xref: /llvm-project/llvm/test/Instrumentation/AddressSanitizer/stack_dynamic_alloca.ll (revision fe7f5f9126cea9ceba703d5bd07b766181f2bd72) 
1; RUN: opt < %s -passes=asan -asan-stack-dynamic-alloca -asan-use-stack-safety=0 -asan-use-after-return=runtime -S | FileCheck %s --check-prefixes=CHECK,CHECK-RUNTIME
2; RUN: opt < %s -passes=asan -asan-stack-dynamic-alloca -asan-mapping-scale=5 -asan-use-stack-safety=0 -asan-use-after-return=runtime -S | FileCheck %s --check-prefixes=CHECK,CHECK-RUNTIME
3; RUN: opt < %s -passes=asan  -asan-stack-dynamic-alloca -asan-use-stack-safety=0 -asan-use-after-return=always -S | FileCheck %s --check-prefixes=CHECK,CHECK-ALWAYS --implicit-check-not=__asan_option_detect_stack_use_after_return
4; RUN: opt < %s -passes=asan -asan-stack-dynamic-alloca -asan-use-stack-safety=0 -asan-use-after-return=always -S | FileCheck %s --check-prefixes=CHECK,CHECK-ALWAYS --implicit-check-not=__asan_option_detect_stack_use_after_return
5target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"
6target triple = "x86_64-unknown-linux-gnu"
7
8define void @Func1() sanitize_address {
9entry:
10; CHECK-LABEL: Func1
11
12; CHECK: entry:
13; CHECK-RUNTIME: load i32, ptr @__asan_option_detect_stack_use_after_return
14; COM: CHECK-NORUNTIME-NOT: load i32, ptr @__asan_option_detect_stack_use_after_return
15
16; CHECK-RUNTIME: [[UAR_ENABLED_BB:^[0-9]+]]:
17; CHECK-RUNTIME: [[FAKE_STACK_RT:%[0-9]+]] = call i64 @__asan_stack_malloc_
18; CHECK-ALWAYS: [[FAKE_STACK_RT:%[0-9]+]] = call i64 @__asan_stack_malloc_always_
19
20; CHECK-RUNTIME: [[FAKE_STACK_BB:^[0-9]+]]:
21; CHECK-RUNTIME: [[FAKE_STACK:%[0-9]+]] = phi i64 [ 0, %entry ], [ [[FAKE_STACK_RT]], %[[UAR_ENABLED_BB]] ]
22; CHECK-RUNTIME: icmp eq i64 [[FAKE_STACK]], 0
23; CHECK-ALWAYS: icmp eq i64 [[FAKE_STACK_RT]], 0
24
25; CHECK: [[NO_FAKE_STACK_BB:^[0-9]+]]:
26; CHECK: %MyAlloca = alloca i8, i64
27; CHECK: [[ALLOCA:%[0-9]+]] = ptrtoint ptr %MyAlloca
28
29; CHECK-RUNTIME: phi i64 [ [[FAKE_STACK]], %[[FAKE_STACK_BB]] ], [ [[ALLOCA]], %[[NO_FAKE_STACK_BB]] ]
30; CHECK-ALWAYS: phi i64 [ [[FAKE_STACK_RT]], %entry ], [ [[ALLOCA]], %[[NO_FAKE_STACK_BB]] ]
31
32; CHECK: ret void
33
34  %XXX = alloca [20 x i8], align 1
35  store volatile i8 0, ptr %XXX
36  ret void
37}
38
39; Test that dynamic alloca is not used for functions with inline assembly.
40define void @Func2() sanitize_address {
41entry:
42; CHECK-LABEL: Func2
43; CHECK: alloca [96 x i8]
44; CHECK: ret void
45
46  %XXX = alloca [20 x i8], align 1
47  store volatile i8 0, ptr %XXX
48  call void asm sideeffect "mov %%rbx, %%rcx", "~{dirflag},~{fpsr},~{flags}"() nounwind
49  ret void
50}
51
52; Test that dynamic alloca is not used when setjmp is present.
53%struct.__jmp_buf_tag = type { [8 x i64], i32, %struct.__sigset_t }
54%struct.__sigset_t = type { [16 x i64] }
55@_ZL3buf = internal global [1 x %struct.__jmp_buf_tag] zeroinitializer, align 16
56
57define void @Func3() uwtable sanitize_address {
58; CHECK-LABEL: define void @Func3
59; CHECK-NOT: __asan_option_detect_stack_use_after_return
60; CHECK-NOT: __asan_stack_malloc
61; CHECK: call void @__asan_handle_no_return
62; CHECK: call void @longjmp
63; CHECK: ret void
64entry:
65  %a = alloca i32, align 4
66  %call = call i32 @_setjmp(ptr @_ZL3buf) nounwind returns_twice
67  %cmp = icmp eq i32 0, %call
68  br i1 %cmp, label %if.then, label %if.end
69
70if.then:                                          ; preds = %entry
71  call void @longjmp(ptr @_ZL3buf, i32 1) noreturn nounwind
72  unreachable
73
74if.end:                                           ; preds = %entry
75  call void @_Z10escape_ptrPi(ptr %a)
76  ret void
77}
78
79declare i32 @_setjmp(ptr) nounwind returns_twice
80declare void @longjmp(ptr, i32) noreturn nounwind
81declare void @_Z10escape_ptrPi(ptr)
82