386-unknown-linux-gnu" define void @ff_mlp_init_x86(%struct.DSPContext* nocapture %c, %struct.AVCodecContext* nocapture %avctx) nounwind sanitize_address { entry: - %mlp_filter_channel = getelementptr inbounds %struct.DSPContext* %c, i32 0, i32 131 + %mlp_filter_channel = getelementptr inbounds %struct.DSPContext, %struct.DSPContext* %c, i32 0, i32 131 store void (i32*, i32*, i32, i32, i32, i32, i32, i32*)* @mlp_filter_channel_x86, void (i32*, i32*, i32, i32, i32, i32, i32, i32*)** %mlp_filter_channel, align 4, !tbaa !0 ret void } @@ -52,11 +52,11 @@ entry: %iirjump = alloca i8*, align 4 store i32 %filter_shift, i32* %filter_shift.addr, align 4, !tbaa !3 store i32 %mask, i32* %mask.addr, align 4, !tbaa !3 - %arrayidx = getelementptr inbounds [9 x i8*]* @firtable, i32 0, i32 %firorder - %0 = load i8** %arrayidx, align 4, !tbaa !0 + %arrayidx = getelementptr inbounds [9 x i8*], [9 x i8*]* @firtable, i32 0, i32 %firorder + %0 = load i8*, i8** %arrayidx, align 4, !tbaa !0 store i8* %0, i8** %firjump, align 4, !tbaa !0 - %arrayidx1 = getelementptr inbounds [5 x i8*]* @iirtable, i32 0, i32 %iirorder - %1 = load i8** %arrayidx1, align 4, !tbaa !0 + %arrayidx1 = getelementptr inbounds [5 x i8*], [5 x i8*]* @iirtable, i32 0, i32 %iirorder + %1 = load i8*, i8** %arrayidx1, align 4, !tbaa !0 store i8* %1, i8** %iirjump, align 4, !tbaa !0 %sub = sub nsw i32 0, %blocksize store i32 %sub, i32* %blocksize.addr, align 4, !tbaa !3 diff --git a/test/Instrumentation/AddressSanitizer/asan-vs-gvn.ll b/test/Instrumentation/AddressSanitizer/asan-vs-gvn.ll index 75adf40..b5ef8f2 100644 --- a/test/Instrumentation/AddressSanitizer/asan-vs-gvn.ll +++ b/test/Instrumentation/AddressSanitizer/asan-vs-gvn.ll @@ -15,9 +15,9 @@ target datalayout = "e-p:32:32:32-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:32:64-f3 define i32 @test_widening_bad(i8* %P) nounwind ssp noredzone sanitize_address { entry: - %tmp = load i8* getelementptr inbounds (%struct_of_7_bytes_4_aligned* @f, i64 0, i32 1), align 4 + %tmp = load i8, i8* getelementptr inbounds (%struct_of_7_bytes_4_aligned, %struct_of_7_bytes_4_aligned* @f, i64 0, i32 1), align 4 %conv = zext i8 %tmp to i32 - %tmp1 = load i8* getelementptr inbounds (%struct_of_7_bytes_4_aligned* @f, i64 0, i32 3), align 1 + %tmp1 = load i8, i8* getelementptr inbounds (%struct_of_7_bytes_4_aligned, %struct_of_7_bytes_4_aligned* @f, i64 0, i32 3), align 1 %conv2 = zext i8 %tmp1 to i32 %add = add nsw i32 %conv, %conv2 ret i32 %add @@ -38,9 +38,9 @@ define void @end_test_widening_bad() { define i32 @test_widening_ok(i8* %P) nounwind ssp noredzone sanitize_address { entry: - %tmp = load i8* getelementptr inbounds (%struct_of_7_bytes_4_aligned* @f, i64 0, i32 1), align 4 + %tmp = load i8, i8* getelementptr inbounds (%struct_of_7_bytes_4_aligned, %struct_of_7_bytes_4_aligned* @f, i64 0, i32 1), align 4 %conv = zext i8 %tmp to i32 - %tmp1 = load i8* getelementptr inbounds (%struct_of_7_bytes_4_aligned* @f, i64 0, i32 2), align 1 + %tmp1 = load i8, i8* getelementptr inbounds (%struct_of_7_bytes_4_aligned, %struct_of_7_bytes_4_aligned* @f, i64 0, i32 2), align 1 %conv2 = zext i8 %tmp1 to i32 %add = add nsw i32 %conv, %conv2 ret i32 %add diff --git a/test/Instrumentation/AddressSanitizer/basic.ll b/test/Instrumentation/AddressSanitizer/basic.ll index 8020660..21153ae 100644 --- a/test/Instrumentation/AddressSanitizer/basic.ll +++ b/test/Instrumentation/AddressSanitizer/basic.ll @@ -12,7 +12,7 @@ define i32 @test_load(i32* %a) sanitize_address { ; CHECK: lshr i64 %[[LOAD_ADDR]], 3 ; CHECK: {{or|add}} ; CHECK: %[[LOAD_SHADOW_PTR:[^ ]*]] = inttoptr -; CHECK: %[[LOAD_SHADOW:[^ ]*]] = load i8* %[[LOAD_SHADOW_PTR]] +; CHECK: %[[LOAD_SHADOW:[^ ]*]] = load i8, i8* %[[LOAD_SHADOW_PTR]] ; CHECK: icmp ne i8 ; CHECK: br i1 %{{.*}}, label %{{.*}}, label %{{.*}}!prof ![[PROF:[0-9]+]] ; @@ -28,13 +28,13 @@ define i32 @test_load(i32* %a) sanitize_address { ; CHECK: unreachable ; ; The actual load. -; CHECK: %tmp1 = load i32* %a +; CHECK: %tmp1 = load i32, i32* %a ; CHECK: ret i32 %tmp1 entry: - %tmp1 = load i32* %a, align 4 + %tmp1 = load i32, i32* %a, align 4 ret i32 %tmp1 } @@ -45,7 +45,7 @@ define void @test_store(i32* %a) sanitize_address { ; CHECK: lshr i64 %[[STORE_ADDR]], 3 ; CHECK: {{or|add}} ; CHECK: %[[STORE_SHADOW_PTR:[^ ]*]] = inttoptr -; CHECK: %[[STORE_SHADOW:[^ ]*]] = load i8* %[[STORE_SHADOW_PTR]] +; CHECK: %[[STORE_SHADOW:[^ ]*]] = load i8, i8* %[[STORE_SHADOW_PTR]] ; CHECK: icmp ne i8 ; CHECK: br i1 %{{.*}}, label %{{.*}}, label %{{.*}} ; @@ -103,7 +103,7 @@ entry: define void @i40test(i40* %a, i40* %b) nounwind uwtable sanitize_address { entry: - %t = load i40* %a + %t = load i40, i40* %a store i40 %t, i40* %b, align 8 ret void } @@ -129,7 +129,7 @@ define void @i64test_align1(i64* %b) nounwind uwtable sanitize_address { define void @i80test(i80* %a, i80* %b) nounwind uwtable sanitize_address { entry: - %t = load i80* %a + %t = load i80, i80* %a store i80 %t, i80* %b, align 8 ret void } @@ -144,7 +144,7 @@ define void @i80test(i80* %a, i80* %b) nounwind uwtable sanitize_address { ; asan should not instrument functions with available_externally linkage. define available_externally i32 @f_available_externally(i32* %a) sanitize_address { entry: - %tmp1 = load i32* %a + %tmp1 = load i32, i32* %a ret i32 %tmp1 } ; CHECK-LABEL: @f_available_externally diff --git a/test/Instrumentation/AddressSanitizer/debug_info.ll b/test/Instrumentation/AddressSanitizer/debug_info.ll index c0939c5..da18b4b 100644 --- a/test/Instrumentation/AddressSanitizer/debug_info.ll +++ b/test/Instrumentation/AddressSanitizer/debug_info.ll @@ -10,13 +10,13 @@ define i32 @_Z3zzzi(i32 %p) nounwind uwtable sanitize_address { entry: %p.addr = alloca i32, align 4 %r = alloca i32, align 4 - store i32 %p, i32* %p.addr, align 4 - call void @llvm.dbg.declare(metadata i32* %p.addr, metadata !10, metadata !{!"0x102"}), !dbg !11 - call void @llvm.dbg.declare(metadata i32* %r, metadata !12, metadata !{!"0x102"}), !dbg !14 - %0 = load i32* %p.addr, align 4, !dbg !14 + store volatile i32 %p, i32* %p.addr, align 4 + call void @llvm.dbg.declare(metadata i32* %p.addr, metadata !10, metadata !MDExpression()), !dbg !11 + call void @llvm.dbg.declare(metadata i32* %r, metadata !12, metadata !MDExpression()), !dbg !14 + %0 = load i32, i32* %p.addr, align 4, !dbg !14 %add = add nsw i32 %0, 1, !dbg !14 - store i32 %add, i32* %r, align 4, !dbg !14 - %1 = load i32* %r, align 4, !dbg !15 + store volatile i32 %add, i32* %r, align 4, !dbg !14 + %1 = load i32, i32* %r, align 4, !dbg !15 ret i32 %1, !dbg !15 } @@ -33,30 +33,30 @@ declare void @llvm.dbg.declare(metadata, metadata, metadata) nounwind readnone !llvm.dbg.cu = !{!0} !llvm.module.flags = !{!17} -!0 = !{!"0x11\004\00clang version 3.3 (trunk 169314)\001\00\000\00\000", !16, !1, !1, !3, !1, null} ; [ DW_TAG_compile_unit ] [/usr/local/google/llvm_cmake_clang/tmp/debuginfo/a.cc] [DW_LANG_C_plus_plus] +!0 = !MDCompileUnit(language: DW_LANG_C_plus_plus, producer: "clang version 3.3 (trunk 169314)", isOptimized: true, emissionKind: 0, file: !16, enums: !1, retainedTypes: !1, subprograms: !3, globals: !1) !1 = !{i32 0} !3 = !{!5} -!5 = !{!"0x2e\00zzz\00zzz\00_Z3zzzi\001\000\001\000\006\00256\000\001", !16, !6, !7, null, i32 (i32)* @_Z3zzzi, null, null, !1} ; [ DW_TAG_subprogram ] [line 1] [def] [zzz] -!6 = !{!"0x29", !16} ; [ DW_TAG_file_type ] -!7 = !{!"0x15\00\000\000\000\000\000\000", i32 0, null, null, !8, null, null, null} ; [ DW_TAG_subroutine_type ] [line 0, size 0, align 0, offset 0] [from ] +!5 = !MDSubprogram(name: "zzz", linkageName: "_Z3zzzi", line: 1, isLocal: false, isDefinition: true, virtualIndex: 6, flags: DIFlagPrototyped, isOptimized: false, scopeLine: 1, file: !16, scope: !6, type: !7, function: i32 (i32)* @_Z3zzzi, variables: !1) +!6 = !MDFile(filename: "a.cc", directory: "/usr/local/google/llvm_cmake_clang/tmp/debuginfo") +!7 = !MDSubroutineType(types: !8) !8 = !{!9, !9} -!9 = !{!"0x24\00int\000\0032\0032\000\000\005", null, null} ; [ DW_TAG_base_type ] [int] [line 0, size 32, align 32, offset 0, enc DW_ATE_signed] -!10 = !{!"0x101\00p\0016777217\000", !5, !6, !9} ; [ DW_TAG_arg_variable ] [p] [line 1] +!9 = !MDBasicType(tag: DW_TAG_base_type, name: "int", size: 32, align: 32, encoding: DW_ATE_signed) +!10 = !MDLocalVariable(tag: DW_TAG_arg_variable, name: "p", line: 1, arg: 1, scope: !5, file: !6, type: !9) !11 = !MDLocation(line: 1, scope: !5) -!12 = !{!"0x100\00r\002\000", !13, !6, !9} ; [ DW_TAG_auto_variable ] [r] [line 2] +!12 = !MDLocalVariable(tag: DW_TAG_auto_variable, name: "r", line: 2, scope: !13, file: !6, type: !9) ; Verify that debug descriptors for argument and local variable will be replaced ; with descriptors that end with OpDeref (encoded as 2). -; CHECK: ![[ARG_ID]] = {{.*}} ; [ DW_TAG_arg_variable ] [p] [line 1] -; CHECK: ![[OPDEREF]] = !{!"0x102\006"} -; CHECK: ![[VAR_ID]] = {{.*}} ; [ DW_TAG_auto_variable ] [r] [line 2] +; CHECK: ![[ARG_ID]] = !MDLocalVariable(tag: DW_TAG_arg_variable, name: "p", arg: 1,{{.*}} line: 1 +; CHECK: ![[OPDEREF]] = !MDExpression(DW_OP_deref) +; CHECK: ![[VAR_ID]] = !MDLocalVariable(tag: DW_TAG_auto_variable, name: "r",{{.*}} line: 2 ; Verify that there are no more variable descriptors. -; CHECK-NOT: DW_TAG_arg_variable -; CHECK-NOT: DW_TAG_auto_variable +; CHECK-NOT: !MDLocalVariable(tag: DW_TAG_arg_variable +; CHECK-NOT: !MDLocalVariable(tag: DW_TAG_auto_variable -!13 = !{!"0xb\001\000\000", !16, !5} ; [ DW_TAG_lexical_block ] [/usr/local/google/llvm_cmake_clang/tmp/debuginfo/a.cc] +!13 = distinct !MDLexicalBlock(line: 1, column: 0, file: !16, scope: !5) !14 = !MDLocation(line: 2, scope: !13) !15 = !MDLocation(line: 3, scope: !13) -!16 = !{!"a.cc", !"/usr/local/google/llvm_cmake_clang/tmp/debuginfo"} -!17 = !{i32 1, !"Debug Info Version", i32 2} +!16 = !MDFile(filename: "a.cc", directory: "/usr/local/google/llvm_cmake_clang/tmp/debuginfo") +!17 = !{i32 1, !"Debug Info Version", i32 3} diff --git a/test/Instrumentation/AddressSanitizer/do-not-instrument-promotable-allocas.ll b/test/Instrumentation/AddressSanitizer/do-not-instrument-promotable-allocas.ll new file mode 100644 index 0000000..9b1e241 --- /dev/null +++ b/test/Instrumentation/AddressSanitizer/do-not-instrument-promotable-allocas.ll @@ -0,0 +1,21 @@ +; RUN: opt < %s -asan -asan-module -asan-instrument-allocas=1 -S | FileCheck %s --check-prefix=CHECK + +target datalayout = "e-m:o-i64:64-f80:128-n8:16:32:64-S128" +target triple = "x86_64-apple-macosx10.10.0" + +define i32 @test_promotable_allocas() sanitize_address { +entry: +; CHECK: %0 = alloca i32, align 4 +; CHECK: store i32 0, i32* %0, align 4 +; CHECK: %1 = load i32, i32* %0, align 4 +; CHECK: ret i32 %1 + +; CHECK-NOT: __asan_stack_malloc_0 +; CHECK-NOT: icmp +; CHECK-NOT: call void @__asan_report_store4 + + %0 = alloca i32, align 4 + store i32 0, i32* %0, align 4 + %1 = load i32, i32* %0, align 4 + ret i32 %1 +} diff --git a/test/Instrumentation/AddressSanitizer/experiment-call.ll b/test/Instrumentation/AddressSanitizer/experiment-call.ll new file mode 100644 index 0000000..0e339cc --- /dev/null +++ b/test/Instrumentation/AddressSanitizer/experiment-call.ll @@ -0,0 +1,113 @@ +; Test optimization experiments. +; -asan-force-experiment flag turns all memory accesses into experiments. +; RUN: opt < %s -asan -asan-module -asan-force-experiment=42 -asan-instrumentation-with-call-threshold=0 -S | FileCheck %s +target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64" +target triple = "x86_64-unknown-linux-gnu" + +define void @load1(i8* %p) sanitize_address { +entry: + %t = load i8, i8* %p, align 1 + ret void +; CHECK-LABEL: define void @load1 +; CHECK: __asan_exp_load1{{.*}} i32 42 +; CHECK: ret void +} + +define void @load2(i16* %p) sanitize_address { +entry: + %t = load i16, i16* %p, align 2 + ret void +; CHECK-LABEL: define void @load2 +; CHECK: __asan_exp_load2{{.*}} i32 42 +; CHECK: ret void +} + +define void @load4(i32* %p) sanitize_address { +entry: + %t = load i32, i32* %p, align 4 + ret void +; CHECK-LABEL: define void @load4 +; CHECK: __asan_exp_load4{{.*}} i32 42 +; CHECK: ret void +} + +define void @load8(i64* %p) sanitize_address { +entry: + %t = load i64, i64* %p, align 8 + ret void +; CHECK-LABEL: define void @load8 +; CHECK: __asan_exp_load8{{.*}} i32 42 +; CHECK: ret void +} + +define void @load16(i128* %p) sanitize_address { +entry: + %t = load i128, i128* %p, align 16 + ret void +; CHECK-LABEL: define void @load16 +; CHECK: __asan_exp_load16{{.*}} i32 42 +; CHECK: ret void +} + +define void @loadN(i48* %p) sanitize_address { +entry: + %t = load i48, i48* %p, align 1 + ret void +; CHECK-LABEL: define void @loadN +; CHECK: __asan_exp_loadN{{.*}} i32 42 +; CHECK: ret void +} + +define void @store1(i8* %p) sanitize_address { +entry: + store i8 1, i8* %p, align 1 + ret void +; CHECK-LABEL: define void @store1 +; CHECK: __asan_exp_store1{{.*}} i32 42 +; CHECK: ret void +} + +define void @store2(i16* %p) sanitize_address { +entry: + store i16 1, i16* %p, align 2 + ret void +; CHECK-LABEL: define void @store2 +; CHECK: __asan_exp_store2{{.*}} i32 42 +; CHECK: ret void +} + +define void @store4(i32* %p) sanitize_address { +entry: + store i32 1, i32* %p, align 4 + ret void +; CHECK-LABEL: define void @store4 +; CHECK: __asan_exp_store4{{.*}} i32 42 +; CHECK: ret void +} + +define void @store8(i64* %p) sanitize_address { +entry: + store i64 1, i64* %p, align 8 + ret void +; CHECK-LABEL: define void @store8 +; CHECK: __asan_exp_store8{{.*}} i32 42 +; CHECK: ret void +} + +define void @store16(i128* %p) sanitize_address { +entry: + store i128 1, i128* %p, align 16 + ret void +; CHECK-LABEL: define void @store16 +; CHECK: __asan_exp_store16{{.*}} i32 42 +; CHECK: ret void +} + +define void @storeN(i48* %p) sanitize_address { +entry: + store i48 1, i48* %p, align 1 + ret void +; CHECK-LABEL: define void @storeN +; CHECK: __asan_exp_storeN{{.*}} i32 42 +; CHECK: ret void +} diff --git a/test/Instrumentation/AddressSanitizer/experiment.ll b/test/Instrumentation/AddressSanitizer/experiment.ll new file mode 100644 index 0000000..aaa125f --- /dev/null +++ b/test/Instrumentation/AddressSanitizer/experiment.ll @@ -0,0 +1,113 @@ +; Test optimization experiments. +; -asan-force-experiment flag turns all memory accesses into experiments. +; RUN: opt < %s -asan -asan-module -asan-force-experiment=42 -S | FileCheck %s +target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64" +target triple = "x86_64-unknown-linux-gnu" + +define void @load1(i8* %p) sanitize_address { +entry: + %t = load i8, i8* %p, align 1 + ret void +; CHECK-LABEL: define void @load1 +; CHECK: __asan_report_exp_load1{{.*}} i32 42 +; CHECK: ret void +} + +define void @load2(i16* %p) sanitize_address { +entry: + %t = load i16, i16* %p, align 2 + ret void +; CHECK-LABEL: define void @load2 +; CHECK: __asan_report_exp_load2{{.*}} i32 42 +; CHECK: ret void +} + +define void @load4(i32* %p) sanitize_address { +entry: + %t = load i32, i32* %p, align 4 + ret void +; CHECK-LABEL: define void @load4 +; CHECK: __asan_report_exp_load4{{.*}} i32 42 +; CHECK: ret void +} + +define void @load8(i64* %p) sanitize_address { +entry: + %t = load i64, i64* %p, align 8 + ret void +; CHECK-LABEL: define void @load8 +; CHECK: __asan_report_exp_load8{{.*}} i32 42 +; CHECK: ret void +} + +define void @load16(i128* %p) sanitize_address { +entry: + %t = load i128, i128* %p, align 16 + ret void +; CHECK-LABEL: define void @load16 +; CHECK: __asan_report_exp_load16{{.*}} i32 42 +; CHECK: ret void +} + +define void @loadN(i48* %p) sanitize_address { +entry: + %t = load i48, i48* %p, align 1 + ret void +; CHECK-LABEL: define void @loadN +; CHECK: __asan_report_exp_load_n{{.*}} i32 42 +; CHECK: ret void +} + +define void @store1(i8* %p) sanitize_address { +entry: + store i8 1, i8* %p, align 1 + ret void +; CHECK-LABEL: define void @store1 +; CHECK: __asan_report_exp_store1{{.*}} i32 42 +; CHECK: ret void +} + +define void @store2(i16* %p) sanitize_address { +entry: + store i16 1, i16* %p, align 2 + ret void +; CHECK-LABEL: define void @store2 +; CHECK: __asan_report_exp_store2{{.*}} i32 42 +; CHECK: ret void +} + +define void @store4(i32* %p) sanitize_address { +entry: + store i32 1, i32* %p, align 4 + ret void +; CHECK-LABEL: define void @store4 +; CHECK: __asan_report_exp_store4{{.*}} i32 42 +; CHECK: ret void +} + +define void @store8(i64* %p) sanitize_address { +entry: + store i64 1, i64* %p, align 8 + ret void +; CHECK-LABEL: define void @store8 +; CHECK: __asan_report_exp_store8{{.*}} i32 42 +; CHECK: ret void +} + +define void @store16(i128* %p) sanitize_address { +entry: + store i128 1, i128* %p, align 16 + ret void +; CHECK-LABEL: define void @store16 +; CHECK: __asan_report_exp_store16{{.*}} i32 42 +; CHECK: ret void +} + +define void @storeN(i48* %p) sanitize_address { +entry: + store i48 1, i48* %p, align 1 + ret void +; CHECK-LABEL: define void @storeN +; CHECK: __asan_report_exp_store_n{{.*}} i32 42 +; CHECK: ret void +} diff --git a/test/Instrumentation/AddressSanitizer/freebsd.ll b/test/Instrumentation/AddressSanitizer/freebsd.ll index 359529f..5178432 100644 --- a/test/Instrumentation/AddressSanitizer/freebsd.ll +++ b/test/Instrumentation/AddressSanitizer/freebsd.ll @@ -10,7 +10,7 @@ define i32 @read_4_bytes(i32* %a) sanitize_address { entry: - %tmp1 = load i32* %a, align 4 + %tmp1 = load i32, i32* %a, align 4 ret i32 %tmp1 } diff --git a/test/Instrumentation/AddressSanitizer/global_metadata.ll b/test/Instrumentation/AddressSanitizer/global_metadata.ll index 3901745..2d09073 100644 --- a/test/Instrumentation/AddressSanitizer/global_metadata.ll +++ b/test/Instrumentation/AddressSanitizer/global_metadata.ll @@ -27,7 +27,7 @@ target triple = "x86_64-unknown-linux-gnu" ; Function Attrs: nounwind sanitize_address define internal void @__cxx_global_var_init() #0 section ".text.startup" { entry: - %0 = load i32* @global, align 4 + %0 = load i32, i32* @global, align 4 store i32 %0, i32* @dyn_init_global, align 4 ret void } @@ -36,7 +36,7 @@ entry: define void @_Z4funcv() #1 { entry: %literal = alloca i8*, align 8 - store i8* getelementptr inbounds ([14 x i8]* @.str, i32 0, i32 0), i8** %literal, align 8 + store i8* getelementptr inbounds ([14 x i8], [14 x i8]* @.str, i32 0, i32 0), i8** %literal, align 8 ret void } diff --git a/test/Instrumentation/AddressSanitizer/instrument-dynamic-allocas.ll b/test/Instrumentation/AddressSanitizer/instrument-dynamic-allocas.ll index 25807bb..18a86a9 100644 --- a/test/Instrumentation/AddressSanitizer/instrument-dynamic-allocas.ll +++ b/test/Instrumentation/AddressSanitizer/instrument-dynamic-allocas.ll @@ -15,10 +15,11 @@ entry: ; CHECK-NOALLOCA-NOT: store i32 -875836469 %0 = alloca i32, align 4 %1 = alloca i8* - store i32 %len, i32* %0, align 4 - %2 = load i32* %0, align 4 + store volatile i32 %len, i32* %0, align 4 + %2 = load i32, i32* %0, align 4 %3 = zext i32 %2 to i64 %4 = alloca i8, i64 %3, align 32 + store volatile i8 0, i8* %4 ret void } diff --git a/test/Instrumentation/AddressSanitizer/instrument-stack.ll b/test/Instrumentation/AddressSanitizer/instrument-stack.ll new file mode 100644 index 0000000..52978d9 --- /dev/null +++ b/test/Instrumentation/AddressSanitizer/instrument-stack.ll @@ -0,0 +1,48 @@ +; This test checks that we are not instrumenting direct inbound stack accesses. +; RUN: opt < %s -asan -asan-module -asan-opt-stack -S | FileCheck %s + +target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128" +target triple = "x86_64-unknown-linux-gnu" + +;@sink = global i32* null, align 4 + +; Ignore direct inbounds stack access. +define void @foo() uwtable sanitize_address { +entry: + %a = alloca i32, align 4 + store i32 42, i32* %a, align 4 + ret void +; CHECK-LABEL: define void @foo +; CHECK-NOT: __asan_report +; CHECK: ret void +} + +; Don't ignore dynamic indexing. +define void @baz(i64 %i) sanitize_address { +entry: + %a = alloca [10 x i32], align 4 + %e = getelementptr inbounds [10 x i32], [10 x i32]* %a, i32 0, i64 %i + store i32 42, i32* %e, align 4 + ret void +; CHECK-LABEL: define void @baz +; CHECK: __asan_report +; CHECK: ret void +} + +define void @bar() sanitize_address { +entry: + %a = alloca [10 x i32], align 4 + %e = getelementptr inbounds [10 x i32], [10 x i32]* %a, i32 0, i64 12 + store i32 42, i32* %e, align 4 + ret void +; CHECK-LABEL: define void @bar +; CHECK: __asan_report +; CHECK: ret void +} + +define void @endoftests() sanitize_address { +entry: + ret void +; CHECK-LABEL: define void @endoftests +} + diff --git a/test/Instrumentation/AddressSanitizer/instrument_global.ll b/test/Instrumentation/AddressSanitizer/instrument_global.ll index 259c815..7df3d22 100644 --- a/test/Instrumentation/AddressSanitizer/instrument_global.ll +++ b/test/Instrumentation/AddressSanitizer/instrument_global.ll @@ -20,7 +20,7 @@ target triple = "x86_64-unknown-linux-gnu" ; GlobSt is declared here, and has static initializer -- ok to optimize. define i32 @AccessGlobSt_0_2() sanitize_address { entry: - %0 = load i32* getelementptr inbounds ([10 x i32]* @GlobSt, i64 0, i64 2), align 8 + %0 = load i32, i32* getelementptr inbounds ([10 x i32], [10 x i32]* @GlobSt, i64 0, i64 2), align 8 ret i32 %0 ; CHECK-LABEL: define i32 @AccessGlobSt_0_2 ; CHECK-NOT: __asan_report @@ -30,7 +30,7 @@ entry: ; GlobSt is accessed out of bounds -- can't optimize define i32 @AccessGlobSt_0_12() sanitize_address { entry: - %0 = load i32* getelementptr inbounds ([10 x i32]* @GlobSt, i64 0, i64 12), align 8 + %0 = load i32, i32* getelementptr inbounds ([10 x i32], [10 x i32]* @GlobSt, i64 0, i64 12), align 8 ret i32 %0 ; CHECK-LABEL: define i32 @AccessGlobSt_0_12 ; CHECK: __asan_report @@ -40,7 +40,7 @@ entry: ; GlobSt is accessed with Gep that has non-0 first index -- can't optimize. define i32 @AccessGlobSt_1_2() sanitize_address { entry: - %0 = load i32* getelementptr inbounds ([10 x i32]* @GlobSt, i64 1, i64 2), align 8 + %0 = load i32, i32* getelementptr inbounds ([10 x i32], [10 x i32]* @GlobSt, i64 1, i64 2), align 8 ret i32 %0 ; CHECK-LABEL: define i32 @AccessGlobSt_1_2 ; CHECK: __asan_report @@ -50,7 +50,7 @@ entry: ; GlobDy is declared with dynamic initializer -- can't optimize. define i32 @AccessGlobDy_0_2() sanitize_address { entry: - %0 = load i32* getelementptr inbounds ([10 x i32]* @GlobDy, i64 0, i64 2), align 8 + %0 = load i32, i32* getelementptr inbounds ([10 x i32], [10 x i32]* @GlobDy, i64 0, i64 2), align 8 ret i32 %0 ; CHECK-LABEL: define i32 @AccessGlobDy_0_2 ; CHECK: __asan_report @@ -60,7 +60,7 @@ entry: ; GlobEx is an external global -- can't optimize. define i32 @AccessGlobEx_0_2() sanitize_address { entry: - %0 = load i32* getelementptr inbounds ([10 x i32]* @GlobEx, i64 0, i64 2), align 8 + %0 = load i32, i32* getelementptr inbounds ([10 x i32], [10 x i32]* @GlobEx, i64 0, i64 2), align 8 ret i32 %0 ; CHECK-LABEL: define i32 @AccessGlobEx_0_2 ; CHECK: __asan_report diff --git a/test/Instrumentation/AddressSanitizer/instrument_load_then_store.ll b/test/Instrumentation/AddressSanitizer/instrument_load_then_store.ll index 195785f..01a7a66 100644 --- a/test/Instrumentation/AddressSanitizer/instrument_load_then_store.ll +++ b/test/Instrumentation/AddressSanitizer/instrument_load_then_store.ll @@ -6,7 +6,7 @@ target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f3 target triple = "x86_64-unknown-linux-gnu" define void @IncrementMe(i32* %a) sanitize_address { entry: - %tmp1 = load i32* %a, align 4 + %tmp1 = load i32, i32* %a, align 4 %tmp2 = add i32 %tmp1, 1 store i32 %tmp2, i32* %a, align 4 ret void diff --git a/test/Instrumentation/AddressSanitizer/instrumentation-with-call-threshold.ll b/test/Instrumentation/AddressSanitizer/instrumentation-with-call-threshold.ll index adb4341..8e0275d 100644 --- a/test/Instrumentation/AddressSanitizer/instrumentation-with-call-threshold.ll +++ b/test/Instrumentation/AddressSanitizer/instrumentation-with-call-threshold.ll @@ -20,10 +20,10 @@ entry: ; CHECK-CUSTOM-PREFIX: call void @__foo_load8 ; CHECK-CUSTOM-PREFIX: call void @__foo_loadN ; CHECK-INLINE-NOT: call void @__asan_load - %tmp1 = load i32* %a, align 4 - %tmp2 = load i64* %b, align 8 - %tmp3 = load i512* %c, align 32 - %tmp4 = load i80* %d, align 8 + %tmp1 = load i32, i32* %a, align 4 + %tmp2 = load i64, i64* %b, align 8 + %tmp3 = load i512, i512* %c, align 32 + %tmp4 = load i80, i80* %d, align 8 ret void } diff --git a/test/Instrumentation/AddressSanitizer/lifetime-uar.ll b/test/Instrumentation/AddressSanitizer/lifetime-uar.ll index 25577de..efba8ce 100644 --- a/test/Instrumentation/AddressSanitizer/lifetime-uar.ll +++ b/test/Instrumentation/AddressSanitizer/lifetime-uar.ll @@ -17,8 +17,8 @@ entry: ; Memory is unpoisoned at llvm.lifetime.start ; CHECK: call void @__asan_unpoison_stack_memory(i64 %{{[^ ]+}}, i64 1) - store i32 0, i32* %retval - store i8 0, i8* %c, align 1 + store volatile i32 0, i32* %retval + store volatile i8 0, i8* %c, align 1 call void @llvm.lifetime.end(i64 1, i8* %c) ; Memory is poisoned at llvm.lifetime.end diff --git a/test/Instrumentation/AddressSanitizer/lifetime.ll b/test/Instrumentation/AddressSanitizer/lifetime.ll index 175a07d..ac324a9 100644 --- a/test/Instrumentation/AddressSanitizer/lifetime.ll +++ b/test/Instrumentation/AddressSanitizer/lifetime.ll @@ -12,6 +12,7 @@ entry: %i = alloca i32, align 4 %i.ptr = bitcast i32* %i to i8* call void @llvm.lifetime.start(i64 -1, i8* %i.ptr) + store volatile i8 0, i8* %i.ptr call void @llvm.lifetime.end(i64 -1, i8* %i.ptr) ; Check that lifetime with no size are ignored. @@ -30,6 +31,7 @@ define void @lifetime() sanitize_address { %i = alloca i32, align 4 %i.ptr = bitcast i32* %i to i8* call void @llvm.lifetime.start(i64 3, i8* %i.ptr) + store volatile i8 0, i8* %i.ptr ; Memory is unpoisoned at llvm.lifetime.start ; CHECK: %[[VAR:[^ ]*]] = ptrtoint i32* %{{[^ ]+}} to i64 ; CHECK-NEXT: call void @__asan_unpoison_stack_memory(i64 %[[VAR]], i64 3) @@ -43,12 +45,14 @@ define void @lifetime() sanitize_address { %arr = alloca [10 x i32], align 16 %arr.ptr = bitcast [10 x i32]* %arr to i8* call void @llvm.lifetime.start(i64 40, i8* %arr.ptr) + store volatile i8 0, i8* %arr.ptr ; CHECK: call void @__asan_unpoison_stack_memory(i64 %{{[^ ]+}}, i64 40) call void @llvm.lifetime.end(i64 40, i8* %arr.ptr) ; CHECK: call void @__asan_poison_stack_memory(i64 %{{[^ ]+}}, i64 40) ; One more lifetime start/end for the same variable %i. call void @llvm.lifetime.start(i64 4, i8* %i.ptr) + store volatile i8 0, i8* %i.ptr ; CHECK: call void @__asan_unpoison_stack_memory(i64 %{{[^ ]+}}, i64 4) call void @llvm.lifetime.end(i64 4, i8* %i.ptr) ; CHECK: call void @__asan_poison_stack_memory(i64 %{{[^ ]+}}, i64 4) @@ -68,6 +72,7 @@ entry: %i = alloca i64, align 4 %i.ptr = bitcast i64* %i to i8* call void @llvm.lifetime.start(i64 8, i8* %i.ptr) + store volatile i8 0, i8* %i.ptr ; CHECK: __asan_unpoison_stack_memory br i1 %x, label %bb0, label %bb1 diff --git a/test/Instrumentation/AddressSanitizer/stack-poisoning.ll b/test/Instrumentation/AddressSanitizer/stack-poisoning.ll index ace12d0..0c9ffe2 100644 --- a/test/Instrumentation/AddressSanitizer/stack-poisoning.ll +++ b/test/Instrumentation/AddressSanitizer/stack-poisoning.ll @@ -12,7 +12,7 @@ entry: ; CHECK-PLAIN: ret void ; CHECK-UAR-LABEL: Bar -; CHECK-UAR: load i32* @__asan_option_detect_stack_use_after_return +; CHECK-UAR: load i32, i32* @__asan_option_detect_stack_use_after_return ; CHECK-UAR: label ; CHECK-UAR: call i64 @__asan_stack_malloc_1 ; CHECK-UAR: label @@ -35,7 +35,7 @@ entry: ; CHECK-UAR: ret void %x = alloca [20 x i8], align 16 - %arraydecay = getelementptr inbounds [20 x i8]* %x, i64 0, i64 0 + %arraydecay = getelementptr inbounds [20 x i8], [20 x i8]* %x, i64 0, i64 0 call void @Foo(i8* %arraydecay) ret void } diff --git a/test/Instrumentation/AddressSanitizer/stack_dynamic_alloca.ll b/test/Instrumentation/AddressSanitizer/stack_dynamic_alloca.ll index 43711b7..9c05874 100644 --- a/test/Instrumentation/AddressSanitizer/stack_dynamic_alloca.ll +++ b/test/Instrumentation/AddressSanitizer/stack_dynamic_alloca.ll @@ -8,7 +8,7 @@ entry: ; CHECK-LABEL: Func1 ; CHECK: entry: -; CHECK: load i32* @__asan_option_detect_stack_use_after_return +; CHECK: load i32, i32* @__asan_option_detect_stack_use_after_return ; CHECK: <label>:[[UAR_ENABLED_BB:[0-9]+]] ; CHECK: [[FAKE_STACK_RT:%[0-9]+]] = call i64 @__asan_stack_malloc_ @@ -26,6 +26,8 @@ entry: ; CHECK: ret void %XXX = alloca [20 x i8], align 1 + %arr.ptr = bitcast [20 x i8]* %XXX to i8* + store volatile i8 0, i8* %arr.ptr ret void } @@ -37,6 +39,8 @@ entry: ; CHECK: ret void %XXX = alloca [20 x i8], align 1 + %arr.ptr = bitcast [20 x i8]* %XXX to i8* + store volatile i8 0, i8* %arr.ptr call void asm sideeffect "mov %%rbx, %%rcx", "~{dirflag},~{fpsr},~{flags}"() nounwind ret void } diff --git a/test/Instrumentation/AddressSanitizer/stack_layout.ll b/test/Instrumentation/AddressSanitizer/stack_layout.ll index 97e3bbb..6575dd6 100644 --- a/test/Instrumentation/AddressSanitizer/stack_layout.ll +++ b/test/Instrumentation/AddressSanitizer/stack_layout.ll @@ -26,6 +26,12 @@ entry: %XXX = alloca [10 x i8], align 1 %YYY = alloca [20 x i8], align 1 %ZZZ = alloca [30 x i8], align 1 + %arr1.ptr = bitcast [10 x i8]* %XXX to i8* + store volatile i8 0, i8* %arr1.ptr + %arr2.ptr = bitcast [20 x i8]* %YYY to i8* + store volatile i8 0, i8* %arr2.ptr + %arr3.ptr = bitcast [30 x i8]* %ZZZ to i8* + store volatile i8 0, i8* %arr3.ptr ret void } @@ -41,6 +47,12 @@ entry: %AAA = alloca [5 x i8], align 1 %BBB = alloca [55 x i8], align 1 %CCC = alloca [555 x i8], align 1 + %arr1.ptr = bitcast [5 x i8]* %AAA to i8* + store volatile i8 0, i8* %arr1.ptr + %arr2.ptr = bitcast [55 x i8]* %BBB to i8* + store volatile i8 0, i8* %arr2.ptr + %arr3.ptr = bitcast [555 x i8]* %CCC to i8* + store volatile i8 0, i8* %arr3.ptr ret void } @@ -57,5 +69,11 @@ entry: %AAA = alloca [128 x i8], align 16 %BBB = alloca [128 x i8], align 64 %CCC = alloca [128 x i8], align 256 + %arr1.ptr = bitcast [128 x i8]* %AAA to i8* + store volatile i8 0, i8* %arr1.ptr + %arr2.ptr = bitcast [128 x i8]* %BBB to i8* + store volatile i8 0, i8* %arr2.ptr + %arr3.ptr = bitcast [128 x i8]* %CCC to i8* + store volatile i8 0, i8* %arr3.ptr ret void } diff --git a/test/Instrumentation/AddressSanitizer/test64.ll b/test/Instrumentation/AddressSanitizer/test64.ll index fd93f45..85a29e6 100644 --- a/test/Instrumentation/AddressSanitizer/test64.ll +++ b/test/Instrumentation/AddressSanitizer/test64.ll @@ -3,7 +3,7 @@ target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f3 target triple = "x86_64-unknown-linux-gnu" define i32 @read_4_bytes(i32* %a) sanitize_address { entry: - %tmp1 = load i32* %a, align 4 + %tmp1 = load i32, i32* %a, align 4 ret i32 %tmp1 } ; CHECK-LABEL: @read_4_bytes diff --git a/test/Instrumentation/AddressSanitizer/ubsan.ll b/test/Instrumentation/AddressSanitizer/ubsan.ll index 5535efe..23b7ef4 100644 --- a/test/Instrumentation/AddressSanitizer/ubsan.ll +++ b/test/Instrumentation/AddressSanitizer/ubsan.ll @@ -17,9 +17,9 @@ define void @_Z3BarP1A(%struct.A* %a) uwtable sanitize_address { ; CHECK-LABEL: define void @_Z3BarP1A entry: %0 = bitcast %struct.A* %a to void (%struct.A*)*** - %vtable = load void (%struct.A*)*** %0, align 8 + %vtable = load void (%struct.A*)**, void (%struct.A*)*** %0, align 8 ; CHECK: __asan_report_load8 - %1 = load void (%struct.A*)** %vtable, align 8 + %1 = load void (%struct.A*)*, void (%struct.A*)** %vtable, align 8 ; CHECK: __asan_report_load8 %2 = ptrtoint void (%struct.A*)** %vtable to i64 %3 = xor i64 %2, -303164226014115343, !nosanitize !0 @@ -32,9 +32,9 @@ entry: %10 = xor i64 %9, %8, !nosanitize !0 %11 = mul i64 %10, -7070675565921424023, !nosanitize !0 %12 = and i64 %11, 127, !nosanitize !0 - %13 = getelementptr inbounds [128 x i64]* @__ubsan_vptr_type_cache, i64 0, i64 %12, !nosanitize !0 + %13 = getelementptr inbounds [128 x i64], [128 x i64]* @__ubsan_vptr_type_cache, i64 0, i64 %12, !nosanitize !0 ; CHECK-NOT: __asan_report_load8 - %14 = load i64* %13, align 8, !nosanitize !0 + %14 = load i64, i64* %13, align 8, !nosanitize !0 %15 = icmp eq i64 %14, %11, !nosanitize !0 br i1 %15, label %cont, label %handler.dynamic_type_cache_miss, !nosanitize !0 |