1 ; Test basic address sanitizer instrumentation. 2 ; 3 ; RUN: opt < %s -asan -asan-module -S | FileCheck %s 4 5 target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64" 6 target triple = "x86_64-unknown-linux-gnu" 7 8 define i32 @test_load(i32* %a) sanitize_address { 9 ; CHECK-LABEL: @test_load 10 ; CHECK-NOT: load 11 ; CHECK: %[[LOAD_ADDR:[^ ]*]] = ptrtoint i32* %a to i64 12 ; CHECK: lshr i64 %[[LOAD_ADDR]], 3 13 ; CHECK: {{or|add}} 14 ; CHECK: %[[LOAD_SHADOW_PTR:[^ ]*]] = inttoptr 15 ; CHECK: %[[LOAD_SHADOW:[^ ]*]] = load i8, i8* %[[LOAD_SHADOW_PTR]] 16 ; CHECK: icmp ne i8 17 ; CHECK: br i1 %{{.*}}, label %{{.*}}, label %{{.*}}!prof ![[PROF:[0-9]+]] 18 ; 19 ; First instrumentation block refines the shadow test. 20 ; CHECK: and i64 %[[LOAD_ADDR]], 7 21 ; CHECK: add i64 %{{.*}}, 3 22 ; CHECK: trunc i64 %{{.*}} to i8 23 ; CHECK: icmp sge i8 %{{.*}}, %[[LOAD_SHADOW]] 24 ; CHECK: br i1 %{{.*}}, label %{{.*}}, label %{{.*}} 25 ; 26 ; The crash block reports the error. 27 ; CHECK: call void @__asan_report_load4(i64 %[[LOAD_ADDR]]) 28 ; CHECK: unreachable 29 ; 30 ; The actual load. 31 ; CHECK: %tmp1 = load i32, i32* %a 32 ; CHECK: ret i32 %tmp1 33 34 35 36 entry: 37 %tmp1 = load i32, i32* %a, align 4 38 ret i32 %tmp1 39 } 40 41 define void @test_store(i32* %a) sanitize_address { 42 ; CHECK-LABEL: @test_store 43 ; CHECK-NOT: store 44 ; CHECK: %[[STORE_ADDR:[^ ]*]] = ptrtoint i32* %a to i64 45 ; CHECK: lshr i64 %[[STORE_ADDR]], 3 46 ; CHECK: {{or|add}} 47 ; CHECK: %[[STORE_SHADOW_PTR:[^ ]*]] = inttoptr 48 ; CHECK: %[[STORE_SHADOW:[^ ]*]] = load i8, i8* %[[STORE_SHADOW_PTR]] 49 ; CHECK: icmp ne i8 50 ; CHECK: br i1 %{{.*}}, label %{{.*}}, label %{{.*}} 51 ; 52 ; First instrumentation block refines the shadow test. 53 ; CHECK: and i64 %[[STORE_ADDR]], 7 54 ; CHECK: add i64 %{{.*}}, 3 55 ; CHECK: trunc i64 %{{.*}} to i8 56 ; CHECK: icmp sge i8 %{{.*}}, %[[STORE_SHADOW]] 57 ; CHECK: br i1 %{{.*}}, label %{{.*}}, label %{{.*}} 58 ; 59 ; The crash block reports the error. 60 ; CHECK: call void @__asan_report_store4(i64 %[[STORE_ADDR]]) 61 ; CHECK: unreachable 62 ; 63 ; The actual load. 64 ; CHECK: store i32 42, i32* %a 65 ; CHECK: ret void 66 ; 67 68 entry: 69 store i32 42, i32* %a, align 4 70 ret void 71 } 72 73 ; Check that asan leaves just one alloca. 74 75 declare void @alloca_test_use([10 x i8]*) 76 define void @alloca_test() sanitize_address { 77 entry: 78 %x = alloca [10 x i8], align 1 79 %y = alloca [10 x i8], align 1 80 %z = alloca [10 x i8], align 1 81 call void @alloca_test_use([10 x i8]* %x) 82 call void @alloca_test_use([10 x i8]* %y) 83 call void @alloca_test_use([10 x i8]* %z) 84 ret void 85 } 86 87 ; CHECK-LABEL: define void @alloca_test() 88 ; CHECK: = alloca 89 ; CHECK-NOT: = alloca 90 ; CHECK: ret void 91 92 define void @LongDoubleTest(x86_fp80* nocapture %a) nounwind uwtable sanitize_address { 93 entry: 94 store x86_fp80 0xK3FFF8000000000000000, x86_fp80* %a, align 16 95 ret void 96 } 97 98 ; CHECK-LABEL: LongDoubleTest 99 ; CHECK: __asan_report_store_n 100 ; CHECK: __asan_report_store_n 101 ; CHECK: ret void 102 103 104 define void @i40test(i40* %a, i40* %b) nounwind uwtable sanitize_address { 105 entry: 106 %t = load i40, i40* %a 107 store i40 %t, i40* %b, align 8 108 ret void 109 } 110 111 ; CHECK-LABEL: i40test 112 ; CHECK: __asan_report_load_n{{.*}}, i64 5) 113 ; CHECK: __asan_report_load_n{{.*}}, i64 5) 114 ; CHECK: __asan_report_store_n{{.*}}, i64 5) 115 ; CHECK: __asan_report_store_n{{.*}}, i64 5) 116 ; CHECK: ret void 117 118 define void @i64test_align1(i64* %b) nounwind uwtable sanitize_address { 119 entry: 120 store i64 0, i64* %b, align 1 121 ret void 122 } 123 124 ; CHECK-LABEL: i64test_align1 125 ; CHECK: __asan_report_store_n{{.*}}, i64 8) 126 ; CHECK: __asan_report_store_n{{.*}}, i64 8) 127 ; CHECK: ret void 128 129 130 define void @i80test(i80* %a, i80* %b) nounwind uwtable sanitize_address { 131 entry: 132 %t = load i80, i80* %a 133 store i80 %t, i80* %b, align 8 134 ret void 135 } 136 137 ; CHECK-LABEL: i80test 138 ; CHECK: __asan_report_load_n{{.*}}, i64 10) 139 ; CHECK: __asan_report_load_n{{.*}}, i64 10) 140 ; CHECK: __asan_report_store_n{{.*}}, i64 10) 141 ; CHECK: __asan_report_store_n{{.*}}, i64 10) 142 ; CHECK: ret void 143 144 ; asan should not instrument functions with available_externally linkage. 145 define available_externally i32 @f_available_externally(i32* %a) sanitize_address { 146 entry: 147 %tmp1 = load i32, i32* %a 148 ret i32 %tmp1 149 } 150 ; CHECK-LABEL: @f_available_externally 151 ; CHECK-NOT: __asan_report 152 ; CHECK: ret i32 153 154 declare void @llvm.memset.p0i8.i64(i8* nocapture, i8, i64, i32, i1) nounwind 155 declare void @llvm.memmove.p0i8.p0i8.i64(i8* nocapture, i8* nocapture readonly, i64, i32, i1) nounwind 156 declare void @llvm.memcpy.p0i8.p0i8.i64(i8* nocapture, i8* nocapture readonly, i64, i32, i1) nounwind 157 158 define void @memintr_test(i8* %a, i8* %b) nounwind uwtable sanitize_address { 159 entry: 160 tail call void @llvm.memset.p0i8.i64(i8* %a, i8 0, i64 100, i32 1, i1 false) 161 tail call void @llvm.memmove.p0i8.p0i8.i64(i8* %a, i8* %b, i64 100, i32 1, i1 false) 162 tail call void @llvm.memcpy.p0i8.p0i8.i64(i8* %a, i8* %b, i64 100, i32 1, i1 false) 163 ret void 164 } 165 166 ; CHECK-LABEL: memintr_test 167 ; CHECK: __asan_memset 168 ; CHECK: __asan_memmove 169 ; CHECK: __asan_memcpy 170 ; CHECK: ret void 171 172 ; PROF 173 ; CHECK: ![[PROF]] = !{!"branch_weights", i32 1, i32 100000} 174
