This is an archive of the discontinued LLVM Phabricator instance.

Differential D102462

LLVM Detailed IR tests for introduction of flag -fsanitize-address-detect-stack-use-after-return-mode.
ClosedPublic

Authored by kda on May 13 2021, 9:43 PM.

Details

Reviewers
vitalybuka
Commits
rG52ac1147713d: LLVM Detailed IR tests for introduction of flag -fsanitize-address-detect-stack…
Summary

Rework all tests that interact with use after return to correctly handle the case where the mode has been explicitly set to Never or Always.

for issue: https://github.com/google/sanitizers/issues/1394

Diff Detail

Event Timeline

kda created this revision.May 13 2021, 9:43 PM
Herald added a subscriber: hiraditya. · View Herald TranscriptMay 13 2021, 9:43 PM
kda requested review of this revision.May 13 2021, 9:43 PM
Herald added a project: Restricted Project. · View Herald TranscriptMay 13 2021, 9:43 PM
Herald added a subscriber: llvm-commits. · View Herald Transcript
Harbormaster completed remote builds in B104430: Diff 345350.May 13 2021, 11:00 PM
vitalybuka added inline comments.May 13 2021, 11:24 PM
llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
260–277

we are going to have two conflicting flags.
Could you please just change this bool flag into Enum, probably without renaming?

static cl::opt<AsanDetectStackUseAfterReturnMode> ClUseAfterReturn("asan-use-after-return"...
0,1 should match current behavior

kda updated this revision to Diff 346805.May 20 2021, 11:27 AM
kda marked an inline comment as done.

Rework to update existing asan-use-after-return boolean to modal flag.

kda added inline comments.May 20 2021, 11:29 AM
llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
266–268

I added this one and the one below ('1') to avoid updating tests.
Should I just update the tests and remove these?

Harbormaster completed remote builds in B105474: Diff 346805.May 20 2021, 12:46 PM
vitalybuka mentioned this in D102867: [asan] Add autogenerated test for fake stack.May 20 2021, 1:10 PM
vitalybuka added inline comments.May 20 2021, 1:14 PM
llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
260–277

0,1 is fine
we can remove them later in a separate patch.

266–268

then maybe '2' as well?

271

it should be ASAN_OPTIONS=detect_stack_use_after_return=1

3322–3325

this comment applies to inside of the "then" branch only

Please insert corresponsing spseudo code for else branch:
void *FakeStack = __asan_stack_malloc_N(LocalStackSize);
 void *LocalStackBase = (FakeStack) ? FakeStack : alloca(LocalStackSize);

3344–3356

we porbably need entire thing in the else branch
AsanStackMallocFunc[StackMallocIdx] may return NULL in runtime
so we need NoFakeStack branch as well

This is future oportunity to improve: make compiler-rt never return NULL so we can remove CreateICmpEQ and one branch

3358

do you want to uncomment and keep it?

3366

FakeStack is LLVM object which represent result of the function call
(FakeStack) is never NULL, however in runtime it can contain NULL, so we need to compile IRB.CreateICmpEQ(FakeStack, Constant::getNullValue(IntptrTy)); like above

llvm/test/Instrumentation/AddressSanitizer/stack-poisoning.ll
21

this statements checks that there is no this line in after previous check
more reliable is to add --implicit-check-not=asan_option_detect_stack_use_after_return into FileCheck arg to make sure it's not there at all

23

It would be nice to check for CreateICmpEQ
But probably D102867 is enough

llvm/test/Instrumentation/AddressSanitizer/stack_dynamic_alloca.ll
22

same

vitalybuka mentioned this in rGb1140554e1b2: [asan] Add autogenerated test for fake stack.May 20 2021, 3:48 PM
kda updated this revision to Diff 347490.May 24 2021, 1:39 PM
kda marked 8 inline comments as done.

fixes for correct code.

kda updated this revision to Diff 347491.May 24 2021, 1:42 PM

removed commented out code.

kda added inline comments.May 24 2021, 1:45 PM
llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp
3358

No. I only meant it as a comment for clarity.

llvm/test/Instrumentation/AddressSanitizer/stack-poisoning.ll
23

ack.

Harbormaster completed remote builds in B105982: Diff 347491.May 24 2021, 2:29 PM
vitalybuka accepted this revision.May 25 2021, 3:56 PM

LGTM

This revision is now accepted and ready to land.May 25 2021, 3:56 PM
Closed by commit rG52ac1147713d: LLVM Detailed IR tests for introduction of flag -fsanitize-address-detect-stack… (authored by kda). · Explain WhyMay 25 2021, 4:17 PM
This revision was automatically updated to reflect the committed changes.
kda added a commit: rG52ac1147713d: LLVM Detailed IR tests for introduction of flag -fsanitize-address-detect-stack….

Revision Contents

PathSize
llvm/
include/
llvm/
Transforms/
Instrumentation/
11 lines
lib/
Transforms/
Instrumentation/
96 lines
test/
Instrumentation/
AddressSanitizer/
20 lines
16 lines
18 lines
17 lines

Diff 346805

llvm/include/llvm/Transforms/Instrumentation/AddressSanitizerOptions.h

Show All 14 Lines
/// Types of ASan module destructors supported /// Types of ASan module destructors supported
enum class AsanDtorKind { enum class AsanDtorKind {
None, ///< Do not emit any destructors for ASan None, ///< Do not emit any destructors for ASan
Global, ///< Append to llvm.global_dtors Global, ///< Append to llvm.global_dtors
Invalid, ///< Not a valid destructor Kind. Invalid, ///< Not a valid destructor Kind.
// TODO(dliew): Add more more kinds. // TODO(dliew): Add more more kinds.
}; };
/// Mode of ASan detect stack use after return
enum class AsanDetectStackUseAfterReturnMode {
Never, ///< Never detect stack use after return.
Runtime, ///< Detect stack use after return if runtime flag is enabled
///< (ASAN_OPTIONS=detect_stack_use_after_return=1)
Always, ///< Always detect stack use after return.
Invalid, ///< Not a valid detect mode.
};
} // namespace llvm } // namespace llvm
#endif #endif

llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp

Show First 20 LinesShow All 66 Lines▼ Show 20 Lines
#include "llvm/Support/CommandLine.h" #include "llvm/Support/CommandLine.h"
#include "llvm/Support/Debug.h" #include "llvm/Support/Debug.h"
#include "llvm/Support/ErrorHandling.h" #include "llvm/Support/ErrorHandling.h"
#include "llvm/Support/MathExtras.h" #include "llvm/Support/MathExtras.h"
#include "llvm/Support/ScopedPrinter.h" #include "llvm/Support/ScopedPrinter.h"
#include "llvm/Support/raw_ostream.h" #include "llvm/Support/raw_ostream.h"
#include "llvm/Transforms/Instrumentation.h" #include "llvm/Transforms/Instrumentation.h"
#include "llvm/Transforms/Instrumentation/AddressSanitizerCommon.h" #include "llvm/Transforms/Instrumentation/AddressSanitizerCommon.h"
#include "llvm/Transforms/Instrumentation/AddressSanitizerOptions.h"
#include "llvm/Transforms/Utils/ASanStackFrameLayout.h" #include "llvm/Transforms/Utils/ASanStackFrameLayout.h"
#include "llvm/Transforms/Utils/BasicBlockUtils.h" #include "llvm/Transforms/Utils/BasicBlockUtils.h"
#include "llvm/Transforms/Utils/Local.h" #include "llvm/Transforms/Utils/Local.h"
#include "llvm/Transforms/Utils/ModuleUtils.h" #include "llvm/Transforms/Utils/ModuleUtils.h"
#include "llvm/Transforms/Utils/PromoteMemToReg.h" #include "llvm/Transforms/Utils/PromoteMemToReg.h"
#include <algorithm> #include <algorithm>
#include <cassert> #include <cassert>
#include <cstddef> #include <cstddef>
▲ Show 20 LinesShow All 168 Lines▼ Show 20 Lines
// This flag may need to be replaced with -f[no]asan-stack. // This flag may need to be replaced with -f[no]asan-stack.
static cl::opt<bool> ClStack("asan-stack", cl::desc("Handle stack memory"), static cl::opt<bool> ClStack("asan-stack", cl::desc("Handle stack memory"),
cl::Hidden, cl::init(true)); cl::Hidden, cl::init(true));
static cl::opt<uint32_t> ClMaxInlinePoisoningSize( static cl::opt<uint32_t> ClMaxInlinePoisoningSize(
"asan-max-inline-poisoning-size", "asan-max-inline-poisoning-size",
cl::desc( cl::desc(
"Inline shadow poisoning for blocks up to the given size in bytes."), "Inline shadow poisoning for blocks up to the given size in bytes."),
cl::Hidden, cl::init(64)); cl::Hidden, cl::init(64));
static cl::opt<bool> ClUseAfterReturn("asan-use-after-return", static cl::opt<AsanDetectStackUseAfterReturnMode> ClUseAfterReturn(
cl::desc("Check stack-use-after-return"), "asan-use-after-return",
cl::Hidden, cl::init(true)); cl::desc("Sets the mode of detection for stack-use-after-return."),
cl::values(clEnumValN(AsanDetectStackUseAfterReturnMode::Never, "never",
"Never detect stack use after return."),
clEnumValN(AsanDetectStackUseAfterReturnMode::Never,
"0", // only needed to keep unit tests passing
"Redundant with 'never'."),
kdaAuthorUnsubmitted
Done
ReplyInline Actions

I added this one and the one below ('1') to avoid updating tests.
Should I just update the tests and remove these?

kda: I added this one and the one below ('1') to avoid updating tests. Should I just update the…
vitalybukaUnsubmitted
Done
ReplyInline Actions

then maybe '2' as well?

vitalybuka: then maybe '2' as well?
clEnumValN(AsanDetectStackUseAfterReturnMode::Runtime, "runtime",
"Detect stack use after return if "
"binary flag 'asan-use-after-return' is true."),
vitalybukaUnsubmitted
Done
ReplyInline Actions

it should be ASAN_OPTIONS=detect_stack_use_after_return=1

vitalybuka: it should be ASAN_OPTIONS=detect_stack_use_after_return=1
clEnumValN(AsanDetectStackUseAfterReturnMode::Runtime,
"1", // only needed to keep unit tests passing
"redundant with 'runtime'."),
clEnumValN(AsanDetectStackUseAfterReturnMode::Always, "always",
"Always detect stack use after return.")),
cl::Hidden, cl::init(AsanDetectStackUseAfterReturnMode::Runtime));
vitalybukaUnsubmitted
Done
ReplyInline Actions

we are going to have two conflicting flags.
Could you please just change this bool flag into Enum, probably without renaming?

static cl::opt<AsanDetectStackUseAfterReturnMode> ClUseAfterReturn("asan-use-after-return"...
0,1 should match current behavior

vitalybuka: we are going to have two conflicting flags. Could you please just change this bool flag into…
vitalybukaUnsubmitted
Done
ReplyInline Actions

0,1 is fine
we can remove them later in a separate patch.

vitalybuka: 0,1 is fine we can remove them later in a separate patch.
static cl::opt<bool> ClRedzoneByvalArgs("asan-redzone-byval-args", static cl::opt<bool> ClRedzoneByvalArgs("asan-redzone-byval-args",
cl::desc("Create redzones for byval " cl::desc("Create redzones for byval "
"arguments (extra copy " "arguments (extra copy "
"required)"), cl::Hidden, "required)"), cl::Hidden,
cl::init(true)); cl::init(true));
static cl::opt<bool> ClUseAfterScope("asan-use-after-scope", static cl::opt<bool> ClUseAfterScope("asan-use-after-scope",
▲ Show 20 LinesShow All 3,004 Lines▼ Show 20 Lines if (const DILocation *FnLoc = EntryDebugLocation.get()) {
Desc.Line = std::min(Desc.Line ? Desc.Line : Line, Line); Desc.Line = std::min(Desc.Line ? Desc.Line : Line, Line);
} }
} }
} }
auto DescriptionString = ComputeASanStackFrameDescription(SVD); auto DescriptionString = ComputeASanStackFrameDescription(SVD);
LLVM_DEBUG(dbgs() << DescriptionString << " --- " << L.FrameSize << "\n"); LLVM_DEBUG(dbgs() << DescriptionString << " --- " << L.FrameSize << "\n");
uint64_t LocalStackSize = L.FrameSize; uint64_t LocalStackSize = L.FrameSize;
bool DoStackMalloc = ClUseAfterReturn && !ASan.CompileKernel && bool DoStackMalloc =
LocalStackSize <= kMaxStackMallocSize; ClUseAfterReturn != AsanDetectStackUseAfterReturnMode::Never &&
!ASan.CompileKernel && LocalStackSize <= kMaxStackMallocSize;
bool DoDynamicAlloca = ClDynamicAllocaStack; bool DoDynamicAlloca = ClDynamicAllocaStack;
// Don't do dynamic alloca or stack malloc if: // Don't do dynamic alloca or stack malloc if:
// 1) There is inline asm: too often it makes assumptions on which registers // 1) There is inline asm: too often it makes assumptions on which registers
// are available. // are available.
// 2) There is a returns_twice call (typically setjmp), which is // 2) There is a returns_twice call (typically setjmp), which is
// optimization-hostile, and doesn't play well with introduced indirect // optimization-hostile, and doesn't play well with introduced indirect
// register-relative calculation of local variable addresses. // register-relative calculation of local variable addresses.
DoDynamicAlloca &= !HasInlineAsm && !HasReturnsTwiceCall; DoDynamicAlloca &= !HasInlineAsm && !HasReturnsTwiceCall;
DoStackMalloc &= !HasInlineAsm && !HasReturnsTwiceCall; DoStackMalloc &= !HasInlineAsm && !HasReturnsTwiceCall;
Value *StaticAlloca = Value *StaticAlloca =
DoDynamicAlloca ? nullptr : createAllocaForLayout(IRB, L, false); DoDynamicAlloca ? nullptr : createAllocaForLayout(IRB, L, false);
Value *FakeStack; Value *FakeStack;
Value *LocalStackBase; Value *LocalStackBase;
Value *LocalStackBaseAlloca; Value *LocalStackBaseAlloca;
uint8_t DIExprFlags = DIExpression::ApplyOffset; uint8_t DIExprFlags = DIExpression::ApplyOffset;
if (DoStackMalloc) { if (DoStackMalloc) {
LocalStackBaseAlloca = LocalStackBaseAlloca =
IRB.CreateAlloca(IntptrTy, nullptr, "asan_local_stack_base"); IRB.CreateAlloca(IntptrTy, nullptr, "asan_local_stack_base");
// void *FakeStack = __asan_option_detect_stack_use_after_return // void *FakeStack = __asan_option_detect_stack_use_after_return
// ? __asan_stack_malloc_N(LocalStackSize) // ? __asan_stack_malloc_N(LocalStackSize)
// : nullptr; // : nullptr;
// void *LocalStackBase = (FakeStack) ? FakeStack : alloca(LocalStackSize); // void *LocalStackBase = (FakeStack) ? FakeStack : alloca(LocalStackSize);
vitalybukaUnsubmitted
Done
ReplyInline Actions

this comment applies to inside of the "then" branch only

Please insert corresponsing spseudo code for else branch:
void *FakeStack = __asan_stack_malloc_N(LocalStackSize);
 void *LocalStackBase = (FakeStack) ? FakeStack : alloca(LocalStackSize);

vitalybuka: this comment applies to inside of the "then" branch only Please insert corresponsing spseudo…
if (ClUseAfterReturn == AsanDetectStackUseAfterReturnMode::Runtime) {
Constant *OptionDetectUseAfterReturn = F.getParent()->getOrInsertGlobal( Constant *OptionDetectUseAfterReturn = F.getParent()->getOrInsertGlobal(
kAsanOptionDetectUseAfterReturn, IRB.getInt32Ty()); kAsanOptionDetectUseAfterReturn, IRB.getInt32Ty());
Value *UseAfterReturnIsEnabled = IRB.CreateICmpNE( Value *UseAfterReturnIsEnabled = IRB.CreateICmpNE(
IRB.CreateLoad(IRB.getInt32Ty(), OptionDetectUseAfterReturn), IRB.CreateLoad(IRB.getInt32Ty(), OptionDetectUseAfterReturn),
Constant::getNullValue(IRB.getInt32Ty())); Constant::getNullValue(IRB.getInt32Ty()));
Instruction *Term = Instruction *Term =
SplitBlockAndInsertIfThen(UseAfterReturnIsEnabled, InsBefore, false); SplitBlockAndInsertIfThen(UseAfterReturnIsEnabled, InsBefore, false);
IRBuilder<> IRBIf(Term); IRBuilder<> IRBIf(Term);
StackMallocIdx = StackMallocSizeClass(LocalStackSize); StackMallocIdx = StackMallocSizeClass(LocalStackSize);
assert(StackMallocIdx <= kMaxAsanStackMallocSizeClass); assert(StackMallocIdx <= kMaxAsanStackMallocSizeClass);
Value *FakeStackValue = Value *FakeStackValue =
IRBIf.CreateCall(AsanStackMallocFunc[StackMallocIdx], IRBIf.CreateCall(AsanStackMallocFunc[StackMallocIdx],
ConstantInt::get(IntptrTy, LocalStackSize)); ConstantInt::get(IntptrTy, LocalStackSize));
IRB.SetInsertPoint(InsBefore); IRB.SetInsertPoint(InsBefore);
FakeStack = createPHI(IRB, UseAfterReturnIsEnabled, FakeStackValue, Term, FakeStack = createPHI(IRB, UseAfterReturnIsEnabled, FakeStackValue, Term,
ConstantInt::get(IntptrTy, 0)); ConstantInt::get(IntptrTy, 0));
Value *NoFakeStack = Value *NoFakeStack =
IRB.CreateICmpEQ(FakeStack, Constant::getNullValue(IntptrTy)); IRB.CreateICmpEQ(FakeStack, Constant::getNullValue(IntptrTy));
Term = SplitBlockAndInsertIfThen(NoFakeStack, InsBefore, false); Term = SplitBlockAndInsertIfThen(NoFakeStack, InsBefore, false);
IRBIf.SetInsertPoint(Term); IRBIf.SetInsertPoint(Term);
Value *AllocaValue = Value *AllocaValue = DoDynamicAlloca
DoDynamicAlloca ? createAllocaForLayout(IRBIf, L, true) : StaticAlloca; ? createAllocaForLayout(IRBIf, L, true)
: StaticAlloca;
IRB.SetInsertPoint(InsBefore); IRB.SetInsertPoint(InsBefore);
LocalStackBase = createPHI(IRB, NoFakeStack, AllocaValue, Term, FakeStack); LocalStackBase =
createPHI(IRB, NoFakeStack, AllocaValue, Term, FakeStack);
IRB.CreateStore(LocalStackBase, LocalStackBaseAlloca); IRB.CreateStore(LocalStackBase, LocalStackBaseAlloca);
DIExprFlags |= DIExpression::DerefBefore; DIExprFlags |= DIExpression::DerefBefore;
vitalybukaUnsubmitted
Done
ReplyInline Actions

we porbably need entire thing in the else branch
AsanStackMallocFunc[StackMallocIdx] may return NULL in runtime
so we need NoFakeStack branch as well

This is future oportunity to improve: make compiler-rt never return NULL so we can remove CreateICmpEQ and one branch

vitalybuka: we porbably need entire thing in the else branch AsanStackMallocFunc[StackMallocIdx] may return…
} else { } else {
// assert(ClUseAfterReturn == AsanDetectStackUseAfterReturnMode:Always)
vitalybukaUnsubmitted
Not Done
ReplyInline Actions

do you want to uncomment and keep it?

vitalybuka: do you want to uncomment and keep it?
kdaAuthorUnsubmitted
Done
ReplyInline Actions

No. I only meant it as a comment for clarity.

kda: No. I only meant it as a comment for clarity.
StackMallocIdx = StackMallocSizeClass(LocalStackSize);
FakeStack = IRB.CreateCall(AsanStackMallocFunc[StackMallocIdx],
ConstantInt::get(IntptrTy, LocalStackSize));
IRB.SetInsertPoint(InsBefore);
Value *AllocValue =
DoDynamicAlloca ? createAllocaForLayout(IRB, L, true) : StaticAlloca;
LocalStackBase = (FakeStack) ? FakeStack : AllocValue;
vitalybukaUnsubmitted
Done
ReplyInline Actions

FakeStack is LLVM object which represent result of the function call
(FakeStack) is never NULL, however in runtime it can contain NULL, so we need to compile IRB.CreateICmpEQ(FakeStack, Constant::getNullValue(IntptrTy)); like above

vitalybuka: FakeStack is LLVM object which represent result of the function call (FakeStack) is never NULL…
}
} else {
// void *FakeStack = nullptr; // void *FakeStack = nullptr;
// void *LocalStackBase = alloca(LocalStackSize); // void *LocalStackBase = alloca(LocalStackSize);
FakeStack = ConstantInt::get(IntptrTy, 0); FakeStack = ConstantInt::get(IntptrTy, 0);
LocalStackBase = LocalStackBase =
DoDynamicAlloca ? createAllocaForLayout(IRB, L, true) : StaticAlloca; DoDynamicAlloca ? createAllocaForLayout(IRB, L, true) : StaticAlloca;
LocalStackBaseAlloca = LocalStackBase; LocalStackBaseAlloca = LocalStackBase;
} }
▲ Show 20 LinesShow All 223 LinesShow Last 20 Lines

llvm/test/Instrumentation/AddressSanitizer/lifetime-uar-uas.ll

; Test handling of llvm.lifetime intrinsics in UAR/UAS modes. ; Test handling of llvm.lifetime intrinsics in UAR/UAS modes.
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=0 -asan-use-after-scope=0 -S | FileCheck %s ; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=never -asan-use-after-scope=0 -S | FileCheck %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=0 -asan-use-after-scope=0 -S | FileCheck %s ; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=never -asan-use-after-scope=0 -S | FileCheck %s
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=1 -asan-use-after-scope=0 -S | FileCheck %s ; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=runtime -asan-use-after-scope=0 -S | FileCheck %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=1 -asan-use-after-scope=0 -S | FileCheck %s ; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=runtime -asan-use-after-scope=0 -S | FileCheck %s
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=0 -asan-use-after-scope=1 -S | FileCheck %s --check-prefix=CHECK-UAS ; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=always -asan-use-after-scope=0 -S | FileCheck %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=0 -asan-use-after-scope=1 -S | FileCheck %s --check-prefix=CHECK-UAS ; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=always -asan-use-after-scope=0 -S | FileCheck %s
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=1 -asan-use-after-scope=1 -S | FileCheck %s --check-prefix=CHECK-UAS ; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=never -asan-use-after-scope=1 -S | FileCheck %s --check-prefix=CHECK-UAS
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=1 -asan-use-after-scope=1 -S | FileCheck %s --check-prefix=CHECK-UAS ; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=never -asan-use-after-scope=1 -S | FileCheck %s --check-prefix=CHECK-UAS
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=runtime -asan-use-after-scope=1 -S | FileCheck %s --check-prefix=CHECK-UAS
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=runtime -asan-use-after-scope=1 -S | FileCheck %s --check-prefix=CHECK-UAS
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=always -asan-use-after-scope=1 -S | FileCheck %s --check-prefix=CHECK-UAS
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=always -asan-use-after-scope=1 -S | FileCheck %s --check-prefix=CHECK-UAS
target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128" target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"
declare void @llvm.lifetime.start.p0i8(i64, i8* nocapture) nounwind declare void @llvm.lifetime.start.p0i8(i64, i8* nocapture) nounwind
declare void @llvm.lifetime.end.p0i8(i64, i8* nocapture) nounwind declare void @llvm.lifetime.end.p0i8(i64, i8* nocapture) nounwind
define i32 @basic_test() sanitize_address { define i32 @basic_test() sanitize_address {
; CHECK-LABEL: define i32 @basic_test() ; CHECK-LABEL: define i32 @basic_test()
Show All 28 Lines

llvm/test/Instrumentation/AddressSanitizer/localescape.ll

; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return -asan-stack-dynamic-alloca -S | FileCheck %s ; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=never -asan-stack-dynamic-alloca -S | FileCheck %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return -asan-stack-dynamic-alloca -S | FileCheck %s ; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=never -asan-stack-dynamic-alloca -S | FileCheck %s
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=0 -asan-stack-dynamic-alloca=0 -S | FileCheck %s ; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=runtime -asan-stack-dynamic-alloca -S | FileCheck %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=0 -asan-stack-dynamic-alloca=0 -S | FileCheck %s ; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=runtime -asan-stack-dynamic-alloca -S | FileCheck %s
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=always -asan-stack-dynamic-alloca -S | FileCheck %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=always -asan-stack-dynamic-alloca -S | FileCheck %s
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=never -asan-stack-dynamic-alloca=0 -S | FileCheck %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=never -asan-stack-dynamic-alloca=0 -S | FileCheck %s
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=runtime -asan-stack-dynamic-alloca=0 -S | FileCheck %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=runtime -asan-stack-dynamic-alloca=0 -S | FileCheck %s
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=always -asan-stack-dynamic-alloca=0 -S | FileCheck %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=always -asan-stack-dynamic-alloca=0 -S | FileCheck %s
target datalayout = "e-m:x-p:32:32-i64:64-f80:32-n8:16:32-a:0:32-S32" target datalayout = "e-m:x-p:32:32-i64:64-f80:32-n8:16:32-a:0:32-S32"
target triple = "i686-pc-windows-msvc18.0.0" target triple = "i686-pc-windows-msvc18.0.0"
declare i32 @llvm.eh.typeid.for(i8*) #2 declare i32 @llvm.eh.typeid.for(i8*) #2
declare i8* @llvm.frameaddress(i32) declare i8* @llvm.frameaddress(i32)
declare i8* @llvm.eh.recoverfp(i8*, i8*) declare i8* @llvm.eh.recoverfp(i8*, i8*)
declare i8* @llvm.localrecover(i8*, i8*, i32) declare i8* @llvm.localrecover(i8*, i8*, i32)
▲ Show 20 LinesShow All 76 LinesShow Last 20 Lines

llvm/test/Instrumentation/AddressSanitizer/stack-poisoning.ll

; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return -S | FileCheck --check-prefix=CHECK-UAR %s ; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=never -S | FileCheck --check-prefix=CHECK-PLAIN %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return -S | FileCheck --check-prefix=CHECK-UAR %s ; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=never -S | FileCheck --check-prefix=CHECK-PLAIN %s
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=0 -S | FileCheck --check-prefix=CHECK-PLAIN %s ; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=runtime -S | FileCheck --check-prefixes=CHECK-UAR,CHECK-UAR-RUNTIME %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=0 -S | FileCheck --check-prefix=CHECK-PLAIN %s ; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=runtime -S | FileCheck --check-prefixes=CHECK-UAR,CHECK-UAR-RUNTIME %s
; RUN: opt < %s -asan -asan-module -enable-new-pm=0 -asan-use-after-return=always -S | FileCheck --check-prefixes=CHECK-UAR,CHECK-UAR-NORUNTIME %s
; RUN: opt < %s -passes='asan-pipeline' -asan-use-after-return=always -S | FileCheck --check-prefix=CHECK-UAR %s
target datalayout = "e-i64:64-f80:128-s:64-n8:16:32:64-S128" target datalayout = "e-i64:64-f80:128-s:64-n8:16:32:64-S128"
target triple = "x86_64-unknown-linux-gnu" target triple = "x86_64-unknown-linux-gnu"
declare void @Foo(i8*) declare void @Foo(i8*)
define void @Bar() uwtable sanitize_address { define void @Bar() uwtable sanitize_address {
entry: entry:
; CHECK-PLAIN-LABEL: Bar ; CHECK-PLAIN-LABEL: Bar
; CHECK-PLAIN-NOT: label ; CHECK-PLAIN-NOT: label
; CHECK-PLAIN: ret void ; CHECK-PLAIN: ret void
; CHECK-UAR-LABEL: Bar ; CHECK-UAR-LABEL: Bar
; CHECK-UAR: load i32, i32* @__asan_option_detect_stack_use_after_return ; CHECK-UAR-RUNTIME: load i32, i32* @__asan_option_detect_stack_use_after_return
; CHECK-UAR: label ; CHECK-UAR-RUNTIME: label
; CHECK-UAR-NORUNTIME-NOT: load i32, i32* @__asan_option_detect_stack_use_after_return
vitalybukaUnsubmitted
Done
ReplyInline Actions

this statements checks that there is no this line in after previous check
more reliable is to add --implicit-check-not=asan_option_detect_stack_use_after_return into FileCheck arg to make sure it's not there at all

vitalybuka: this statements checks that there is no this line in after previous check more reliable is to…
; CHECK-UAR-NORUNTIME-NOT: label
; CHECK-UAR: call i64 @__asan_stack_malloc_4 ; CHECK-UAR: call i64 @__asan_stack_malloc_4
vitalybukaUnsubmitted
Not Done
ReplyInline Actions

It would be nice to check for CreateICmpEQ
But probably D102867 is enough

vitalybuka: It would be nice to check for CreateICmpEQ But probably D102867 is enough
kdaAuthorUnsubmitted
Done
ReplyInline Actions

ack.

kda: ack.
; CHECK-UAR: label ; CHECK-UAR-RUNTIME: label
; Poison red zones. ; Poison red zones.
; CHECK-UAR: store i64 -1007680412564983311 ; CHECK-UAR: store i64 -1007680412564983311
; CHECK-UAR: store i64 72057598113936114 ; CHECK-UAR: store i64 72057598113936114
; CHECK-UAR: store i32 -218959118 ; CHECK-UAR: store i32 -218959118
; CHECK-UAR: store i64 -868082074056920316 ; CHECK-UAR: store i64 -868082074056920316
; CHECK-UAR: store i16 -3085 ; CHECK-UAR: store i16 -3085
; CHECK-UAR: call void @Foo ; CHECK-UAR: call void @Foo
; CHECK-UAR: call void @Foo ; CHECK-UAR: call void @Foo
Show All 32 Lines

llvm/test/Instrumentation/AddressSanitizer/stack_dynamic_alloca.ll

; RUN: opt < %s -asan -asan-module -asan-stack-dynamic-alloca \ ; RUN: opt < %s -asan -asan-module -asan-stack-dynamic-alloca \
; RUN: -asan-use-after-return -S -enable-new-pm=0 | FileCheck %s ; RUN: -asan-use-after-return=runtime -S -enable-new-pm=0 | FileCheck %s --check-prefixes=CHECK-RUNTIME
; RUN: opt < %s -passes='asan-pipeline' -asan-stack-dynamic-alloca \ ; RUN: opt < %s -passes='asan-pipeline' -asan-stack-dynamic-alloca \
; RUN: -asan-use-after-return -S | FileCheck %s ; RUN: -asan-use-after-return=runtime -S | FileCheck %s --check-prefixes=CHECK-RUNTIME
; RUN: opt < %s -asan -asan-module -asan-stack-dynamic-alloca -asan-mapping-scale=5 \ ; RUN: opt < %s -asan -asan-module -asan-stack-dynamic-alloca -asan-mapping-scale=5 \
; RUN: -asan-use-after-return -S -enable-new-pm=0 | FileCheck %s ; RUN: -asan-use-after-return=runtime -S -enable-new-pm=0 | FileCheck %s --check-prefixes=CHECK-RUNTIME
; RUN: opt < %s -passes='asan-pipeline' -asan-stack-dynamic-alloca -asan-mapping-scale=5 \ ; RUN: opt < %s -asan -asan-module -asan-stack-dynamic-alloca \
; RUN: -asan-use-after-return -S | FileCheck %s ; RUN: -asan-use-after-return=always -S -enable-new-pm=0 | FileCheck %s --check-prefixes=CHECK-NORUNTIME
; RUN: opt < %s -passes='asan-pipeline' -asan-stack-dynamic-alloca \
; RUN: -asan-use-after-return=always -S | FileCheck %s --check-prefixes=CHECK-NORUNTIME
; RUN: opt < %s -asan -asan-module -asan-stack-dynamic-alloca -asan-mapping-scale=5 \
; RUN: -asan-use-after-return=always -S -enable-new-pm=0 | FileCheck %s --check-prefixes=CHECK-NORUNTIME
target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128" target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64-S128"
target triple = "x86_64-unknown-linux-gnu" target triple = "x86_64-unknown-linux-gnu"
define void @Func1() sanitize_address { define void @Func1() sanitize_address {
entry: entry:
; CHECK-LABEL: Func1 ; CHECK-LABEL: Func1
; CHECK: entry: ; CHECK: entry:
; CHECK: load i32, i32* @__asan_option_detect_stack_use_after_return ; CHECK-RUNTIME: load i32, i32* @__asan_option_detect_stack_use_after_return
; CHECK-NORUNTIME-NOT: load i32, i32* @__asan_option_detect_stack_use_after_return
vitalybukaUnsubmitted
Done
ReplyInline Actions

same

vitalybuka: same
; CHECK: [[UAR_ENABLED_BB:^[0-9]+]]: ; CHECK: [[UAR_ENABLED_BB:^[0-9]+]]:
; CHECK: [[FAKE_STACK_RT:%[0-9]+]] = call i64 @__asan_stack_malloc_ ; CHECK: [[FAKE_STACK_RT:%[0-9]+]] = call i64 @__asan_stack_malloc_
; CHECK: [[FAKE_STACK_BB:^[0-9]+]]: ; CHECK: [[FAKE_STACK_BB:^[0-9]+]]:
; CHECK: [[FAKE_STACK:%[0-9]+]] = phi i64 [ 0, %entry ], [ [[FAKE_STACK_RT]], %[[UAR_ENABLED_BB]] ] ; CHECK: [[FAKE_STACK:%[0-9]+]] = phi i64 [ 0, %entry ], [ [[FAKE_STACK_RT]], %[[UAR_ENABLED_BB]] ]
; CHECK: icmp eq i64 [[FAKE_STACK]], 0 ; CHECK: icmp eq i64 [[FAKE_STACK]], 0
▲ Show 20 LinesShow All 58 LinesShow Last 20 Lines